culturaenegocios.com.br Open in urlscan Pro
2a02:4780:13:990:0:71e:fb98:2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://culturaenegocios.com.br/
Effective URL:
https://culturaenegocios.com.br/
Submission: On January 26 via api (January 26th 2024, 4:38:57 am UTC) from US — Scanned from DE

Summary HTTP 327 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 87 IPs in 11 countries across 74 domains to perform 327 HTTP transactions. The main IP is 2a02:4780:13:990:0:71e:fb98:2, located in São Paulo, Brazil and belongs to AS-HOSTINGER, CY. The main domain is culturaenegocios.com.br.
TLS certificate: Issued by R3 on December 6th 2023. Valid for: 3 months.

This is the only time culturaenegocios.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 81	2a02:4780:13:... 2a02:4780:13:990:0:71e:fb98:2	47583 (AS-HOSTINGER) (AS-HOSTINGER)
3	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
3	205.234.175.175 205.234.175.175	23352 (SERVERCEN...) (SERVERCENTRAL)
6	13.32.27.44 13.32.27.44	16509 (AMAZON-02) (AMAZON-02)
24	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:d63b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
3	2606:4700:440... 2606:4700:4400::ac40:919c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	18.239.83.98 18.239.83.98	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
4	52.87.124.31 52.87.124.31	14618 (AMAZON-AES) (AMAZON-AES)
5	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	108.138.6.136 108.138.6.136	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::681a:9a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	212.36.83.245 212.36.83.245	15699 (AS_ADAM A...) (AS_ADAM Adam Datacenter)
3 6	193.3.178.4 193.3.178.4	399668 (E-PLANNING-) (E-PLANNING-)
3	2606:4700:440... 2606:4700:4400::ac40:994e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2602:803:c004... 2602:803:c004:200::140	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	172.64.152.89 172.64.152.89	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	65.9.66.97 65.9.66.97	16509 (AMAZON-02) (AMAZON-02)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
1	178.32.210.227 178.32.210.227	16276 (OVH) (OVH)
1	34.149.50.64 34.149.50.64	15169 (GOOGLE) (GOOGLE)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	54.220.173.30 54.220.173.30	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.128 99.86.4.128	16509 (AMAZON-02) (AMAZON-02)
3	18.245.47.29 18.245.47.29	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.73.37.218 52.73.37.218	14618 (AMAZON-AES) (AMAZON-AES)
1	35.201.123.184 35.201.123.184	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6	2606:4700::68... 2606:4700::6810:ff3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
3	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	162.19.138.119 162.19.138.119	16276 (OVH) (OVH)
14	2606:4700:10:... 2606:4700:10::6816:3262	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.79.89.214 104.79.89.214	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
1	212.36.83.246 212.36.83.246	15699 (AS_ADAM A...) (AS_ADAM Adam Datacenter)
1	37.157.4.29 37.157.4.29	198622 (ADFORM) (ADFORM)
1 2	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	98.98.134.241 98.98.134.241	21859 (ZEN-ECN) (ZEN-ECN)
2 4	35.214.149.91 35.214.149.91	15169 (GOOGLE) (GOOGLE)
2	34.160.236.64 34.160.236.64	15169 (GOOGLE) (GOOGLE)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
1	34.102.185.99 34.102.185.99	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 6	185.89.210.180 185.89.210.180	29990 (ASN-APPNEX) (ASN-APPNEX)
7 22	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
3 4	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 3	37.157.2.229 37.157.2.229	198622 (ADFORM) (ADFORM)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:659... 2600:1f18:6593:f602:82a0:df8e:67ea:6e72	14618 (AMAZON-AES) (AMAZON-AES)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	52.19.82.212 52.19.82.212	16509 (AMAZON-02) (AMAZON-02)
1	54.78.254.47 54.78.254.47	16509 (AMAZON-02) (AMAZON-02)
2 2	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	34.111.131.239 34.111.131.239	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	185.15.245.81 185.15.245.81	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
3 4	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
1 1	34.241.159.104 34.241.159.104	16509 (AMAZON-02) (AMAZON-02)
2	108.128.229.209 108.128.229.209	16509 (AMAZON-02) (AMAZON-02)
1	168.119.146.39 168.119.146.39	24940 (HETZNER-AS) (HETZNER-AS)
2 2	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
1 1	44.209.190.13 44.209.190.13	14618 (AMAZON-AES) (AMAZON-AES)
1 2	67.220.226.234 67.220.226.234	16509 (AMAZON-02) (AMAZON-02)
1	72.246.169.24 72.246.169.24	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	52.212.121.130 52.212.121.130	16509 (AMAZON-02) (AMAZON-02)
1 1	2620:116:800d... 2620:116:800d:21:c5a4:625:6563:a5bb	16509 (AMAZON-02) (AMAZON-02)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2 4	108.128.8.111 108.128.8.111	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
5 9	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	151.101.129.91 151.101.129.91	54113 (FASTLY) (FASTLY)
2	108.177.15.154 108.177.15.154	15169 (GOOGLE) (GOOGLE)
2	2600:9000:223... 2600:9000:223f:6a00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
14	2600:1f13:800... 2600:1f13:800:7780:bad:39fb:3054:9ae2	16509 (AMAZON-02) (AMAZON-02)
8	142.250.184.230 142.250.184.230	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2006	15169 (GOOGLE) (GOOGLE)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
2 2	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1 1	2a05:d018:d29... 2a05:d018:d29:3602:5ae9:3b9c:4769:a477	16509 (AMAZON-02) (AMAZON-02)
1 1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	52.51.137.146 52.51.137.146	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:21::1690	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:211... 2600:9000:211e:7000:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
327	87

81 2a02:4780:13:990:0:71e:fb98:2 (São Paulo, Brazil) 1 redirects

ASN47583 (AS-HOSTINGER, CY)

culturaenegocios.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 205.234.175.175 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: vip1.G-anycast1.cachefly.net

api.cazamba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.cazamba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.32.27.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-44.fra56.r.cloudfront.net

tagmanager.alright.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:d63b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:4400::ac40:919c (United States)

ASN13335 (CLOUDFLARENET, US)

scripts.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ui.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
call.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.239.83.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-83-98.ams58.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.87.124.31 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-87-124-31.compute-1.amazonaws.com

as.cazamba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 108.138.6.136 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-6-136.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 212.36.83.245 (Sant Vicenç dels Horts, Spain)

ASN15699 (AS_ADAM Adam Datacenter, ES)
PTR: lb1.vdmy.dtic.es

d.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 193.3.178.4 (United States) 3 redirects

ASN399668 (E-PLANNING-, US)
PTR: ads.us.e-planning.net

pbjs.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:4400::ac40:994e (United States)

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2602:803:c004:200::140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.152.89 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-97.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pm-widget.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.32.210.227 (France)

ASN16276 (OVH, FR)
PTR: ip227.ip-178-32-210.eu

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.149.50.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.50.149.34.bc.googleusercontent.com

s.seedtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.220.173.30 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-173-30.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-128.fra6.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.245.47.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-47-29.fra56.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.73.37.218 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-37-218.compute-1.amazonaws.com

prod.us-east-1.cxm-bcn.publisher-services.amazon.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.123.184 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 184.123.201.35.bc.googleusercontent.com

d.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:ff3 (United States)

ASN13335 (CLOUDFLARENET, US)

tag.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
usr.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync2.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:10::6816:3262 (United States)

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.79.89.214 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-79-89-214.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.36.83.246 (Sant Vicenç dels Horts, Spain)

ASN15699 (AS_ADAM Adam Datacenter, ES)
PTR: lb2.vdmy.dtic.es

a-prebid.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.4.29 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 98.98.134.241 (United States)

ASN21859 (ZEN-ECN, US)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.214.149.91 (Groningen, Netherlands) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 91.149.214.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.160.236.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.236.160.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

pm-widget.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.185.99 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 99.185.102.34.bc.googleusercontent.com

d.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.89.210.180 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 142.250.185.194 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.111.113.62 (Kansas City, United States) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.2.229 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:6593:f602:82a0:df8e:67ea:6e72 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dmp.v.fwmrm.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.19.82.212 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-82-212.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com

loadeu.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.159.118 (Loerrach, Germany) 2 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.131.239 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com

idsync.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.15.245.81 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

dmp.theadex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.75.62.37 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.241.159.104 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-159-104.eu-west-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.128.229.209 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-229-209.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 168.119.146.39 (Frankfurt am Main, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.39.146.119.168.clients.your-server.de

sync.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.209.190.13 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-209-190-13.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.220.226.234 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.246.169.24 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a72-246-169-24.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.212.121.130 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-121-130.eu-west-1.compute.amazonaws.com

obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:c5a4:625:6563:a5bb (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 108.128.8.111 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-8-111.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.64.151.101 (United States) 5 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.91 (United States) 1 redirects

ASN54113 (FASTLY, US)

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.177.15.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wr-in-f154.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223f:6a00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2600:1f13:800:7780:bad:39fb:3054:9ae2 (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.184.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.0.66 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:5ae9:3b9c:4769:a477 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.51.137.146 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-137-146.eu-west-1.compute.amazonaws.com

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:21::1690 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:7000:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.228.174.117 (United Kingdom) 3 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
81	culturaenegocios.com.br 1 redirects culturaenegocios.com.br	2 MB
40	doubleclick.net 7 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 stats.g.doubleclick.net — Cisco Umbrella Rank: 79 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209 cm.g.doubleclick.net — Cisco Umbrella Rank: 260 bid.g.doubleclick.net — Cisco Umbrella Rank: 917 ad.doubleclick.net — Cisco Umbrella Rank: 163	291 KB
35	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 157	394 KB
20	adsafeprotected.com 2 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 1004 static.adsafeprotected.com — Cisco Umbrella Rank: 721 dt.adsafeprotected.com — Cisco Umbrella Rank: 719	220 KB
14	zeotap.com spl.zeotap.com — Cisco Umbrella Rank: 3325 mwzeom.zeotap.com — Cisco Umbrella Rank: 3434	5 KB
11	amazon-adsystem.com 1 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 314 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 591 aax.amazon-adsystem.com — Cisco Umbrella Rank: 395 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 801	79 KB
9	casalemedia.com 5 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 497	6 KB
8	gstatic.com fonts.gstatic.com www.gstatic.com	479 KB
8	google.com www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 2616	47 KB
7	rubiconproject.com 1 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 520 eus.rubiconproject.com — Cisco Umbrella Rank: 579 pixel.rubiconproject.com — Cisco Umbrella Rank: 381 token.rubiconproject.com — Cisco Umbrella Rank: 477	14 KB
7	cazamba.com api.cazamba.com — Cisco Umbrella Rank: 300853 as.cazamba.com — Cisco Umbrella Rank: 255967 cdn.cazamba.com — Cisco Umbrella Rank: 355907	113 KB
6	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 336	186 KB
6	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 253	5 KB
6	navdmp.com tag.navdmp.com — Cisco Umbrella Rank: 33495 usr.navdmp.com — Cisco Umbrella Rank: 38610 cdn.navdmp.com — Cisco Umbrella Rank: 25060 sync2.navdmp.com — Cisco Umbrella Rank: 61391 sync.navdmp.com — Cisco Umbrella Rank: 21190	6 KB
6	e-planning.net 3 redirects pbjs.e-planning.net — Cisco Umbrella Rank: 6942	4 KB
6	alright.network tagmanager.alright.network — Cisco Umbrella Rank: 550291	671 KB
5	yahoo.com 4 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 1388 ups.analytics.yahoo.com — Cisco Umbrella Rank: 358 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 495	1 KB
5	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1024 pm-widget.taboola.com — Cisco Umbrella Rank: 3284 trc.taboola.com — Cisco Umbrella Rank: 646	299 KB
5	4dex.io script.4dex.io — Cisco Umbrella Rank: 1603 mp.4dex.io — Cisco Umbrella Rank: 2539	25 KB
4	tapad.com 3 redirects pixel.tapad.com — Cisco Umbrella Rank: 501	2 KB
4	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 373	2 KB
4	adform.net 2 redirects cm.adform.net — Cisco Umbrella Rank: 1147 dmp.adform.net — Cisco Umbrella Rank: 3041 c1.adform.net — Cisco Umbrella Rank: 583	2 KB
4	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 423 dis.criteo.com — Cisco Umbrella Rank: 608	7 KB
4	openx.net 2 redirects oajs.openx.net — Cisco Umbrella Rank: 1736 rtb.openx.net — Cisco Umbrella Rank: 625 google-bidout-d.openx.net — Cisco Umbrella Rank: 1735	1 KB
4	vidoomy.com d.vidoomy.com — Cisco Umbrella Rank: 14853 a-prebid.vidoomy.com — Cisco Umbrella Rank: 17774	2 KB
4	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 177	3 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28 ajax.googleapis.com — Cisco Umbrella Rank: 369 imasdk.googleapis.com — Cisco Umbrella Rank: 485	293 KB
3	krxd.net 1 redirects beacon.krxd.net — Cisco Umbrella Rank: 784 usermatch.krxd.net — Cisco Umbrella Rank: 1811	943 B
3	crwdcntrl.net 1 redirects tags.crwdcntrl.net — Cisco Umbrella Rank: 1005 bcp.crwdcntrl.net — Cisco Umbrella Rank: 898	12 KB
3	cleverwebserver.com scripts.cleverwebserver.com — Cisco Umbrella Rank: 29111 ui.cleverwebserver.com — Cisco Umbrella Rank: 30174 call.cleverwebserver.com — Cisco Umbrella Rank: 30865	47 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	225 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 547	2 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 874 s.tribalfusion.com — Cisco Umbrella Rank: 2405	1 KB
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 671	881 B
2	travelaudience.com 2 redirects ads.travelaudience.com — Cisco Umbrella Rank: 5893	929 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	130 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 716	915 B
2	weborama.fr 2 redirects idsync.frontend.weborama.fr — Cisco Umbrella Rank: 25870	909 B
2	adition.com 2 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1552	1 KB
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 239	1 KB
2	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 1375	298 B
2	tailtarget.com d.tailtarget.com — Cisco Umbrella Rank: 85710 d.t.tailtarget.com — Cisco Umbrella Rank: 299602	6 KB
2	amazon.dev prod.us-east-1.cxm-bcn.publisher-services.amazon.dev — Cisco Umbrella Rank: 3568	128 B
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 857 id5-sync.com — Cisco Umbrella Rank: 425	29 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1373	574 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 662	237 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3445	104 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 53518	610 B
1	mathtag.com 1 redirects pixel.mathtag.com — Cisco Umbrella Rank: 2055	459 B
1	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 764	693 B
1	imrworldwide.com 1 redirects obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com — Cisco Umbrella Rank: 4870	246 B
1	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 727	145 B
1	richaudience.com sync.richaudience.com — Cisco Umbrella Rank: 1717	65 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 544	530 B
1	theadex.com dmp.theadex.com — Cisco Umbrella Rank: 22706	84 B
1	exelator.com loadeu.exelator.com — Cisco Umbrella Rank: 9844	324 B
1	pubmatic.com image6.pubmatic.com — Cisco Umbrella Rank: 805	166 B
1	fwmrm.net dmp.v.fwmrm.net — Cisco Umbrella Rank: 13621	460 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 357	149 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 722	187 B
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 914	283 B
1	seedtag.com s.seedtag.com — Cisco Umbrella Rank: 1839	375 B
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 2253	1 KB
1	33across.com cdn-ima.33across.com — Cisco Umbrella Rank: 1299	6 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1833	8 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 657	13 KB
1	smartadserver.com prg.smartadserver.com — Cisco Umbrella Rank: 1533 Failed	573 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 324	2 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	31 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6518	408 B
1	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 4149
0	bemail.it Failed bn01.er.bemail.it Failed
0	tidaltv.com Failed sync.tidaltv.com Failed
327	74

	Domain	Requested by
81	culturaenegocios.com.br	1 redirects culturaenegocios.com.br
24	pagead2.googlesyndication.com	culturaenegocios.com.br pagead2.googlesyndication.com fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com tpc.googlesyndication.com fw.adsafeprotected.com www.googletagservices.com
22	cm.g.doubleclick.net	7 redirects spl.zeotap.com googleads.g.doubleclick.net fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com
14	dt.adsafeprotected.com	fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com culturaenegocios.com.br
12	mwzeom.zeotap.com	spl.zeotap.com
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
8	tpc.googlesyndication.com	fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
7	www.google.com	culturaenegocios.com.br www.gstatic.com www.google.com fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com
6	s0.2mdn.net	fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com culturaenegocios.com.br s0.2mdn.net
6	ib.adnxs.com	3 redirects spl.zeotap.com googleads.g.doubleclick.net
6	pbjs.e-planning.net	3 redirects culturaenegocios.com.br
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com
6	tagmanager.alright.network	culturaenegocios.com.br tagmanager.alright.network
5	c.amazon-adsystem.com	tagmanager.alright.network c.amazon-adsystem.com
5	securepubads.g.doubleclick.net	tagmanager.alright.network securepubads.g.doubleclick.net
5	fonts.gstatic.com	culturaenegocios.com.br
4	ad.doubleclick.net	fw.adsafeprotected.com culturaenegocios.com.br
4	fw.adsafeprotected.com	2 redirects fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com
4	pixel.tapad.com	3 redirects spl.zeotap.com
4	x.bidswitch.net	2 redirects spl.zeotap.com fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com
4	as.cazamba.com	api.cazamba.com as.cazamba.com
4	sb.scorecardresearch.com	culturaenegocios.com.br
3	gum.criteo.com	static.criteo.net cdn.taboola.com gum.criteo.com
3	fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	aax.amazon-adsystem.com	c.amazon-adsystem.com
3	mp.4dex.io	tagmanager.alright.network
3	d.vidoomy.com	tagmanager.alright.network
3	www.gstatic.com	www.google.com
3	www.googletagmanager.com	culturaenegocios.com.br www.googletagmanager.com
2	sync.1rx.io	2 redirects
2	c1.adform.net	2 redirects
2	ap.lijit.com	2 redirects
2	ads.travelaudience.com	2 redirects
2	static.adsafeprotected.com	fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com
2	bid.g.doubleclick.net	fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com
2	www.googletagservices.com	fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com
2	aax-eu.amazon-adsystem.com	1 redirects spl.zeotap.com
2	sync-tm.everesttech.net	2 redirects
2	beacon.krxd.net	spl.zeotap.com
2	ups.analytics.yahoo.com	1 redirects as.cazamba.com
2	cms.analytics.yahoo.com	2 redirects
2	idsync.frontend.weborama.fr	2 redirects
2	dsp.adfarm1.adition.com	2 redirects
2	dpm.demdex.net	2 redirects
2	odr.mookie1.com	culturaenegocios.com.br spl.zeotap.com
2	pixel.rubiconproject.com	1 redirects culturaenegocios.com.br
2	eus.rubiconproject.com	tagmanager.alright.network eus.rubiconproject.com
2	spl.zeotap.com	tagmanager.alright.network spl.zeotap.com
2	tag.navdmp.com	as.cazamba.com tag.navdmp.com
2	pm-widget.taboola.com	cdn.taboola.com pm-widget.taboola.com
2	prod.us-east-1.cxm-bcn.publisher-services.amazon.dev	c.amazon-adsystem.com
2	bcp.crwdcntrl.net	1 redirects tags.crwdcntrl.net
2	oajs.openx.net	1 redirects culturaenegocios.com.br
2	cdn.taboola.com	tagmanager.alright.network cdn.taboola.com
2	fastlane.rubiconproject.com	tagmanager.alright.network
2	script.4dex.io	tagmanager.alright.network script.4dex.io
2	www.google-analytics.com	api.cazamba.com www.google-analytics.com
2	imasdk.googleapis.com	api.cazamba.com tagmanager.alright.network
2	api.cazamba.com	culturaenegocios.com.br api.cazamba.com
1	sync.targeting.unrulymedia.com	1 redirects
1	s.ad.smaato.net	fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com
1	s.tribalfusion.com	fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com
1	a.tribalfusion.com	1 redirects
1	dclk-match.dotomi.com	fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com
1	ssum-sec.casalemedia.com	1 redirects
1	dis.criteo.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	gcm.ctnsnet.com	1 redirects
1	sync.navdmp.com	as.cazamba.com
1	pixel.mathtag.com	1 redirects
1	sync2.navdmp.com	as.cazamba.com
1	cdn.navdmp.com	tag.navdmp.com
1	usr.navdmp.com	tag.navdmp.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	cms.quantserve.com	1 redirects
1	obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com	1 redirects
1	tags.bluekai.com	spl.zeotap.com
1	usermatch.krxd.net	1 redirects
1	sync.richaudience.com	spl.zeotap.com
1	aa.agkn.com	1 redirects
1	dmp.theadex.com	spl.zeotap.com
1	loadeu.exelator.com	spl.zeotap.com
1	image6.pubmatic.com	spl.zeotap.com
1	dmp.v.fwmrm.net	spl.zeotap.com
1	trc.taboola.com	spl.zeotap.com
1	match.adsrvr.org	spl.zeotap.com
1	dmp.adform.net	spl.zeotap.com
1	d.t.tailtarget.com	d.tailtarget.com
1	id5-sync.com	cdn.id5-sync.com
1	google-bidout-d.openx.net	oa.openxcdn.net
1	pixel-sync.sitescout.com	culturaenegocios.com.br
1	cm.adform.net	culturaenegocios.com.br
1	a-prebid.vidoomy.com	culturaenegocios.com.br
1	rtb.openx.net	1 redirects
1	lb.eu-1-id5-sync.com	cdn.id5-sync.com
1	cdn.cazamba.com	api.cazamba.com
1	d.tailtarget.com	as.cazamba.com
1	cdn.id5-sync.com	culturaenegocios.com.br
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	s.seedtag.com	tagmanager.alright.network
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	cdn-ima.33across.com	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	prg.smartadserver.com	tagmanager.alright.network
1	cdn.jsdelivr.net	tagmanager.alright.network
1	call.cleverwebserver.com	culturaenegocios.com.br
1	ui.cleverwebserver.com	culturaenegocios.com.br
1	cdnjs.cloudflare.com	api.cazamba.com
1	ajax.googleapis.com	api.cazamba.com
1	www.google.de	culturaenegocios.com.br
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	scripts.cleverwebserver.com	culturaenegocios.com.br
1	cdn.onesignal.com	culturaenegocios.com.br
1	fonts.googleapis.com	culturaenegocios.com.br
0	bn01.er.bemail.it Failed	spl.zeotap.com
0	sync.tidaltv.com Failed	spl.zeotap.com
327	119

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
twitter.com
www.facebook.com
br.pinterest.com
www.instagram.com

Subject Issuer	Validity	Valid
culturaenegocios.com.br R3	`2023-12-06` - `2024-03-05`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.cazamba.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-27` - `2024-10-27`	a year	crt.sh
*.alright.network Amazon RSA 2048 M01	`2023-05-28` - `2024-06-25`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-03` - `2024-05-02`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
cleverwebserver.com Cloudflare Inc ECC CA-3	`2023-08-06` - `2024-08-04`	a year	crt.sh
www.google.de GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2023-12-11` - `2024-12-10`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-12-30` - `2024-12-04`	a year	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2023-10-23` - `2024-10-22`	a year	crt.sh
*.vidoomy.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-10-06`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-15` - `2024-03-10`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2024-01-22` - `2024-04-22`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-09-30`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-12-23` - `2024-03-22`	3 months	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
*.smartadserver.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-17` - `2025-01-16`	a year	crt.sh
*.seedtag.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-29` - `2024-04-15`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2024-01-21` - `2025-02-19`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev Amazon RSA 2048 M02	`2023-11-27` - `2024-12-25`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.tailtarget.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-08-09`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.eu-1-id5-sync.com R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh
*.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-25` - `2024-06-18`	a year	crt.sh
*.sitescout.com GeoTrust TLS RSA CA G1	`2024-01-15` - `2025-02-01`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.id5-sync.com R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-06` - `2024-09-19`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.v.fwmrm.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-13` - `2024-12-13`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.exelator.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-29` - `2024-06-11`	a year	crt.sh
dmp.theadex.com R3	`2023-12-20` - `2024-03-19`	3 months	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-27` - `2024-03-29`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-12`	a year	crt.sh
*.richaudience.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-02-27` - `2024-02-26`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-11` - `2024-12-11`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M01	`2023-05-09` - `2024-06-06`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
s.ad.smaato.net Amazon RSA 2048 M03	`2023-09-04` - `2024-10-02`	a year	crt.sh

This page contains 21 frames:

Primary Page: https://culturaenegocios.com.br/
Frame ID: DC59BD2D4C6BB5E1C290589C2C830DC9
Requests: 172 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/zrt_lookup_fy2021.html
Frame ID: 81C3947EDC64E4770C9E3217E88379D1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2201480789139736&output=html&adk=1812271804&adf=3025194257&lmt=1706223589&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fculturaenegocios.com.br%2F&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706243927925&bpp=3&bdt=1187&idt=215&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4441895750607&frm=20&pv=2&ga_vid=37574242.1706243928&ga_sid=1706243928&ga_hid=1470524450&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31080591%2C44785293%2C31080601%2C95320378%2C95321627%2C95322164%2C95323004%2C31061690&oid=2&pvsid=4430117617272459&tmod=1475928934&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=256
Frame ID: 58CAE4717F127C3A21C157DCD6764E21
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcRTuknAAAAAIx4BmFagOOKfXNE1xclbyyn-RG3&co=aHR0cHM6Ly9jdWx0dXJhZW5lZ29jaW9zLmNvbS5icjo0NDM.&hl=de&v=QUpyTKFkX5CIV6EF8TFSWEif&size=invisible&cb=2yk37e9esove
Frame ID: CA2D37F97B5AFC6D9FD6C865A221BD5E
Requests: 6 HTTP requests in this frame

Frame: https://as.cazamba.com/cs?publisher_id=2157&g=1706243929
Frame ID: 5F8DAF66A146BCB9DC26B70C4669DC5F
Requests: 12 HTTP requests in this frame

Frame: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4B8FBA83AF8E0E4FD7EC544A8F63248D
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=culturaenegocios.com.br
Frame ID: 3BD536D7A429068135E5822D45684FCB
Requests: 2 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: 4A6C2CC0E018F98F724A643A4869A874
Requests: 33 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 978119ADAB564F52F4489EC836F59700
Requests: 3 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: F6E00D813CB3787B2C6E208A4BF1EA2E
Requests: 1 HTTP requests in this frame

Frame: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D0E8CF51FA6177559761C4DDCE39B2F4
Requests: 28 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjIioH8ATAB&v=APEucNXutDdwcOxLsqJf7f_vEbAefXhcujn_VofUacSoKYKMHglhRMQLYcJzCBdBQKQzS_1yINWv-AGHZFrK8DqAKY_OYpgkdhsMHrXQgJ2BI3H-YvPRUUP-b4IZNCrTD3cnfgSXo2JV9ZfigYmWxebWc8W0hOZEbqxxRfT1Kh9EmW3-FFILMl8
Frame ID: 20C25004B0F1A1C5B2ECCDF5BC3DBF3A
Requests: 5 HTTP requests in this frame

Frame: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 40B8FF755F047318B3895B44D892B0DC
Requests: 28 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjIioH8ATAB&v=APEucNUggBvctL5Y4vkk9PRlcQ82LppTGOzAjLnf1yIp-VMxTWJI_iz1M5OYVlsrlE5k8lugCQEBEgAGn2D_fwNjMnzPtw_J1ystuyORQlWVoFy9_q49nvWb1Z9hz7gAzW7SVkg0cZJbur62lZx1H8Pn8ODU_Ao-7Gl0X85R9zcjV7ER23_mg8M
Frame ID: D7757A52C5EA927719DDBF5AB8D7DACB
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 5F6975F7820D91EBA6A44B79F708842A
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: A4E0A6EF3150F7C7F8ACCB23CE9745C4
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 5C4FB6FA681EB8E7FE3E2A526CC5ADE7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 863B929586B5DCBEFFB9750292282E86
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1F6572F7E9FD9666E21E3B420F958B1D
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 93EF75D1E73742EE4FBFAA8B1B35C5F6
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15555671415660452180/UK-ENG_XA-07_0_970x90_BAN-A_HTML5_TOFU-no-B2P-RAeBook-ALL_0_105/index.html?ev=01_250
Frame ID: 0F919A95A7639DEA5CE6FD920DBC5A39
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Portal de Notícias | Tendências de Negócios | Cultura e Negócios

Page URL History Show full URLs

http://culturaenegocios.com.br/ HTTP 301
https://culturaenegocios.com.br/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

GSAP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

TweenMax(?:\.min)?\.js

RightJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

right\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Lodash (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

lodash.*\.js

Navegg (Analytics) Expand

Overall confidence: 100%
Detected patterns

tag\.navdmp\.com

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

327
Requests

86 %
HTTPS

37 %
IPv6

74
Domains

119
Subdomains

87
IPs

11
Countries

5402 kB
Transfer

15934 kB
Size

69
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.youtube.com/channel/UC5CxUlpuV4-v6Ps3RZE33yw
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/culturaenegocio

Search URL Search Domain Scan URL

URL: https://www.facebook.com/culturaenegocios
Title: Youtube

Search URL Search Domain Scan URL

URL: https://br.pinterest.com/portalculturaenegocios/
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://www.instagram.com/culturaenegocios
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.instagram.com/culturaenegocios/
Title: Instagram

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://culturaenegocios.com.br/ HTTP 301
https://culturaenegocios.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 112

https://pbjs.e-planning.net/pbjs/1/4d628/1/culturaenegocios.com.br/ROS?rnd=0.469746027528414&e=300x250_0%3A300x250%2C300x600%2C160x600%2C320x250%2C320x480%2C120x600%7C0.15&ur=https%3A%2F%2Fculturaenegocios.com.br%2F&pbv=8.29.0-pre&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fculturaenegocios.com.br%2F HTTP 302
https://pbjs.e-planning.net/hb/1/4d628/1/culturaenegocios.com.br/ROS?ct=1&r=pbjs&rnd=0.469746027528414&e=300x250_0%3A300x250%2C300x600%2C160x600%2C320x250%2C320x480%2C120x600%7C0.15&ur=https%3A%2F%2Fculturaenegocios.com.br%2F&pbv=8.29.0-pre&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fculturaenegocios.com.br%2F

Request Chain 124

https://pbjs.e-planning.net/pbjs/1/4d628/1/culturaenegocios.com.br/ROS?rnd=0.469746027528414&e=728x90_0%3A728x90%2C970x90%7C0.15&ur=https%3A%2F%2Fculturaenegocios.com.br%2F&pbv=8.29.0-pre&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fculturaenegocios.com.br%2F HTTP 302
https://pbjs.e-planning.net/hb/1/4d628/1/culturaenegocios.com.br/ROS?ct=1&r=pbjs&rnd=0.469746027528414&e=728x90_0%3A728x90%2C970x90%7C0.15&ur=https%3A%2F%2Fculturaenegocios.com.br%2F&pbv=8.29.0-pre&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fculturaenegocios.com.br%2F

Request Chain 131

https://pbjs.e-planning.net/pbjs/1/4d628/1/culturaenegocios.com.br/ROS?rnd=0.469746027528414&e=728x90_0%3A728x90%2C970x90%7C0.15&ur=https%3A%2F%2Fculturaenegocios.com.br%2F&pbv=8.29.0-pre&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fculturaenegocios.com.br%2F HTTP 302
https://pbjs.e-planning.net/hb/1/4d628/1/culturaenegocios.com.br/ROS?ct=1&r=pbjs&rnd=0.469746027528414&e=728x90_0%3A728x90%2C970x90%7C0.15&ur=https%3A%2F%2Fculturaenegocios.com.br%2F&pbv=8.29.0-pre&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fculturaenegocios.com.br%2F

Request Chain 144

https://oajs.openx.net/esp?url=https%3A%2F%2Fculturaenegocios.com.br%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fculturaenegocios.com.br%2F&rid=esp&cc=1

Request Chain 179

https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D$%7BUID%7D HTTP 302
https://a-prebid.vidoomy.com/setuid?bidder=openx&uid=fad7f4cf-9d73-4fe2-874f-11389f43831b

Request Chain 183

https://x.bidswitch.net/sync?ssp=vidoomy&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=72803c21-3cf3-4caa-adca-1d3b22576b0d&ssp=vidoomy&gdpr=0&gdpr_consent=

Request Chain 193

https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da02225b6-7fcb-49c9-40ba-68a47d4b4720%26reqId%3D0c4c8c35-54fb-4c99-4916-4c4ea17d9eb7%26zdid%3D1361 HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da02225b6-7fcb-49c9-40ba-68a47d4b4720%26reqId%3D0c4c8c35-54fb-4c99-4916-4c4ea17d9eb7%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=a2689ff9-98b9-4d29-946a-429cfcbfc06c&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a02225b6-7fcb-49c9-40ba-68a47d4b4720&reqId=0c4c8c35-54fb-4c99-4916-4c4ea17d9eb7&zdid=1361

Request Chain 200

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=a02225b6-7fcb-49c9-40ba-68a47d4b4720&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da02225b6-7fcb-49c9-40ba-68a47d4b4720%26reqId%3D0c4c8c35-54fb-4c99-4916-4c4ea17d9eb7%26zdid%3D1361 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=a02225b6-7fcb-49c9-40ba-68a47d4b4720&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da02225b6-7fcb-49c9-40ba-68a47d4b4720%26reqId%3D0c4c8c35-54fb-4c99-4916-4c4ea17d9eb7%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=47622039860759293112579590827818019451&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a02225b6-7fcb-49c9-40ba-68a47d4b4720&reqId=0c4c8c35-54fb-4c99-4916-4c4ea17d9eb7&zdid=1361

Request Chain 203

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da02225b6-7fcb-49c9-40ba-68a47d4b4720%26reqId%3D0c4c8c35-54fb-4c99-4916-4c4ea17d9eb7%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=7328261886946900122&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a02225b6-7fcb-49c9-40ba-68a47d4b4720&reqId=0c4c8c35-54fb-4c99-4916-4c4ea17d9eb7&zdid=1361

Request Chain 204

https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=a02225b6-7fcb-49c9-40ba-68a47d4b4720 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=a02225b6-7fcb-49c9-40ba-68a47d4b4720

Request Chain 205

https://idsync.frontend.weborama.fr/ids?key=zeotap&value=a02225b6-7fcb-49c9-40ba-68a47d4b4720&gdpr=1&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da02225b6-7fcb-49c9-40ba-68a47d4b4720%26reqId%3D0c4c8c35-54fb-4c99-4916-4c4ea17d9eb7%26zdid%3D1361 HTTP 307
https://idsync.frontend.weborama.fr/ids?key=zeotap&value=a02225b6-7fcb-49c9-40ba-68a47d4b4720&gdpr=1&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da02225b6-7fcb-49c9-40ba-68a47d4b4720%26reqId%3D0c4c8c35-54fb-4c99-4916-4c4ea17d9eb7%26zdid%3D1361&bounce=1&random=1410712395 HTTP 302
https://mwzeom.zeotap.com/mw?webouuid=PVZysCSiEExCJFCulIAWqu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a02225b6-7fcb-49c9-40ba-68a47d4b4720&reqId=0c4c8c35-54fb-4c99-4916-4c4ea17d9eb7&zdid=1361

Request Chain 207

https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=a02225b6-7fcb-49c9-40ba-68a47d4b4720?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a02225b6-7fcb-49c9-40ba-68a47d4b4720&reqId=0c4c8c35-54fb-4c99-4916-4c4ea17d9eb7&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a02225b6-7fcb-49c9-40ba-68a47d4b4720&reqId=0c4c8c35-54fb-4c99-4916-4c4ea17d9eb7&zdid=1361

Request Chain 208

https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP HTTP 302
https://mwzeom.zeotap.com/mw?cid=y-parduKFE2oo4q8g0uX_FBDYid.FB2QnKLA--~A&zpartnerid=570&env=mWeb

Request Chain 209

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a02225b6-7fcb-49c9-40ba-68a47d4b4720&reqId=0c4c8c35-54fb-4c99-4916-4c4ea17d9eb7&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=p81CbJ%2F4aWU7%2BYl0skc8D0LzVoWLSp44%2BS41iYitP1U%3D

Request Chain 213

https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da02225b6-7fcb-49c9-40ba-68a47d4b4720%26reqId%3D0c4c8c35-54fb-4c99-4916-4c4ea17d9eb7%26zdid%3D1361 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da02225b6-7fcb-49c9-40ba-68a47d4b4720%26reqId%3D0c4c8c35-54fb-4c99-4916-4c4ea17d9eb7%26zdid%3D1361&_test=ZbM3XAAAAM5pQQBK HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZbM3XAAAAM5pQQBK&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a02225b6-7fcb-49c9-40ba-68a47d4b4720&reqId=0c4c8c35-54fb-4c99-4916-4c4ea17d9eb7&zdid=1361

Request Chain 214

https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a02225b6-7fcb-49c9-40ba-68a47d4b4720&reqId=0c4c8c35-54fb-4c99-4916-4c4ea17d9eb7&zdid=1361 HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a02225b6-7fcb-49c9-40ba-68a47d4b4720&reqId=0c4c8c35-54fb-4c99-4916-4c4ea17d9eb7&zdid=1361

Request Chain 215

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=a02225b6-7fcb-49c9-40ba-68a47d4b4720&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a02225b6-7fcb-49c9-40ba-68a47d4b4720&reqId=0c4c8c35-54fb-4c99-4916-4c4ea17d9eb7&zdid=1361 HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=a02225b6-7fcb-49c9-40ba-68a47d4b4720&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a02225b6-7fcb-49c9-40ba-68a47d4b4720&reqId=0c4c8c35-54fb-4c99-4916-4c4ea17d9eb7&zdid=1361&dcc=t

Request Chain 217

https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da02225b6-7fcb-49c9-40ba-68a47d4b4720%26reqId%3D0c4c8c35-54fb-4c99-4916-4c4ea17d9eb7%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a02225b6-7fcb-49c9-40ba-68a47d4b4720&reqId=0c4c8c35-54fb-4c99-4916-4c4ea17d9eb7&zdid=1361

Request Chain 218

https://pixel.rubiconproject.com/token?pid=41544&puid=a02225b6-7fcb-49c9-40ba-68a47d4b4720&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a02225b6-7fcb-49c9-40ba-68a47d4b4720&reqId=0c4c8c35-54fb-4c99-4916-4c4ea17d9eb7&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=LRU5KXBA-2-25E6&env=mWeb&zpartnerid=1770&gdpr=1

Request Chain 221

https://cms.quantserve.com/pixel/p-2vLHuZkZPAz2_.gif?idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=a02225b6-7fcb-49c9-40ba-68a47d4b4720&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a02225b6-7fcb-49c9-40ba-68a47d4b4720&reqId=0c4c8c35-54fb-4c99-4916-4c4ea17d9eb7&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=elaNG39U2kthB9keLVbCHHkB2xthVNlLKFb4-TLq&env=mWeb&zpartnerid=1875&gdpr=1&gdpr_consent=&idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=a02225b6-7fcb-49c9-40ba-68a47d4b4720&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a02225b6-7fcb-49c9-40ba-68a47d4b4720&reqId=0c4c8c35-54fb-4c99-4916-4c4ea17d9eb7&zdid=1361

Request Chain 236

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL8f9bSdeLekk0PDEblgi_I&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL8f9bSdeLekk0PDEblgi_I&google_cver=1&C=1

Request Chain 237

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZbM3XK-fHyF9pbdCjX5dvwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL8f9bSdeLekk0PDEblgi_I&google_cver=1

Request Chain 238

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEA7_H3I_hJH9RRFbHCkNQYQ&google_cver=1

Request Chain 239

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM2NDg5NzA1Mjc4OTMyMjQxMA%3D%3D

Request Chain 254

https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=86036929422 HTTP 302
https://sync2.navdmp.com/sync?prtid=2&id=86036929422&google_gid=CAESEJ9SYx7QSuX7ATygmdtonkU&google_cver=1

Request Chain 255

https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D HTTP 302
https://sync.navdmp.com/sync?img=1&mdia=89bb65b3-375c-4200-99e0-b2ddb0059654

Request Chain 256

https://cms.analytics.yahoo.com/cms?partner_id=NAVEG HTTP 302
https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG

Request Chain 258

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL8f9bSdeLekk0PDEblgi_I&google_cver=1

Request Chain 259

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZbM3XHAZ1pIAoZnlm7D6UAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL8f9bSdeLekk0PDEblgi_I&google_cver=1

Request Chain 260

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEA7_H3I_hJH9RRFbHCkNQYQ&google_cver=1

Request Chain 261

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM2NDg5NzA1Mjc4OTMyMjQxMA%3D%3D

Request Chain 267

https://fw.adsafeprotected.com/rfw/bgd/1520146/76103085/xbbe/creative/adj?p=APEucNWduAWxxFE2yDnPDruzexwLuItWJNxjquzP5r69jxxWWxXDHhQ&d=CokBAKAmf-DWbp62DJM3WVoEXH3pBDlZOS6yR7Y2k5vpmmISeSriC2v1purRfauPhiO1u78_4yKw1MqxiupLw4YU25kY4qTf6wHgPJ5k9hI82peIP2julREXDw72hOZVb7RcGXQCIoOCVSzIVezbt7ABrG2uV_Zn5XJgBL3XAxyjcf9uJNf6MaZU0IUSyRYAoCZ_4IFvrK7q-V-sfdNDv_jAMDYrbmgLTq-soxVEqlcn-DTYRfSaR-iPUofbQ6h-0iYp_6FvX8E6xLot4qO4ZRnbNTUG3QAMwYlBh5uxr4DuB-Y2SVwXPqmpOg9t5HTcH7PVkDFFA-zKB57w6XCR6aAQwd7a7ISuVL-1urd91AU_GgT7qLxUqrqHSWLKx3C48tDM3wSlNtxBuARVF1pGg_j_aevaiWlTPdl8adZVAFncVptWzG8ymb1xEryKdiAXwqxdW99lLQnY_E5OKFPBGt4LaYxzg7yimai7YSQJxiYcOC6BJv8ptjUh_UpRSKc6MDnyGBT9zOUVWjnp67Su0n_OiCkMfVECWwQ09tHUxj_BsDc7q3WcGT8XUbp5qMAaAXwo323jVO9zZZE2qAn9ak-KSSz3fEp69xsCi35U2d2SNqFn3D4IVY5-C2csvnpRZVNyVFxdnTfF70o8HC9igLRxn_NmjUt5WjuPiGbRdCwcO9X6AxCon8IyqaWCUmYe3CGkZeAug8fFoBEZElwPQsBR5ZSHe5h-kZtuDMdlNzqvmuuq1yftGl7wfL1gQlevvddvj4SHaNfj1NXad09g4DHjZOXHvtWCDSP3Jw439GQbAi4yw5MLDHvfDXpMjT2mt_H7nv2GlT6bBHINYTdSdibI3Hew1yyfqwn4NeKmd2Xo5gX58Ssg2S5hwU_8dXkmZ2yUJumR4Dp40gA7g47GitBN7im5gfC02BtlYCF08Y9XIJFdc6mDTmrQHAm5eSp9ZijIOHJVWROFcRp4Fi7PB-EnsRI9Gz1B7c1SofTKoDELklCt5j0LraL5bOjd9pJlsMLDb_AxZ5-taswLhvOaUMOETV3GoPwSvWQa17MUR4ZgiUvT8Kfi9r3-BZjAHk5NqYQF3Lt4dtzByNrkse-HotOHBV6xFl3b-v_KLErTNNK2tMtny77SEqjNRsGB1UnD6XzRjcy9CF8JkTkKNZgEeydLXJmbG00d9fELrQBfd0IXrRKVvIIn9e2rubcBPBKk3CVowsQhaC05os3oxGTXXIX4kSyH1kzcPcMJL8aR3thu9EZfIxmtjKlTmtwjacDRpxcxbYUfdYAvMj4kyo3pxYmSrLuJp1QFm4nCNQ6E_6xDPHhltb9e-vIcfgsH7d7mFzE8eSjNfdGKeU2edtsx_eYvuEPEenGPShAw2yK188dloyROe9ThumV0ukA0j1-Vgxf3Qu6etkAPCfC43zPLLaYMv5YxzC3WwviEyhrQrtVNfXbIMLiFGOT4X2Kh3tDBQXVG4pJ8T0qHzDWsYPCKaVmsrwlBNZ8O1UEzOZovTmVYUbsLIIPHFHvo0fVCu5OCOMtwCWhYRQ37Rr94ng3ppR3EeLq3R21Xq31NPBBEs6A37CyNqSSSd2ZcRFT6gE1RP4pu2LJHbObVN_SgPUtLMiJgdX5QcnFNa7SDbuEZwb3Ha9lIp2kpLaym90sCt8VGoujHG7IyXezh80vTF3sdoqWCUe9zYYm-LLPW8CDkQUCMaXeToZYTJa9tEMv-mS7wjJT15gUEpQQL-AiArasvV5dfAphIzVZA6npRqzxaw9YqqQuRzMhVGd1dh8RmfmxBorwPizuJO6fLGaS1gTWCT1EDJEOccVzWI2ObSIgzdUPxFupfKG6Piw38WyW0u2MUW7kUBnx9xD7kG2PaG7ET1jh7bcldAnjUeI55tw2t-6GKakZITbUYEwR0KlZhRHoWTssfoh3HyDp6OcD_OliySAyYwIkJPp-l9cjDI7fa9-jVu7RmFvwPpFqvGSuVdipPhfcVGoBM9lIv0VyZAclpXfjXkTkfGU95JcFecvdAfi0BV2z1sOISxn3rGuJDLlaXbnMPnjVUBVahrAzgq83Q8p8JebP7UhCz6G0vRqA59cDTWpLrXusU5ofCGitw3Muf8C0w3nTk0AxgxnlMSZimhuj3tZflucH5t77QTiqbYXR3k3IlTqh_8zGU_yA2Lo7iMB3XeL32GyFWr4vZCiHQS_-m8PvpEfWasX8VDhWx4O4Goq_plrY2Nrt74jZXB7JhxDTEogiKC-VakeBEVrimisfFrkWoEvy3fCUJ2lmu2-KRcq1Jh_9o_Bc630AAk425g0b9j2PHHxkz0uPpiKlkrYGGCd1afwIv_So4S-d7rEUVqL0q9SuhpjwIrYFbHWhkXu5-NSnoUpMMWXSYi0nLNY5B_mlUom2kScfrR_Hxk9Xzpj-UzE48vMg5iG1UDzsm7M48c-QUjcBd6Tj1yw6HckhwAJ9SdYvg_on5JrgQll-m-JLnBv99mV2fRndNEnw0atghH9MmJ4KeHB5jcXTxFn95qvJkiR0kumtqT9hL3Yf9ooOVO3SmoWp2UHv47fNbUiEIwDQYF0jjpft9__fngl84GhJ8_gRQbrv0gESNLmtEPXYh2mxXkYGyQ3RFaL9TpGnF_n0WHu-rAdBxvkBwao3hdT6cK9ptswcAGzp2J0VTy6RBnaqNCXLyB8ClPHktjCOSbJGuNpEVElIConSwSUUhzitDIGEwtBmQbH4e-wY7hDh-wSEvwfw_bVo8T2pwuzOelxJ5puh0d58G1jNX9cZ8SmRrv5ejr2LnzYd78g9ovFCobI_64EvPCWKQfnm6GnaiPLbDwKdzdXiMuUlxku6pMR90TZDHmcDeMrRIgihyNsCzmMiW6eO7z6sqSph-wYuxAqk0Zatwt2tAAdb28F7_yujougCksfAADfmXXQmku1bB_cAPhp8_l5S1a4q24cCdy0heXpBWn8fjL-NNn_i_Fs4BCkIg89VpSFD6TyoiRMB5RFBj4gL_updLzW2tmXwkcZi5ad7gYHCTGcZwtcNpyLGBwLxYpgXEcywg3AiRfC_uZlntjhijF4j0JY49YsZADEuVKQJrfoYp0pIJ8TkYdqri0j2s5QHB-J-vXj3k5Y_zBNGhuZGXyId8ZsdbmYuRb9_c5mN5Ojul5N_tz1HuK_zFKMjnkwo7-kUNNN1hADw4Hy-D0jn_-8Jj_TVHEn7QNKHa6VZ1MIe6mS5HqDvuOkNRu0UiKaiCzAa3PzHMZ96dgKmpHzuUZwUgx_bdojSV8_ZSaT20_hoVcQ2MV532CGNCzWodsisX4wahmsSlX_0p7kjyn0C3R-mjoHU6Li3U9TwYAZPY_gi_W8zeWgmFdjRZPHzg2t87fHfL4FtbYqVmpgyBnWYi4afLCmBW-ClqutBQOH9EEGlxlXkDon7__CEC_r6ee9_WoYu0udrOTT0g0ivCz_MyiVjPP5Cn_W_hGhmyF5Rh78iqyX_dRPqgOXNhXNfLt7TCCvdWEnjBhLDrMrohDL0BMEohhEPem2LAi45RKAVdbAwgteVwlk6OEsk7-N-bJo0lrUkaPMzLEkawvl_eC9nB9XvdkmeYoXYi7ac8_n7ZOqchg1kPzyW7lR9RMX5zArrsL6j_rsBJ0P3DBhrkRhZ7ks6l4yj7qTps_3DUo3XTWBDFJEzsa0YW_p6MzJGYoxrw7XPkNs8aKrQniXM61KYKeD3FAI27KIparekSUGqHGFbrBtukLMrINBgwzElsw-2WfAlu7X1pq-8v1mz69OxFgf8PkdrJiVpoVXGkFHF-CmvI5H6zDrxEHQjMmnEON0naQxZ13MmR6C19wvLXH3Xn8b7kGAJKQ02k_P6T1xzfagh-0QAoXmU_3cwmhCPQRs1QoPUa3DxrZ5QYAmDP36k26skPudeuFsZ_Q-FM_k3g0Dqa7kAxaBJxOcqJPR7Vfg1MfdqMv4mrJQCEZGl4L-RcqpOp_J4RO0zR6HXS6TUkHQJQR-pn2WowgL1OJ5o03UiB0AubczthPTWz7Ghx5IXwRD6YDAtnUDls6171MTQaQQgEEjsALx4X_zR5T6QETRLLbqnJMo0NEqSemEW2eTH9s_u_snNoUUJfUmyqX8uOvQCIAXwUJOTneG3pFPifdxgBYAE&bundleId=&ias_dspID=3&ias_campId=1013172746&ias_pubId=pub-9153399113741741&ias_chanId=1&ias_placementId=20409788283&bidurl=https://culturaenegocios.com.br/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0jzzbXNSsc0FqidM4cMYuLi&adsafe_url=https%3A%2F%2Fculturaenegocios.com.br&adsafe_type=y&adsafe_url=https%3A%2F%2Fculturaenegocios.com.br%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Ffe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Ffe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:5fcedbde-3d1c-5b2d-a71f-9581212919ff,c:2nys9X,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-74b57f8799-mcnkn,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:3,mot:0,app:0,maw:0,fm:u2rnEPU+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b*.1520146-76103085%7C1b1%7C1b21%7C1c1,idMap:1b*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:15,oid:ce8bbfbc-bc04-11ee-8388-5a01310b5892,v:19.8.476,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWduAWxxFE2yDnPDruzexwLuItWJNxjquzP5r69jxxWWxXDHhQ&d=CokBAKAmf-DWbp62DJM3WVoEXH3pBDlZOS6yR7Y2k5vpmmISeSriC2v1purRfauPhiO1u78_4yKw1MqxiupLw4YU25kY4qTf6wHgPJ5k9hI82peIP2julREXDw72hOZVb7RcGXQCIoOCVSzIVezbt7ABrG2uV_Zn5XJgBL3XAxyjcf9uJNf6MaZU0IUSyRYAoCZ_4IFvrK7q-V-sfdNDv_jAMDYrbmgLTq-soxVEqlcn-DTYRfSaR-iPUofbQ6h-0iYp_6FvX8E6xLot4qO4ZRnbNTUG3QAMwYlBh5uxr4DuB-Y2SVwXPqmpOg9t5HTcH7PVkDFFA-zKB57w6XCR6aAQwd7a7ISuVL-1urd91AU_GgT7qLxUqrqHSWLKx3C48tDM3wSlNtxBuARVF1pGg_j_aevaiWlTPdl8adZVAFncVptWzG8ymb1xEryKdiAXwqxdW99lLQnY_E5OKFPBGt4LaYxzg7yimai7YSQJxiYcOC6BJv8ptjUh_UpRSKc6MDnyGBT9zOUVWjnp67Su0n_OiCkMfVECWwQ09tHUxj_BsDc7q3WcGT8XUbp5qMAaAXwo323jVO9zZZE2qAn9ak-KSSz3fEp69xsCi35U2d2SNqFn3D4IVY5-C2csvnpRZVNyVFxdnTfF70o8HC9igLRxn_NmjUt5WjuPiGbRdCwcO9X6AxCon8IyqaWCUmYe3CGkZeAug8fFoBEZElwPQsBR5ZSHe5h-kZtuDMdlNzqvmuuq1yftGl7wfL1gQlevvddvj4SHaNfj1NXad09g4DHjZOXHvtWCDSP3Jw439GQbAi4yw5MLDHvfDXpMjT2mt_H7nv2GlT6bBHINYTdSdibI3Hew1yyfqwn4NeKmd2Xo5gX58Ssg2S5hwU_8dXkmZ2yUJumR4Dp40gA7g47GitBN7im5gfC02BtlYCF08Y9XIJFdc6mDTmrQHAm5eSp9ZijIOHJVWROFcRp4Fi7PB-EnsRI9Gz1B7c1SofTKoDELklCt5j0LraL5bOjd9pJlsMLDb_AxZ5-taswLhvOaUMOETV3GoPwSvWQa17MUR4ZgiUvT8Kfi9r3-BZjAHk5NqYQF3Lt4dtzByNrkse-HotOHBV6xFl3b-v_KLErTNNK2tMtny77SEqjNRsGB1UnD6XzRjcy9CF8JkTkKNZgEeydLXJmbG00d9fELrQBfd0IXrRKVvIIn9e2rubcBPBKk3CVowsQhaC05os3oxGTXXIX4kSyH1kzcPcMJL8aR3thu9EZfIxmtjKlTmtwjacDRpxcxbYUfdYAvMj4kyo3pxYmSrLuJp1QFm4nCNQ6E_6xDPHhltb9e-vIcfgsH7d7mFzE8eSjNfdGKeU2edtsx_eYvuEPEenGPShAw2yK188dloyROe9ThumV0ukA0j1-Vgxf3Qu6etkAPCfC43zPLLaYMv5YxzC3WwviEyhrQrtVNfXbIMLiFGOT4X2Kh3tDBQXVG4pJ8T0qHzDWsYPCKaVmsrwlBNZ8O1UEzOZovTmVYUbsLIIPHFHvo0fVCu5OCOMtwCWhYRQ37Rr94ng3ppR3EeLq3R21Xq31NPBBEs6A37CyNqSSSd2ZcRFT6gE1RP4pu2LJHbObVN_SgPUtLMiJgdX5QcnFNa7SDbuEZwb3Ha9lIp2kpLaym90sCt8VGoujHG7IyXezh80vTF3sdoqWCUe9zYYm-LLPW8CDkQUCMaXeToZYTJa9tEMv-mS7wjJT15gUEpQQL-AiArasvV5dfAphIzVZA6npRqzxaw9YqqQuRzMhVGd1dh8RmfmxBorwPizuJO6fLGaS1gTWCT1EDJEOccVzWI2ObSIgzdUPxFupfKG6Piw38WyW0u2MUW7kUBnx9xD7kG2PaG7ET1jh7bcldAnjUeI55tw2t-6GKakZITbUYEwR0KlZhRHoWTssfoh3HyDp6OcD_OliySAyYwIkJPp-l9cjDI7fa9-jVu7RmFvwPpFqvGSuVdipPhfcVGoBM9lIv0VyZAclpXfjXkTkfGU95JcFecvdAfi0BV2z1sOISxn3rGuJDLlaXbnMPnjVUBVahrAzgq83Q8p8JebP7UhCz6G0vRqA59cDTWpLrXusU5ofCGitw3Muf8C0w3nTk0AxgxnlMSZimhuj3tZflucH5t77QTiqbYXR3k3IlTqh_8zGU_yA2Lo7iMB3XeL32GyFWr4vZCiHQS_-m8PvpEfWasX8VDhWx4O4Goq_plrY2Nrt74jZXB7JhxDTEogiKC-VakeBEVrimisfFrkWoEvy3fCUJ2lmu2-KRcq1Jh_9o_Bc630AAk425g0b9j2PHHxkz0uPpiKlkrYGGCd1afwIv_So4S-d7rEUVqL0q9SuhpjwIrYFbHWhkXu5-NSnoUpMMWXSYi0nLNY5B_mlUom2kScfrR_Hxk9Xzpj-UzE48vMg5iG1UDzsm7M48c-QUjcBd6Tj1yw6HckhwAJ9SdYvg_on5JrgQll-m-JLnBv99mV2fRndNEnw0atghH9MmJ4KeHB5jcXTxFn95qvJkiR0kumtqT9hL3Yf9ooOVO3SmoWp2UHv47fNbUiEIwDQYF0jjpft9__fngl84GhJ8_gRQbrv0gESNLmtEPXYh2mxXkYGyQ3RFaL9TpGnF_n0WHu-rAdBxvkBwao3hdT6cK9ptswcAGzp2J0VTy6RBnaqNCXLyB8ClPHktjCOSbJGuNpEVElIConSwSUUhzitDIGEwtBmQbH4e-wY7hDh-wSEvwfw_bVo8T2pwuzOelxJ5puh0d58G1jNX9cZ8SmRrv5ejr2LnzYd78g9ovFCobI_64EvPCWKQfnm6GnaiPLbDwKdzdXiMuUlxku6pMR90TZDHmcDeMrRIgihyNsCzmMiW6eO7z6sqSph-wYuxAqk0Zatwt2tAAdb28F7_yujougCksfAADfmXXQmku1bB_cAPhp8_l5S1a4q24cCdy0heXpBWn8fjL-NNn_i_Fs4BCkIg89VpSFD6TyoiRMB5RFBj4gL_updLzW2tmXwkcZi5ad7gYHCTGcZwtcNpyLGBwLxYpgXEcywg3AiRfC_uZlntjhijF4j0JY49YsZADEuVKQJrfoYp0pIJ8TkYdqri0j2s5QHB-J-vXj3k5Y_zBNGhuZGXyId8ZsdbmYuRb9_c5mN5Ojul5N_tz1HuK_zFKMjnkwo7-kUNNN1hADw4Hy-D0jn_-8Jj_TVHEn7QNKHa6VZ1MIe6mS5HqDvuOkNRu0UiKaiCzAa3PzHMZ96dgKmpHzuUZwUgx_bdojSV8_ZSaT20_hoVcQ2MV532CGNCzWodsisX4wahmsSlX_0p7kjyn0C3R-mjoHU6Li3U9TwYAZPY_gi_W8zeWgmFdjRZPHzg2t87fHfL4FtbYqVmpgyBnWYi4afLCmBW-ClqutBQOH9EEGlxlXkDon7__CEC_r6ee9_WoYu0udrOTT0g0ivCz_MyiVjPP5Cn_W_hGhmyF5Rh78iqyX_dRPqgOXNhXNfLt7TCCvdWEnjBhLDrMrohDL0BMEohhEPem2LAi45RKAVdbAwgteVwlk6OEsk7-N-bJo0lrUkaPMzLEkawvl_eC9nB9XvdkmeYoXYi7ac8_n7ZOqchg1kPzyW7lR9RMX5zArrsL6j_rsBJ0P3DBhrkRhZ7ks6l4yj7qTps_3DUo3XTWBDFJEzsa0YW_p6MzJGYoxrw7XPkNs8aKrQniXM61KYKeD3FAI27KIparekSUGqHGFbrBtukLMrINBgwzElsw-2WfAlu7X1pq-8v1mz69OxFgf8PkdrJiVpoVXGkFHF-CmvI5H6zDrxEHQjMmnEON0naQxZ13MmR6C19wvLXH3Xn8b7kGAJKQ02k_P6T1xzfagh-0QAoXmU_3cwmhCPQRs1QoPUa3DxrZ5QYAmDP36k26skPudeuFsZ_Q-FM_k3g0Dqa7kAxaBJxOcqJPR7Vfg1MfdqMv4mrJQCEZGl4L-RcqpOp_J4RO0zR6HXS6TUkHQJQR-pn2WowgL1OJ5o03UiB0AubczthPTWz7Ghx5IXwRD6YDAtnUDls6171MTQaQQgEEjsALx4X_zR5T6QETRLLbqnJMo0NEqSemEW2eTH9s_u_snNoUUJfUmyqX8uOvQCIAXwUJOTneG3pFPifdxgBYAE&ias_xappb=

Request Chain 269

https://fw.adsafeprotected.com/rfw/bgd/1520146/76103085/xbbe/creative/adj?p=APEucNWduAWxxFE2yDnPDruzexwLuItWJNxjquzP5r69jxxWWxXDHhQ&d=CokBAKAmf-CdaaK0vBI9GHnXsoGR6415zPXAXKeniT1x-5Zz5rgjByD_xHaopoyyUiXEt5bvY1scMPMkriRIxt_zKuqjTYYFYljI1oisnMlbDi-TM53nJmM9GUB9K9Xq4FF5RIPLearso7x9VKestBHq6MgOUJpdkOYtCm-Qw7jS-cE2eVKcgDsQf3oS6RYAoCZ_4AsVaKDHTgHE3tFUPDOizhTGTkXm-x4sncriFcDWds5a_O1w6VVthv1vKjbJVNIlNDx7jNdvbY4rZamq2-Rp12OQlqWB94E9AVdvpvHfGo4IjLf8v90c8JtPqXwuqIWLTK5tylmiKbFaTz3NzV_divl0YuJMdRD-7OirnNO30t4R8TQqBgmN0h3kuyJoFXil9tiI99pUdYOoJgT1GvaIs851JHH7xI3orLs8YCU23kHFmPCJMW5Cz6xw6qQVHtB5z4p0DRhmUR47zQLF6DzYGDvFWBwX6X33zomayZ__EdeuckESZlUFOzmggM-ALwutuK3kHmCoA1id8ams7a2LfFo7wg3O4alSooKN6eOD4B-MSsciGQ3DjpxY9vhv0L6HYh8_yXaWeEhLu78pWNuVsK_bq0DyIU9YWuK_OtODDdjL2StTBADOy2dafBLc-Pkhrw62g7-5QDfAfkkd4ycO2r1WTNXN97A42Jj7q7EvwadvnXqYeR0cIisVyGRUH87pWPnfeurDHXfojV1LFw0bngF_Hc6prRmTNoCPdvcFvNk7Q15u5bBT_BxVoxBgJZa2EROygVxJ5Xnbl9NZubqEWulAad-l-HePfEWEGUPlm2nBL5o6NtM9Hn0qJpdIOX3JXRWp1eZLQhnR70P8qZKdne898YFmMfymg5cuLvEhnJJqnf5iu5Or0WV91887W-NGTLMTm-dYe76HfssOTFfSgIJxfiFtcpjwc5JZduFDteQKx54JZLrnESI15IA3InHbfQu6T9veiKON9LxDQKDNx9eZakhPGMkelRDYizd4KE2ad2mMrtSwMkU40KMr8qHwpsbPX7KbjoB9Re4l7Z_TQT12W5ygm_8rJWlbfs4tyntXJ9D8IG6o98V7F1rCQ0nngwhif1P8vVjOLXzkAXMnmm2IKdMTCNk0eEBU5mW95nLznB-K8YZ_Iv1Iqgf7Jnqcl-RpkLz8A_nrJzsjI-nLmvrnYla-5KHwE79EjtU92q1iQo3nIkrSpYBurQxlOeMUPnfbwCe5jm5aFXQK90hHgcuzCPCKqdtWXLUhDGOUBsoBOdxdYtNrj2oJ2d-3WQXfjgw-lH28bu-du22BGflalESxXfXiOdHhA3ek6EEqlDUEZ8z373vsu1G5u92VvM7rV-wZnzioYjIYH77CrpScChkXMVp0f61cdpkGhHVnWBEsQER-BybyKWeWsg9sKD9QEZpsWgL0nBEV4tX_XKA8CpM2_Oy0Hb1Hpdghb5fLxt3upUuLT9Gyy-vMdGmKvoNNcHij1Mgo7548s4UHJjO22EjbjBz_plkSmp3OlcGq1QxDYbOBBnAyuZsnEgPh7MrXCVyXa8AHIw5DHOerzIyYDY0uy4yoDWcuvYes3blf27UgDMPjrjbEsotOkPG6UafLFy4Ba8lzmaThwCMpaD34HWS_Mo8upSGKFfkpXXx5Af6bI63Nk0d26p6NxEaxRmaNPWLiTN6EicDU6sYt7nG5qg0sjBiK_CXyT4Ta4UtdpUWyDK07Z0J0H12ocOxzbqbDcCZnEF7P-JSmhQmmKxxZ3TjxzKOEmfwjsiyTrDnxLIGVxy7Z47NkGVvKTd2MpMHsnp7EQaaXV52DuxckhRhDCbPkIRP8t4oWAsFJry1InSo-Bxutr3Sm9ArIfW08lZmGXZ1yK4LYWXVw3TJcZOId6y45ABulgT44Lj5c62o0WJGXr6rCMVgFdvxnBwDDlTqGHS6AZld5dooIH49WrPt_Abvo1flUYl2OaioQfm0ThN28nJFihJNFuFMizz5Qs15-6Bfegq4qio0j9_igw_YsIXGBRpflmJhKzRnmgwHUwNisUSxgPKLDXHPwgdgsrR0Atryrb1_NOK4NOqIKV3ptp0EYL17NdO13ZeU95gnFFCT6-00bfmWPpHYXaM7zLnmuDwQo95fzlOHHQw-svyVi7Ert9B9hjBx97MNEIJILATQ2K6ZYne3BYJ1XiGtLG_LBVKuhuiNv1mMKXpD36uQhZpTINWHip_A5nAAKiPRNu6umiMZyZ9Szu1khxxYl3DREaGBGCOiIqrtZLpmNafAqhUAHSobqilDDF4A-16fLvJQ48iSPnFaBY1VgZFOnFYUkWezrrjLJYUzOaR9MiFx1JWXG-G7UDq4TYdmLnF1YoUB6bKmmQJ3u7WAVABpE563HZFNnxQyQXJCpUAq-uPUAnhH_tCEw_hd10BYrU-dPdTuoloZjJGpjwmjzpTXhJKX3ph5ub89DkAFQaZwmoI-A-7zC86P0MVkJdFXZ78IKRClouZZfy8VFiKTcXoNPDhy3USjmmhWHezU2F68HFux20mbGB1uC_JZkh_QHT5dHO_AVWuCd0iHMp_hYEXcSG7WGWTpzRRFKkXGxbXYk36ZB5nhq58si6SLGO8QeYvnFrroPhLTlMz1zrpUlHopTt7FLrS1LGUxXJnMg_wVpaa6hvmgZlIn_YO11gCMELH1d5sLf8BNWQdp7_bFzEls7MIf35XGmj9l9ldrHyd68b2L2rACGJpGdR9ECoSHn0w5SS_VC3DA2FCFwsTOtcJRLaRjoAPMn4uWtGT33mz2cY_9F_aE5FLMC9Zff7R7UbLTtxpT9guyWj-MnVojp57DXKCpzMgZWfitGm-Qd7ilQcMQ72dO459OexQ-FaDJF9My5VZd6I1XMKbZuG_V3Q6XVNz3P7BMlvMOzLdaEsDcr7lNlNGX_f2cdJt-XMIsu4N91OQ6EtDa4GYdbMysSMFVY_KLUg511Ew1MItLkE0v_dNdrlz0IWud-zKOB7amytDQl2m8zzIY6vAUMyXWNUPGDnk3ZGYXSGGtZJPpBKiSb0R7vNWvKbnXhsp2jy79kXMgo1L0J01o-3SrVcrqjWOsBDIg6dx1Lv08wgT2haFj51PaW4y1uWEEd9QnIuaVVQ7CZt33kk7JeuJaAOt5Yd73Un_36KylSdgiD7oMxmgbOREXihtvPcGkHmBE3jMQG-0yz9_CAx8248fAt0v1qeu_e6v2V5OGO1e5uwQuBeG3MgxHtEvhMmHQkvgne3w25jYeh3ZI7qdLS4iidluYXx_bV51SQTG1lc5QBSiGToQ78KozXVKOmXKJ06Mm3MIPo-6H8ZBeJ5fLdg5e2EOUDd7x7q00gZAwbcxxnXR6Q8dIyWYDK1qnrTti2hyPqjEUavOLewNP4Mg-31bh6X_LO5FnFq8Y1JkePdaWBh7hTswyD1iX_6h9p1gGGge2WhKU3k0KhH7Nj7HhLRqyAOrAo_Ftfsi42Vurt-kccZUS3HTo621r9ezEJRNTpcjiDjZmqbcEqWl6TauC2-ovrHQwjWSKwAwVFmyF77ddpH7yfjXaKi8Yi0f81j6WFyOtqssCOfJ97oju114fbqfB_UV0AtUzH9ck5gJEwqDENJmMeDIRYm_ODY4h4gHay4vox6ypxjFYbc7JBxVbSJc-T_9h407r3wTy6fIJIsNwFinnNL8_n6U4H6inbFi-CAoCGSuzh_kUuQe9ZIyL67LM3hcnuXtV40YQD8sDroztjZc2MkyIM2AVwEeS-iFRxRkjuh-8wXtj4YRwRtcn9-UsTPp4f4ymY0IRbpor544Msbih21IK235fCWHTObaLbsZ47UmfnWkWctUFaSp1OLIedGVTum199Y3ufzVPKksSU9G-NSNPkjgyNvUG9K2GTM5mOyyfRc9JZQXV75w32XulRJjSNkkJTZVZq_s6RMfkMWEmtd7P0D-aYZPOLdbK4WP8_So4r_n4Udessq_8fZNK9vBdCP5XBN6X-2a6NDs2AphY7aKQsvxu0ABthd_OrIh1DOAQZRusykBM0Qnx8cF6ZOtXP7MkvuAvqO9i_gDragxNnnejl9MkZZVl4lFBQsn9SiP78wvPw-K7KzexuUBpBCAQSOwAvHhf_2kyPXCmO0fz-vdcL_iz5bBJCSNYLlDvJuRcEIG0U2pclXuEnyz95p-gwjY5OZeTVUfStbiePGAFgAQ&bundleId=&ias_dspID=3&ias_campId=1013172746&ias_pubId=pub-9153399113741741&ias_chanId=1&ias_placementId=20409788283&bidurl=https://culturaenegocios.com.br/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0jL_G-lsoEtPT3wvcEunjqR&adsafe_url=https%3A%2F%2Fculturaenegocios.com.br&adsafe_type=y&adsafe_url=https%3A%2F%2Fculturaenegocios.com.br%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Ffe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Ffe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:f2d82ac4-604f-3d8c-8c94-b232f8412f45,c:2nysav,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-74b57f8799-978xh,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:2,mot:0,app:0,maw:0,fm:u2rnEQv+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b1%7C1b21%7C1b3%7C1c*.1520146-76103085%7C1c1,idMap:1c*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:12,oid:ce8fddb2-bc04-11ee-82d4-86d168e5e0b7,v:19.8.476,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWduAWxxFE2yDnPDruzexwLuItWJNxjquzP5r69jxxWWxXDHhQ&d=CokBAKAmf-CdaaK0vBI9GHnXsoGR6415zPXAXKeniT1x-5Zz5rgjByD_xHaopoyyUiXEt5bvY1scMPMkriRIxt_zKuqjTYYFYljI1oisnMlbDi-TM53nJmM9GUB9K9Xq4FF5RIPLearso7x9VKestBHq6MgOUJpdkOYtCm-Qw7jS-cE2eVKcgDsQf3oS6RYAoCZ_4AsVaKDHTgHE3tFUPDOizhTGTkXm-x4sncriFcDWds5a_O1w6VVthv1vKjbJVNIlNDx7jNdvbY4rZamq2-Rp12OQlqWB94E9AVdvpvHfGo4IjLf8v90c8JtPqXwuqIWLTK5tylmiKbFaTz3NzV_divl0YuJMdRD-7OirnNO30t4R8TQqBgmN0h3kuyJoFXil9tiI99pUdYOoJgT1GvaIs851JHH7xI3orLs8YCU23kHFmPCJMW5Cz6xw6qQVHtB5z4p0DRhmUR47zQLF6DzYGDvFWBwX6X33zomayZ__EdeuckESZlUFOzmggM-ALwutuK3kHmCoA1id8ams7a2LfFo7wg3O4alSooKN6eOD4B-MSsciGQ3DjpxY9vhv0L6HYh8_yXaWeEhLu78pWNuVsK_bq0DyIU9YWuK_OtODDdjL2StTBADOy2dafBLc-Pkhrw62g7-5QDfAfkkd4ycO2r1WTNXN97A42Jj7q7EvwadvnXqYeR0cIisVyGRUH87pWPnfeurDHXfojV1LFw0bngF_Hc6prRmTNoCPdvcFvNk7Q15u5bBT_BxVoxBgJZa2EROygVxJ5Xnbl9NZubqEWulAad-l-HePfEWEGUPlm2nBL5o6NtM9Hn0qJpdIOX3JXRWp1eZLQhnR70P8qZKdne898YFmMfymg5cuLvEhnJJqnf5iu5Or0WV91887W-NGTLMTm-dYe76HfssOTFfSgIJxfiFtcpjwc5JZduFDteQKx54JZLrnESI15IA3InHbfQu6T9veiKON9LxDQKDNx9eZakhPGMkelRDYizd4KE2ad2mMrtSwMkU40KMr8qHwpsbPX7KbjoB9Re4l7Z_TQT12W5ygm_8rJWlbfs4tyntXJ9D8IG6o98V7F1rCQ0nngwhif1P8vVjOLXzkAXMnmm2IKdMTCNk0eEBU5mW95nLznB-K8YZ_Iv1Iqgf7Jnqcl-RpkLz8A_nrJzsjI-nLmvrnYla-5KHwE79EjtU92q1iQo3nIkrSpYBurQxlOeMUPnfbwCe5jm5aFXQK90hHgcuzCPCKqdtWXLUhDGOUBsoBOdxdYtNrj2oJ2d-3WQXfjgw-lH28bu-du22BGflalESxXfXiOdHhA3ek6EEqlDUEZ8z373vsu1G5u92VvM7rV-wZnzioYjIYH77CrpScChkXMVp0f61cdpkGhHVnWBEsQER-BybyKWeWsg9sKD9QEZpsWgL0nBEV4tX_XKA8CpM2_Oy0Hb1Hpdghb5fLxt3upUuLT9Gyy-vMdGmKvoNNcHij1Mgo7548s4UHJjO22EjbjBz_plkSmp3OlcGq1QxDYbOBBnAyuZsnEgPh7MrXCVyXa8AHIw5DHOerzIyYDY0uy4yoDWcuvYes3blf27UgDMPjrjbEsotOkPG6UafLFy4Ba8lzmaThwCMpaD34HWS_Mo8upSGKFfkpXXx5Af6bI63Nk0d26p6NxEaxRmaNPWLiTN6EicDU6sYt7nG5qg0sjBiK_CXyT4Ta4UtdpUWyDK07Z0J0H12ocOxzbqbDcCZnEF7P-JSmhQmmKxxZ3TjxzKOEmfwjsiyTrDnxLIGVxy7Z47NkGVvKTd2MpMHsnp7EQaaXV52DuxckhRhDCbPkIRP8t4oWAsFJry1InSo-Bxutr3Sm9ArIfW08lZmGXZ1yK4LYWXVw3TJcZOId6y45ABulgT44Lj5c62o0WJGXr6rCMVgFdvxnBwDDlTqGHS6AZld5dooIH49WrPt_Abvo1flUYl2OaioQfm0ThN28nJFihJNFuFMizz5Qs15-6Bfegq4qio0j9_igw_YsIXGBRpflmJhKzRnmgwHUwNisUSxgPKLDXHPwgdgsrR0Atryrb1_NOK4NOqIKV3ptp0EYL17NdO13ZeU95gnFFCT6-00bfmWPpHYXaM7zLnmuDwQo95fzlOHHQw-svyVi7Ert9B9hjBx97MNEIJILATQ2K6ZYne3BYJ1XiGtLG_LBVKuhuiNv1mMKXpD36uQhZpTINWHip_A5nAAKiPRNu6umiMZyZ9Szu1khxxYl3DREaGBGCOiIqrtZLpmNafAqhUAHSobqilDDF4A-16fLvJQ48iSPnFaBY1VgZFOnFYUkWezrrjLJYUzOaR9MiFx1JWXG-G7UDq4TYdmLnF1YoUB6bKmmQJ3u7WAVABpE563HZFNnxQyQXJCpUAq-uPUAnhH_tCEw_hd10BYrU-dPdTuoloZjJGpjwmjzpTXhJKX3ph5ub89DkAFQaZwmoI-A-7zC86P0MVkJdFXZ78IKRClouZZfy8VFiKTcXoNPDhy3USjmmhWHezU2F68HFux20mbGB1uC_JZkh_QHT5dHO_AVWuCd0iHMp_hYEXcSG7WGWTpzRRFKkXGxbXYk36ZB5nhq58si6SLGO8QeYvnFrroPhLTlMz1zrpUlHopTt7FLrS1LGUxXJnMg_wVpaa6hvmgZlIn_YO11gCMELH1d5sLf8BNWQdp7_bFzEls7MIf35XGmj9l9ldrHyd68b2L2rACGJpGdR9ECoSHn0w5SS_VC3DA2FCFwsTOtcJRLaRjoAPMn4uWtGT33mz2cY_9F_aE5FLMC9Zff7R7UbLTtxpT9guyWj-MnVojp57DXKCpzMgZWfitGm-Qd7ilQcMQ72dO459OexQ-FaDJF9My5VZd6I1XMKbZuG_V3Q6XVNz3P7BMlvMOzLdaEsDcr7lNlNGX_f2cdJt-XMIsu4N91OQ6EtDa4GYdbMysSMFVY_KLUg511Ew1MItLkE0v_dNdrlz0IWud-zKOB7amytDQl2m8zzIY6vAUMyXWNUPGDnk3ZGYXSGGtZJPpBKiSb0R7vNWvKbnXhsp2jy79kXMgo1L0J01o-3SrVcrqjWOsBDIg6dx1Lv08wgT2haFj51PaW4y1uWEEd9QnIuaVVQ7CZt33kk7JeuJaAOt5Yd73Un_36KylSdgiD7oMxmgbOREXihtvPcGkHmBE3jMQG-0yz9_CAx8248fAt0v1qeu_e6v2V5OGO1e5uwQuBeG3MgxHtEvhMmHQkvgne3w25jYeh3ZI7qdLS4iidluYXx_bV51SQTG1lc5QBSiGToQ78KozXVKOmXKJ06Mm3MIPo-6H8ZBeJ5fLdg5e2EOUDd7x7q00gZAwbcxxnXR6Q8dIyWYDK1qnrTti2hyPqjEUavOLewNP4Mg-31bh6X_LO5FnFq8Y1JkePdaWBh7hTswyD1iX_6h9p1gGGge2WhKU3k0KhH7Nj7HhLRqyAOrAo_Ftfsi42Vurt-kccZUS3HTo621r9ezEJRNTpcjiDjZmqbcEqWl6TauC2-ovrHQwjWSKwAwVFmyF77ddpH7yfjXaKi8Yi0f81j6WFyOtqssCOfJ97oju114fbqfB_UV0AtUzH9ck5gJEwqDENJmMeDIRYm_ODY4h4gHay4vox6ypxjFYbc7JBxVbSJc-T_9h407r3wTy6fIJIsNwFinnNL8_n6U4H6inbFi-CAoCGSuzh_kUuQe9ZIyL67LM3hcnuXtV40YQD8sDroztjZc2MkyIM2AVwEeS-iFRxRkjuh-8wXtj4YRwRtcn9-UsTPp4f4ymY0IRbpor544Msbih21IK235fCWHTObaLbsZ47UmfnWkWctUFaSp1OLIedGVTum199Y3ufzVPKksSU9G-NSNPkjgyNvUG9K2GTM5mOyyfRc9JZQXV75w32XulRJjSNkkJTZVZq_s6RMfkMWEmtd7P0D-aYZPOLdbK4WP8_So4r_n4Udessq_8fZNK9vBdCP5XBN6X-2a6NDs2AphY7aKQsvxu0ABthd_OrIh1DOAQZRusykBM0Qnx8cF6ZOtXP7MkvuAvqO9i_gDragxNnnejl9MkZZVl4lFBQsn9SiP78wvPw-K7KzexuUBpBCAQSOwAvHhf_2kyPXCmO0fz-vdcL_iz5bBJCSNYLlDvJuRcEIG0U2pclXuEnyz95p-gwjY5OZeTVUfStbiePGAFgAQ&ias_xappb=

Request Chain 292

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEOGYErHNkOIhrdgysZm0Y9M&google_cver=1&google_push=AXcoOmRijvuGoilZqjFiZdZrQjLuUOc1si7JUtzpXVIkMIqFfXTCAjeg090fyzAYcdhWRVa_MjTbsdcBnt4OtnMDrsqK5HEsUO_NrA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRijvuGoilZqjFiZdZrQjLuUOc1si7JUtzpXVIkMIqFfXTCAjeg090fyzAYcdhWRVa_MjTbsdcBnt4OtnMDrsqK5HEsUO_NrA&google_hm=aDHJ_541T8mph8kBYgE0shQ

Request Chain 293

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEGHQGNS8_JeKx9oWEMX6mzU&google_cver=1&google_push=AXcoOmSnZH094W1lBqn_k_i-ROGD3krHmt7uxt8Kpl9DijVU5CwLwuaMdzfr3zOzJ6CodIib7j7LlsQDX5mkpT1L3Rq3o5VWLuUzoQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMyODI2MTg4Njk0NjkwMDEyMg%3D%3D&google_push=AXcoOmSnZH094W1lBqn_k_i-ROGD3krHmt7uxt8Kpl9DijVU5CwLwuaMdzfr3zOzJ6CodIib7j7LlsQDX5mkpT1L3Rq3o5VWLuUzoQ

Request Chain 294

https://ads.travelaudience.com/google_pixel?google_gid=CAESENFwReEUquXdePKnHsqZqEE&google_cver=1&google_push=AXcoOmTlXO3b1XdD5PToxREvfE1aOHIQSOAT4GAu9xGQER1MdV07Dgp-I6fUqwcAbLs1cGtRkPbr5AJLL49NFG9cghIWWF001hcUvQ HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=2soAxqqZTRMae6F7SOcvCg&google_push=AXcoOmTlXO3b1XdD5PToxREvfE1aOHIQSOAT4GAu9xGQER1MdV07Dgp-I6fUqwcAbLs1cGtRkPbr5AJLL49NFG9cghIWWF001hcUvQ

Request Chain 295

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEAvbEXHpWklOZSp67_f7OhM&google_cver=1&google_push=AXcoOmQb3MbK30bqo36FlLb_9pceIG457shwOVAQ-OFzp2Y3WfgIuLLBDH-vHG2_xv3R75KKQBjkqB8KCj_txyZ1pX7W2tVVG5OLYQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQb3MbK30bqo36FlLb_9pceIG457shwOVAQ-OFzp2Y3WfgIuLLBDH-vHG2_xv3R75KKQBjkqB8KCj_txyZ1pX7W2tVVG5OLYQ&google_hm=eS1CTWsxelFwRTJwSFd6MHZ3dzFpUEpxcE1TVG1GUWpCVH5B

Request Chain 296

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSLGIUr1mwuc-GYsdTJd0OjQjqDBWiRzB8rck_NikAQmWogRzmObVmyfzTBu8SqWQSuLBQVx54QdXOpxGW9-jh10-UUPb46QA&google_gid=CAESEMwiCjvx0F_9K_zd0pkECyc&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-gfyvvGPcreimI4gIs5E7sawMtNjQHtBZzQmXig&google_push=AXcoOmSLGIUr1mwuc-GYsdTJd0OjQjqDBWiRzB8rck_NikAQmWogRzmObVmyfzTBu8SqWQSuLBQVx54QdXOpxGW9-jh10-UUPb46QA

Request Chain 297

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKXLNwGE-nof-AicCjMiJwM&google_cver=1&google_push=AXcoOmS4dHKZqr6FoRFXlt5ALDjohdE9k0e0BTmH8qW7FDE0QT0Bxm-kIiJod9LSdcQks8pR0CVdUInsZfUfJaYPkUBkr1AzsMli HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKXLNwGE-nof-AicCjMiJwM&google_hm=ZbM3XHAZ1pIAoZnlm7D6UAAADG0AAAAB&google_nid=index&google_push=AXcoOmS4dHKZqr6FoRFXlt5ALDjohdE9k0e0BTmH8qW7FDE0QT0Bxm-kIiJod9LSdcQks8pR0CVdUInsZfUfJaYPkUBkr1AzsMli

Request Chain 298

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIKD7pCrhHnYn3G2tKja0U8&google_cver=1&google_push=AXcoOmTs-9ziV1Hen3ZjItj9NwjJrJhXueDTJ4qiauafTR7CSxQ9jbCQE3sicVi_nH1lnKhB_fs-5ico5jj6txVtAUlkx5Co4B5m HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIKD7pCrhHnYn3G2tKja0U8&google_cver=1&google_push=AXcoOmTs-9ziV1Hen3ZjItj9NwjJrJhXueDTJ4qiauafTR7CSxQ9jbCQE3sicVi_nH1lnKhB_fs-5ico5jj6txVtAUlkx5Co4B5m&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTs-9ziV1Hen3ZjItj9NwjJrJhXueDTJ4qiauafTR7CSxQ9jbCQE3sicVi_nH1lnKhB_fs-5ico5jj6txVtAUlkx5Co4B5m&google_hm=IDdWAGZHrYX5u5RITIa1BCFb

Request Chain 301

https://a.tribalfusion.com/i.match?p=b6&u=CAESEJILvo26gFn6QT9BksbgQXQ&google_cver=1&google_push=AXcoOmQJ9DVbCXAKkKBfnMshfYRkrfASdLQEgAySFqTGdcus1x9i_g5tQL89H6yb5NG4fzMdVSDBdaBYFT8oH0WABPejZy2rKPNA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQJ9DVbCXAKkKBfnMshfYRkrfASdLQEgAySFqTGdcus1x9i_g5tQL89H6yb5NG4fzMdVSDBdaBYFT8oH0WABPejZy2rKPNA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJILvo26gFn6QT9BksbgQXQ&google_cver=1&google_push=AXcoOmQJ9DVbCXAKkKBfnMshfYRkrfASdLQEgAySFqTGdcus1x9i_g5tQL89H6yb5NG4fzMdVSDBdaBYFT8oH0WABPejZy2rKPNA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQJ9DVbCXAKkKBfnMshfYRkrfASdLQEgAySFqTGdcus1x9i_g5tQL89H6yb5NG4fzMdVSDBdaBYFT8oH0WABPejZy2rKPNA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 302

https://ads.travelaudience.com/google_pixel?google_gid=CAESEMAFarIQ6UNshljUdZZUMQU&google_cver=1&google_push=AXcoOmRWyhm25AEGZn2EJM7GsHqEWv0_LIys-dPxp4lYQ5J5dA1fHksN6JBTaktViRuGiRXPbhlK7TaxNXzc-Sr3c3rJGdw6Es7r HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=1lFCSriiRqYqbszJ9GJLgg&google_push=AXcoOmRWyhm25AEGZn2EJM7GsHqEWv0_LIys-dPxp4lYQ5J5dA1fHksN6JBTaktViRuGiRXPbhlK7TaxNXzc-Sr3c3rJGdw6Es7r

Request Chain 303

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPPBFB1ZaOiLXPdK48J2Yd0&google_cver=1&google_push=AXcoOmR_NsCiw05ze5sNZAr3Ma3MkvJhseL_Wjbx5dZHzbdMFbDQP0rZ6D3pig6Fj36l6hMt337lMGEP-f_EJ1a_wPqGsrjhrjNX HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEPPBFB1ZaOiLXPdK48J2Yd0&google_cver=1&google_push=AXcoOmR_NsCiw05ze5sNZAr3Ma3MkvJhseL_Wjbx5dZHzbdMFbDQP0rZ6D3pig6Fj36l6hMt337lMGEP-f_EJ1a_wPqGsrjhrjNX HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjEzMTE0NzE3NjMxMzIxNDA3Mw&google_push=AXcoOmR_NsCiw05ze5sNZAr3Ma3MkvJhseL_Wjbx5dZHzbdMFbDQP0rZ6D3pig6Fj36l6hMt337lMGEP-f_EJ1a_wPqGsrjhrjNX

Request Chain 305

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEGz21QvUJMzFAoRPHNQf0UU&google_cver=1&google_push=AXcoOmSjMnnyVQudraKE2ZUsL43AJwsrwVD8JIM4uUZOPT5_GS9gKLzR966Yc-ZY1U3rk2A9JkiewK7EFKlpYZRL3riemqDeJXio HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmSjMnnyVQudraKE2ZUsL43AJwsrwVD8JIM4uUZOPT5_GS9gKLzR966Yc-ZY1U3rk2A9JkiewK7EFKlpYZRL3riemqDeJXio&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1706243933187 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-c25a787d-5ea4-45a3-8e2b-3f35154baa10-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmSjMnnyVQudraKE2ZUsL43AJwsrwVD8JIM4uUZOPT5_GS9gKLzR966Yc-ZY1U3rk2A9JkiewK7EFKlpYZRL3riemqDeJXio%26google_hm%3DA8JaeH1epEWjjis_NRVLqhA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmSjMnnyVQudraKE2ZUsL43AJwsrwVD8JIM4uUZOPT5_GS9gKLzR966Yc-ZY1U3rk2A9JkiewK7EFKlpYZRL3riemqDeJXio&google_hm=A8JaeH1epEWjjis_NRVLqhA

327 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
culturaenegocios.com.br/
Redirect Chain

http://culturaenegocios.com.br/
https://culturaenegocios.com.br/

354 KB
74 KB

648ms
211ms

Document
text/html

2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://culturaenegocios.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed / PHP/7.4.33

Resource Hash

51bb5e9c9ab236d913b1e569c57bf5244ba676060aed4878cb7a3cf322da4d2b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: no-cache
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Fri, 26 Jan 2024 04:38:46 GMT
last-modified: Thu, 25 Jan 2024 22:59:49 GMT
platform: hostinger
server: LiteSpeed
vary: Accept-Encoding,User-Agent
wpo-cache-status: cached
x-powered-by: PHP/7.4.33

Redirect headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-length: 707
content-security-policy: upgrade-insecure-requests
content-type: text/html
date: Fri, 26 Jan 2024 04:38:45 GMT
location: https://culturaenegocios.com.br/
platform: hostinger
server: LiteSpeed

GET
H2 200 wpo-minify-header-11b98ea7.css
culturaenegocios.com.br/wp-content/cache/wpo-minify/1705927335/assets/ 933 KB
120 KB 251ms
250ms Stylesheet
text/css 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://culturaenegocios.com.br/wp-content/cache/wpo-minify/1705927335/assets/wpo-minify-header-11b98ea7.css

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

e40c74195810fc027ed617f419a6c7ecf745d7fac0211355c663aa76ffbfcda0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 22 Jan 2024 12:43:16 GMT
server: LiteSpeed
etag: "e93b3-65ae62e4-d9ca312937513021;br"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 122537
expires: Fri, 02 Feb 2024 04:38:47 GMT

GET
H2 200 wpo-minify-header-f5440c18.min.js Show response
culturaenegocios.com.br/wp-content/cache/wpo-minify/1705927335/assets/ 99 KB
33 KB 446ms
446ms Script
application/x-javascript 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://culturaenegocios.com.br/wp-content/cache/wpo-minify/1705927335/assets/wpo-minify-header-f5440c18.min.js

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

732b75262f6c9b6d5a61da968e653880646b58cc1b25387b32badbe03881dfe1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 22 Jan 2024 12:42:25 GMT
server: LiteSpeed
etag: "18b11-65ae62b1-7cd3a25190e5d2d5;br"
vary: Accept-Encoding,User-Agent
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 33264
expires: Fri, 02 Feb 2024 04:38:47 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 271 KB
90 KB 187ms
56ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-PGDPR62NJV

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b5adc8e9ecc6cfdc2638cfcefe10069ef234758f2bebcf1170b48022b84696ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92337
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 26 Jan 2024 04:38:47 GMT

GET
H2 200 wpo-minify-header-364c062a.min.js Show response
culturaenegocios.com.br/wp-content/cache/wpo-minify/1705927335/assets/ 7 KB
2 KB 445ms
443ms Script
application/x-javascript 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://culturaenegocios.com.br/wp-content/cache/wpo-minify/1705927335/assets/wpo-minify-header-364c062a.min.js

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

ac1ccdef191ae6ed850944e58cedbdf3523e9e35719d1a4d48d4bde64ea35cc1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 22 Jan 2024 12:42:25 GMT
server: LiteSpeed
etag: "1c51-65ae62b1-e5563d0f776748a6;br"
vary: Accept-Encoding,User-Agent
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 2135
expires: Fri, 02 Feb 2024 04:38:47 GMT

GET
H2 200 icons.woff2
culturaenegocios.com.br/wp-content/themes/foxiz/assets/fonts/ 19 KB
19 KB 445ms
443ms Font
font/woff2 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://culturaenegocios.com.br/wp-content/themes/foxiz/assets/fonts/icons.woff2

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

ecd748f325fd55ed1fa4c542be8ed68543fd6040b65274ba0791ea0083e0521d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://culturaenegocios.com.br/
Origin: https://culturaenegocios.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 15 Aug 2023 04:49:02 GMT
server: LiteSpeed
etag: "4d84-64db03be-6171d59d1c77618c;;;"
vary: User-Agent
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 19844
expires: Fri, 02 Feb 2024 04:38:47 GMT

GET
H2 200 fa-brands-400.woff2
culturaenegocios.com.br/wp-content/themes/foxiz/assets/fonts/ 103 KB
103 KB 445ms
443ms Font
font/woff2 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://culturaenegocios.com.br/wp-content/themes/foxiz/assets/fonts/fa-brands-400.woff2

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

08243f694315efb6dc2fbf26e18f1f5dbc7ce85a3a435af204b2d1ff620feadb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://culturaenegocios.com.br/
Origin: https://culturaenegocios.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 15 Aug 2023 04:49:03 GMT
server: LiteSpeed
etag: "19c4c-64db03bf-f3156ddbc7cf45b1;;;"
vary: User-Agent
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 105548
expires: Fri, 02 Feb 2024 04:38:47 GMT

GET
H2 200 fa-regular-400.woff2
culturaenegocios.com.br/wp-content/themes/foxiz/assets/fonts/ 23 KB
23 KB 445ms
443ms Font
font/woff2 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://culturaenegocios.com.br/wp-content/themes/foxiz/assets/fonts/fa-regular-400.woff2

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

232e680dfd4b632013ac2648194e3a59c90dbcb13ae369f9fb04d5f0818068ff

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://culturaenegocios.com.br/
Origin: https://culturaenegocios.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 15 Aug 2023 04:49:03 GMT
server: LiteSpeed
etag: "5d80-64db03bf-84d6d2cadfa26786;;;"
vary: User-Agent
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 23936
expires: Fri, 02 Feb 2024 04:38:47 GMT

GET
H2 200 ccfe069e7d03090a85cb6e4872480d0c.js Show response
api.cazamba.com/ 289 B
748 B 197ms
20ms Script
text/javascript 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://api.cazamba.com/ccfe069e7d03090a85cb6e4872480d0c.js
Requested by: Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 1b16fdaf9e09eff3adb17a84bc7193f0fe02415e99015ce86b8a5b4bbd3dc853

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
x-amz-version-id: 4omna.6CdZxp8gDuRNvt6OvGxSYtKyyY
x-cf-tsc: 1703185765
x-cf3: H
x-amz-request-id: NNPTRA74SAYDEN3K
cf4ttl: 31096284.000
x-cf1: 34994:fE.fra2:co:nots:cacheN.fra2-01:M
x-cf-reqid: fa21261c5f906f75c15d577a766d7297
content-length: 289
x-amz-id-2: euojTfjFb7U3FNfKCRPKnjiS07e150BlQIKTWmJl/Ll/1iYtjkkyyPakdg6Pjee6YfVbQSG+crI=
x-cf2: H
last-modified: Thu, 15 Sep 2022 14:14:03 GMT
server: CFS 0215
x-cff: B
etag: "cf24e73b9a5a48f84805f38d0fc0eac7"
content-type: text/javascript
cache-control: max-age=31104000
cf4age: 7716
accept-ranges: bytes

GET
H2 200 container_ZAhWMzKS.js Show response
tagmanager.alright.network/manager/js/ 122 KB
28 KB 566ms
435ms Script
application/javascript 13.32.27.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagmanager.alright.network/manager/js/container_ZAhWMzKS.js
Requested by: Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-44.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: acbb8643d26f69f027556078933972caecf4a582b637b52c76cacbb28e48cc94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: EzjSuzF4Z0FYRQwWecfkKygNztbLRWHz
content-encoding: gzip
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
date: Fri, 26 Jan 2024 04:38:49 GMT
last-modified: Tue, 09 Jan 2024 19:51:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
etag: W/"dfcaa56fd7efc1194ca606591487a892"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-cf-id: ypLIQOShm6AdFGrlZaPnMm-fnHAgD13UvHXJMSggEoTu9tceN704IQ==

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 154 KB
51 KB 194ms
63ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2201480789139736&host=ca-host-pub-2644536267352236

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

382cb50f70c1645f5346e2e00cbbf8621d9540322e14d358b9d95762cc8a9b1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://culturaenegocios.com.br/
Origin: https://culturaenegocios.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51670
x-xss-protection: 0
server: cafe
etag: 3001038978581372871
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Fri, 26 Jan 2024 04:38:47 GMT

GET
H2 200 logo_cen-1.png
culturaenegocios.com.br/wp-content/uploads/2023/08/ 14 KB
15 KB 445ms
443ms Image
image/webp 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://culturaenegocios.com.br/wp-content/uploads/2023/08/logo_cen-1.png

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

ead4424b3efa3e99f5642344bc754e05e458b119e5da8d0b889246a20d990073

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 05 Oct 2023 11:09:45 GMT
server: LiteSpeed
x-wpo-webp: Redirected directly to existing webp
etag: "39c6-651e9979-a5d7353be6b37c02;;;"
vary: User-Agent,Accept
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 14790
expires: Fri, 02 Feb 2024 04:38:47 GMT

GET
H2 200 widget-mega-menu.min.css
culturaenegocios.com.br/wp-content/plugins/elementor-pro/assets/css/ 18 KB
3 KB 445ms
444ms Stylesheet
text/css 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://culturaenegocios.com.br/wp-content/plugins/elementor-pro/assets/css/widget-mega-menu.min.css

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

f807d9a89ecd158a9dadff3ad712a73891d8c79780027ea9238e619aa1dcfb05

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 02 Dec 2023 21:53:22 GMT
server: LiteSpeed
etag: "46d1-656ba752-34077e094efb2b52;br"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 2533
expires: Fri, 02 Feb 2024 04:38:47 GMT

GET
H2 200 widget-nav-menu.min.css
culturaenegocios.com.br/wp-content/plugins/elementor-pro/assets/css/ 26 KB
3 KB 445ms
444ms Stylesheet
text/css 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://culturaenegocios.com.br/wp-content/plugins/elementor-pro/assets/css/widget-nav-menu.min.css

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

0e00fc50fa3aa8468d95c215e39cc722e9e70fbdb8565c7b98c38633e51bdf7b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 02 Dec 2023 21:53:22 GMT
server: LiteSpeed
etag: "6760-656ba752-a6ef5a9ba28615b4;br"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 3085
expires: Fri, 02 Feb 2024 04:38:47 GMT

GET
H3 200 widget-icon-box.min.css
culturaenegocios.com.br/wp-content/plugins/elementor/assets/css/ 10 KB
980 B 210ms
209ms Stylesheet
text/css 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://culturaenegocios.com.br/wp-content/plugins/elementor/assets/css/widget-icon-box.min.css

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

3dba62d760768a577980a6abea886219a68630f3903bb43828ab1190245d83e9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 26 Dec 2023 19:50:33 GMT
server: LiteSpeed
etag: "2775-658b2e89-f867b27174bc29d3;br"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 634
expires: Fri, 02 Feb 2024 04:38:47 GMT

GET
H3 200 Andrea.jpeg
culturaenegocios.com.br/wp-content/uploads/2023/08/ 6 KB
6 KB 1011ms
1007ms Image
image/webp 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://culturaenegocios.com.br/wp-content/uploads/2023/08/Andrea.jpeg

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

711dc4cf38c714f3f9c8bfc94911ac6bb9b7800be18671cfe48d20eb71e0b4fa

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 05 Oct 2023 11:30:59 GMT
server: LiteSpeed
x-wpo-webp: Redirected directly to existing webp
etag: "173e-651e9e73-2c2552c3c907e318;;;"
vary: User-Agent,Accept
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 5950
expires: Fri, 02 Feb 2024 04:38:47 GMT

GET
H3 200 Ava-Galleria-Rio-scaled-400x400.jpg
culturaenegocios.com.br/wp-content/uploads/2023/08/ 28 KB
28 KB 1006ms
1002ms Image
image/jpeg 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://culturaenegocios.com.br/wp-content/uploads/2023/08/Ava-Galleria-Rio-scaled-400x400.jpg

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

9b96d4ce3e664745d660ea7e4b8c16b03479b28c144a0ddaecac33c732932403

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 19 Aug 2023 00:10:11 GMT
server: LiteSpeed
etag: "7115-64e00863-3f28b2e8afd8b5f2;;;"
vary: User-Agent,Accept
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 28949
expires: Fri, 02 Feb 2024 04:38:47 GMT

GET
H3 200 Bruna.jpg
culturaenegocios.com.br/wp-content/uploads/2023/08/ 8 KB
8 KB 1007ms
1003ms Image
image/webp 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://culturaenegocios.com.br/wp-content/uploads/2023/08/Bruna.jpg

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

69ba4a9ebe9e974e2d9ecfeb68ce23e8590c08a34317c033889327f7700e9c28

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 05 Oct 2023 11:20:10 GMT
server: LiteSpeed
x-wpo-webp: Redirected directly to existing webp
etag: "200a-651e9bea-177ef6864103c83d;;;"
vary: User-Agent,Accept
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 8202
expires: Fri, 02 Feb 2024 04:38:47 GMT

GET
H3 200 Flavio-scaled-400x400.jpg
culturaenegocios.com.br/wp-content/uploads/2023/08/ 54 KB
54 KB 1009ms
1005ms Image
image/jpeg 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://culturaenegocios.com.br/wp-content/uploads/2023/08/Flavio-scaled-400x400.jpg

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

c3bc00d3394f0c49f168c55e0f9ad71e0d630f64b9f6115720507dbca9a709bc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 19 Aug 2023 00:02:59 GMT
server: LiteSpeed
etag: "d61e-64e006b3-cbc0af9d50d7f237;;;"
vary: User-Agent,Accept
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 54814
expires: Fri, 02 Feb 2024 04:38:47 GMT

GET
H3 200 Janice-Mansur-scaled-400x400.jpg
culturaenegocios.com.br/wp-content/uploads/2023/08/ 48 KB
48 KB 1002ms
1000ms Image
image/jpeg 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://culturaenegocios.com.br/wp-content/uploads/2023/08/Janice-Mansur-scaled-400x400.jpg

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

b993c87cc8baa0ecebb84eed2a741b7f1bf5a63c28ea8aa34dcb56e279d88503

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 18 Aug 2023 23:48:44 GMT
server: LiteSpeed
etag: "bea5-64e0035c-87f7cdb9bd88c7e9;;;"
vary: User-Agent,Accept
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 48805
expires: Fri, 02 Feb 2024 04:38:47 GMT

GET
H3 200 cropped-marcelo-calone-jpeg-400x400.webp
culturaenegocios.com.br/wp-content/uploads/2023/09/ 7 KB
8 KB 1073ms
1072ms Image
image/webp 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://culturaenegocios.com.br/wp-content/uploads/2023/09/cropped-marcelo-calone-jpeg-400x400.webp

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

4e01bb5e958edd676c80c2ad11b169838972248d6f18f3e3b50b195e572f43e3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 01 Sep 2023 23:02:30 GMT
server: LiteSpeed
etag: "1dd6-64f26d86-2855e9da545f30bd;;;"
vary: User-Agent
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 7638
expires: Fri, 02 Feb 2024 04:38:47 GMT

GET
H3 200 Rafael-400x400.jpg
culturaenegocios.com.br/wp-content/uploads/2023/08/ 44 KB
44 KB 1077ms
1076ms Image
image/jpeg 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://culturaenegocios.com.br/wp-content/uploads/2023/08/Rafael-400x400.jpg

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

a9fa8fd3249847facca86a2268daac86e0d8d55cc14836405fd4075adf709231

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 19 Aug 2023 00:02:57 GMT
server: LiteSpeed
etag: "afb7-64e006b1-b0dd05a7e95c61a9;;;"
vary: User-Agent,Accept
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 44983
expires: Fri, 02 Feb 2024 04:38:47 GMT

GET
H3 200 Wanderlino.jpg
culturaenegocios.com.br/wp-content/uploads/2023/08/ 10 KB
10 KB 1079ms
1077ms Image
image/webp 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://culturaenegocios.com.br/wp-content/uploads/2023/08/Wanderlino.jpg

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

5262b331c58e8e222309f0cdccacf815cece838ba18d388f80a9ffc9091526a8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 05 Oct 2023 11:30:50 GMT
server: LiteSpeed
x-wpo-webp: Redirected directly to existing webp
etag: "264e-651e9e6a-29c5ac86f8c8b7ea;;;"
vary: User-Agent,Accept
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 9806
expires: Fri, 02 Feb 2024 04:38:47 GMT

GET
H3 200 6f56c313-5a75-42c5-bc8e-7995eb013438-615x410.webp
culturaenegocios.com.br/wp-content/uploads/2024/01/ 27 KB
27 KB 1081ms
1079ms Image
image/webp 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://culturaenegocios.com.br/wp-content/uploads/2024/01/6f56c313-5a75-42c5-bc8e-7995eb013438-615x410.webp

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

0d182aed3bae0ef58fe3f925ddcb190fe23ba30df7076183b6d0bedbd3648ed8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 25 Jan 2024 12:49:37 GMT
server: LiteSpeed
etag: "6a34-65b258e1-9d7287c103c012b6;;;"
vary: User-Agent
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 27188
expires: Fri, 02 Feb 2024 04:38:47 GMT

GET
H3 200 Imprensa-Espac-807oGalinha-420x280.webp
culturaenegocios.com.br/wp-content/uploads/2024/01/ 17 KB
17 KB 1298ms
1297ms Image
image/webp 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://culturaenegocios.com.br/wp-content/uploads/2024/01/Imprensa-Espac-807oGalinha-420x280.webp

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

3787a3f925b5a58461468104b9606e1b9f0bb63837408a47d98a09b41c7ebc87

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 25 Jan 2024 16:50:36 GMT
server: LiteSpeed
etag: "4292-65b2915c-38ccbe89c283f34f;;;"
vary: User-Agent
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 17042
expires: Fri, 02 Feb 2024 04:38:47 GMT

GET
H3 200 4vvsyn7ufji16ml_wp-420x280.webp
culturaenegocios.com.br/wp-content/uploads/2024/01/ 5 KB
5 KB 1299ms
1297ms Image
image/webp 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://culturaenegocios.com.br/wp-content/uploads/2024/01/4vvsyn7ufji16ml_wp-420x280.webp

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

9a332bbf7f14b823d7c93ac65129a70996084d5a735a576d84271f04516cd8c1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 25 Jan 2024 14:38:27 GMT
server: LiteSpeed
etag: "1544-65b27263-c7dcbb59665931ec;;;"
vary: User-Agent
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 5444
expires: Fri, 02 Feb 2024 04:38:47 GMT

GET
H3 200 4146-2-Copy-12-420x280.webp
culturaenegocios.com.br/wp-content/uploads/2024/01/ 14 KB
14 KB 1085ms
1084ms Image
image/webp 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://culturaenegocios.com.br/wp-content/uploads/2024/01/4146-2-Copy-12-420x280.webp

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

301df82c6133337ceef6f8ca86a6df57f7a57fc44963a2cd93c7ad881a7f2273

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 24 Jan 2024 15:32:08 GMT
server: LiteSpeed
etag: "3782-65b12d78-56976972609d9765;;;"
vary: User-Agent
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 14210
expires: Fri, 02 Feb 2024 04:38:47 GMT

GET
H3 200 1024px-LG%EC%A0%84%EC%9E%90_%EC%84%B8%EA%B3%84_%EC%B5%9C%EC%B4%88_%ED%92%80Full_LED_3D_TV_%EC%B6%9C%EC%8B%9C-420x280.webp
culturaenegocios.com.br/wp-content/uploads/2024/01/ 27 KB
27 KB 1086ms
1085ms Image
image/webp 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://culturaenegocios.com.br/wp-content/uploads/2024/01/1024px-LG%EC%A0%84%EC%9E%90_%EC%84%B8%EA%B3%84_%EC%B5%9C%EC%B4%88_%ED%92%80Full_LED_3D_TV_%EC%B6%9C%EC%8B%9C-420x280.webp

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

9be16cdb6ee566ed7d213e0c5ecafe1a44d4d8f3094e6d7df27d5f945e2e8415

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 25 Jan 2024 00:52:07 GMT
server: LiteSpeed
etag: "6c0a-65b1b0b7-d6a3361628b5a5cc;;;"
vary: User-Agent
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 27658
expires: Fri, 02 Feb 2024 04:38:47 GMT

GET
H3 200 WhatsApp-Image-2024-01-23-at-10.21.11-Copy-420x280.webp
culturaenegocios.com.br/wp-content/uploads/2024/01/ 27 KB
27 KB 1088ms
1087ms Image
image/webp 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://culturaenegocios.com.br/wp-content/uploads/2024/01/WhatsApp-Image-2024-01-23-at-10.21.11-Copy-420x280.webp

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

b68164dddf0c657aa05822fddf6d9f7dd9480d3ac18a18c7cdc5b047751e9516

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 23 Jan 2024 14:41:35 GMT
server: LiteSpeed
etag: "6a56-65afd01f-e9e0690f05cf27b1;;;"
vary: User-Agent
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 27222
expires: Fri, 02 Feb 2024 04:38:47 GMT

GET
H3 200 Bacarelli-serginho-Copy-420x280.webp
culturaenegocios.com.br/wp-content/uploads/2024/01/ 21 KB
21 KB 1089ms
1087ms Image
image/webp 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://culturaenegocios.com.br/wp-content/uploads/2024/01/Bacarelli-serginho-Copy-420x280.webp

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

1cc53f6ffc90f3b6b51a34bf9feb6e4e164cd53ffd4c97d494dcd8d766b2c0e9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 22 Jan 2024 19:08:28 GMT
server: LiteSpeed
etag: "535c-65aebd2c-e203dac8aef523d2;;;"
vary: User-Agent
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 21340
expires: Fri, 02 Feb 2024 04:38:47 GMT

GET
H2 400 css2
fonts.googleapis.com/ 0
0 162ms
29ms Stylesheet
text/html 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.googleapis.com/css2?family=Oxygen:ital,wght@0,0,4000,700;0,400;0,700;1,400;1,700&family=Encode+Sans+Condensed:ital,wght@0,0,4000,5000,6000,7000,8000,1001,1000,2001,2000,3001,3000,4001,4000,5001,5000,6001,6000,7001,7000,8001,8000,9001,900&family=Roboto:ital,wght@0,0,1001,1000,2001,2000,3001,3000,4001,4000,5001,5000,6001,6000,7001,7000,8001,8000,9001,900&family=Roboto+Slab:ital,wght@0,0,1001,1000,2001,2000,3001,3000,4001,4000,5001,5000,6001,6000,7001,7000,8001,8000,9001,900;0,400;0,700;1,400;1,700&family=Abril+FatFace:ital,wght@0,400;0,700;1,400;1,700&family=Alegreya:ital,wght@0,400;0,700;1,400;1,700&family=Alegreya+Sans:ital,wght@0,400;0,700;1,400;1,700&family=Amatic+SC:ital,wght@0,400;0,700;1,400;1,700&family=Anonymous+Pro:ital,wght@0,400;0,700;1,400;1,700&family=Architects+Daughter:ital,wght@0,400;0,700;1,400;1,700&family=Archivo:ital,wght@0,400;0,700;1,400;1,700&family=Archivo+Narrow:ital,wght@0,400;0,700;1,400;1,700&family=Asap:ital,wght@0,400;0,700;1,400;1,700&family=Barlow:ital,wght@0,400;0,700;1,400;1,700&family=BioRhyme:ital,wght@0,400;0,700;1,400;1,700&family=Bonbon:ital,wght@0,400;0,700;1,400;1,700&family=Cabin:ital,wght@0,400;0,700;1,400;1,700&family=Cairo:ital,wght@0,400;0,700;1,400;1,700&family=Cardo:ital,wght@0,400;0,700;1,400;1,700&family=Chivo:ital,wght@0,400;0,700;1,400;1,700&family=Concert+One:ital,wght@0,400;0,700;1,400;1,700&family=Cormorant:ital,wght@0,400;0,700;1,400;1,700&family=Crimson+Text:ital,wght@0,400;0,700;1,400;1,700&family=Eczar:ital,wght@0,400;0,700;1,400;1,700&family=Exo+2:ital,wght@0,400;0,700;1,400;1,700&family=Fira+Sans:ital,wght@0,400;0,700;1,400;1,700&family=Fjalla+One:ital,wght@0,400;0,700;1,400;1,700&family=Frank+Ruhl+Libre:ital,wght@0,400;0,700;1,400;1,700&family=Great+Vibes:ital,wght@0,400;0,700;1,400;1,700&family=Heebo:ital,wght@0,400;0,700;1,400;1,700&family=IBM+Plex:ital,wght@0,400;0,700;1,400;1,700&family=Inconsolata:ital,wght@0,400;0,700;1,400;1,700&family=Indie+Flower:ital,wght@0,400;0,700;1,400;1,700&family=Inknut+Antiqua:ital,wght@0,400;0,700;1,400;1,700&family=Inter:ital,wght@0,400;0,700;1,400;1,700&family=Karla:ital,wght@0,400;0,700;1,400;1,700&family=Libre+Baskerville:ital,wght@0,400;0,700;1,400;1,700&family=Libre+Franklin:ital,wght@0,400;0,700;1,400;1,700&family=Montserrat:ital,wght@0,400;0,700;1,400;1,700&family=Neuton:ital,wght@0,400;0,700;1,400;1,700&family=Notable:ital,wght@0,400;0,700;1,400;1,700&family=Nothing+You+Could+Do:ital,wght@0,400;0,700;1,400;1,700&family=Noto+Sans:ital,wght@0,400;0,700;1,400;1,700&family=Nunito:ital,wght@0,400;0,700;1,400;1,700&family=Old+Standard+TT:ital,wght@0,400;0,700;1,400;1,700&family=Pacifico:ital,wght@0,400;0,700;1,400;1,700&family=Poppins:ital,wght@0,400;0,700;1,400;1,700&family=Proza+Libre:ital,wght@0,400;0,700;1,400;1,700&family=PT+Sans:ital,wght@0,400;0,700;1,400;1,700&family=PT+Serif:ital,wght@0,400;0,700;1,400;1,700&family=Rakkas:ital,wght@0,400;0,700;1,400;1,700&family=Reenie+Beanie:ital,wght@0,400;0,700;1,400;1,700&family=Ropa+Sans:ital,wght@0,400;0,700;1,400;1,700&family=Rubik:ital,wght@0,400;0,700;1,400;1,700&family=Shadows+Into+Light:ital,wght@0,400;0,700;1,400;1,700&family=Space+Mono:ital,wght@0,400;0,700;1,400;1,700&family=Spectral:ital,wght@0,400;0,700;1,400;1,700&family=Sue+Ellen+Francisco:ital,wght@0,400;0,700;1,400;1,700&family=Titillium+Web:ital,wght@0,400;0,700;1,400;1,700&family=Ubuntu:ital,wght@0,400;0,700;1,400;1,700&family=Varela:ital,wght@0,400;0,700;1,400;1,700&family=Vollkorn:ital,wght@0,400;0,700;1,400;1,700&family=Work+Sans:ital,wght@0,400;0,700;1,400;1,700&family=Yatra+One:ital,wght@0,400;0,700;1,400;1,700&display=swap
Requested by: Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 200 wpo-minify-footer-673c29ee.css
culturaenegocios.com.br/wp-content/cache/wpo-minify/1705927335/assets/ 102 KB
12 KB 215ms
211ms Stylesheet
text/css 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://culturaenegocios.com.br/wp-content/cache/wpo-minify/1705927335/assets/wpo-minify-footer-673c29ee.css

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

f2675ad8282efdc61e3a2f79f7faa7f46b091416ba2e116e809bfd89a61e6f89

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 22 Jan 2024 12:42:35 GMT
server: LiteSpeed
etag: "19977-65ae62bb-3d5b39a7b69d30dc;br"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 12704
expires: Fri, 02 Feb 2024 04:38:47 GMT

GET
H3 200 wpo-minify-footer-50e80d8f.min.js Show response
culturaenegocios.com.br/wp-content/cache/wpo-minify/1705927335/assets/ 29 KB
8 KB 222ms
219ms Script
application/x-javascript 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://culturaenegocios.com.br/wp-content/cache/wpo-minify/1705927335/assets/wpo-minify-footer-50e80d8f.min.js

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

3acf801d7e025affdc1c3bb87dd001f915cd7be288b620136ee23d5b01ead2ab

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 22 Jan 2024 12:42:34 GMT
server: LiteSpeed
etag: "7345-65ae62ba-26824c6094c6aa50;br"
vary: Accept-Encoding,User-Agent
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 8437
expires: Fri, 02 Feb 2024 04:38:47 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 165ms
33ms Script
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LcRTuknAAAAAIx4BmFagOOKfXNE1xclbyyn-RG3&ver=3.0

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e29df730abe9196cc3a37ea024a29dc6ce653e1af49d9e25738c037da92471ea

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Fri, 26 Jan 2024 04:38:47 GMT

GET
H3 200 wpo-minify-footer-a2aa4b0a.min.js Show response
culturaenegocios.com.br/wp-content/cache/wpo-minify/1705927335/assets/ 364 KB
96 KB 238ms
234ms Script
application/x-javascript 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://culturaenegocios.com.br/wp-content/cache/wpo-minify/1705927335/assets/wpo-minify-footer-a2aa4b0a.min.js

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

05101233996976df686804f7c0c0160df612874b7ee3936e4497bfd0430da3c6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 22 Jan 2024 12:42:37 GMT
server: LiteSpeed
etag: "5b161-65ae62bd-ea90a3e98389264a;br"
vary: Accept-Encoding,User-Agent
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 98007
expires: Fri, 02 Feb 2024 04:38:47 GMT

GET
H2 404 OneSignalSDK.js'%20async='async
cdn.onesignal.com/sdks/ 0
0 159ms
29ms Script
text/plain 2606:4700::6812:d63b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js'%20async='async
Requested by: Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 200 wpo-minify-footer-2ff1053e.min.js Show response
culturaenegocios.com.br/wp-content/cache/wpo-minify/1705927335/assets/ 25 KB
7 KB 860ms
857ms Script
application/x-javascript 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://culturaenegocios.com.br/wp-content/cache/wpo-minify/1705927335/assets/wpo-minify-footer-2ff1053e.min.js

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

60dda3ddd37349ab42872b830eeffca018645eb078f83fabb006e9c52c92b27d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 22 Jan 2024 12:42:35 GMT
server: LiteSpeed
etag: "6276-65ae62bb-9d264dd52e6d0cf4;br"
vary: Accept-Encoding,User-Agent
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 6860
expires: Fri, 02 Feb 2024 04:38:47 GMT

GET
H3 200 wpstory-premium.js Show response
culturaenegocios.com.br/wp-content/plugins/wp-story-premium/dist/ 269 KB
47 KB 867ms
864ms Script
application/x-javascript 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://culturaenegocios.com.br/wp-content/plugins/wp-story-premium/dist/wpstory-premium.js

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

a1802a4b2216fe6c8b785985958abce268da73b80d9e07976d1c589782699ed2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 02 Sep 2023 00:58:35 GMT
server: LiteSpeed
etag: "433fe-64f288bb-b9ef69a7476e6bfa;br"
vary: Accept-Encoding,User-Agent
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 47825
expires: Fri, 02 Feb 2024 04:38:47 GMT

GET
H3 200 wpo-minify-footer-70bf3b61.min.js Show response
culturaenegocios.com.br/wp-content/cache/wpo-minify/1705927335/assets/ 191 KB
51 KB 912ms
909ms Script
application/x-javascript 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://culturaenegocios.com.br/wp-content/cache/wpo-minify/1705927335/assets/wpo-minify-footer-70bf3b61.min.js

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

7fe6a0c5d89bf3468665c1f8505dd240b2a206fb017c6307050fb5d06bae554e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 22 Jan 2024 12:42:37 GMT
server: LiteSpeed
etag: "2fd1b-65ae62bd-d7523542c30a6c0f;br"
vary: Accept-Encoding,User-Agent
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 51938
expires: Fri, 02 Feb 2024 04:38:47 GMT

GET
H3 200 wpo-minify-footer-0799197b.min.js Show response
culturaenegocios.com.br/wp-content/cache/wpo-minify/1705927335/assets/ 57 KB
15 KB 960ms
958ms Script
application/x-javascript 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://culturaenegocios.com.br/wp-content/cache/wpo-minify/1705927335/assets/wpo-minify-footer-0799197b.min.js

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

2ab20a8e22e5716e2dec84a9aa405a020218b14b14f6fb0062aa768aa071de42

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 22 Jan 2024 12:42:35 GMT
server: LiteSpeed
etag: "e3d3-65ae62bb-7b13b4983e8bb378;br"
vary: Accept-Encoding,User-Agent
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 15629
expires: Fri, 02 Feb 2024 04:38:47 GMT

GET
H3 200 wpo-minify-footer-9b0926e9.min.js Show response
culturaenegocios.com.br/wp-content/cache/wpo-minify/1705927335/assets/ 99 KB
28 KB 976ms
973ms Script
application/x-javascript 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://culturaenegocios.com.br/wp-content/cache/wpo-minify/1705927335/assets/wpo-minify-footer-9b0926e9.min.js

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

7c57b9fef16df201c36dd9a0d23c665f90b35139cf1f036df3b88118bb4289f2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 22 Jan 2024 12:42:35 GMT
server: LiteSpeed
etag: "18a14-65ae62bb-ee0605bb42aa08d3;br"
vary: Accept-Encoding,User-Agent
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 28203
expires: Fri, 02 Feb 2024 04:38:47 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 115 KB
44 KB 160ms
31ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T7Q7RRH

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c9e20984b9640c71e718448e62006c94124cfd1dfc4aa60e14f65de4062f0a28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44776
x-xss-protection: 0
last-modified: Fri, 26 Jan 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 26 Jan 2024 04:38:47 GMT

GET
H2 200 j8_46_LD37rqfuwxyIuaZhE6cRXOLtm2gfT-WYuZAC4ICHiYFQ.woff2
fonts.gstatic.com/s/encodesanscondensed/v10/ 15 KB
15 KB 156ms
38ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/encodesanscondensed/v10/j8_46_LD37rqfuwxyIuaZhE6cRXOLtm2gfT-WYuZAC4ICHiYFQ.woff2

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/wp-content/cache/wpo-minify/1705927335/assets/wpo-minify-header-11b98ea7.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a665adbe3c3106124401f33260554ace0c34e173e76e1155dbde0dab3def34ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://culturaenegocios.com.br/
Origin: https://culturaenegocios.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:34:33 GMT
x-content-type-options: nosniff
age: 191054
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15264
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:47:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jan 2025 23:34:33 GMT

GET
H2 200 2sDfZG1Wl4LcnbuKjk0mRUe0Aw.woff2
fonts.gstatic.com/s/oxygen/v15/ 10 KB
10 KB 143ms
25ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oxygen/v15/2sDfZG1Wl4LcnbuKjk0mRUe0Aw.woff2

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/wp-content/cache/wpo-minify/1705927335/assets/wpo-minify-header-11b98ea7.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e1728a836098740c93e33c980cbad16eafdca91c3cc4e94d6de2390fd344b1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://culturaenegocios.com.br/
Origin: https://culturaenegocios.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:34:33 GMT
x-content-type-options: nosniff
age: 191054
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10380
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:34:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jan 2025 23:34:33 GMT

GET
H3 200 fa-brands-400.woff2
culturaenegocios.com.br/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 75 KB
75 KB 259ms
259ms Font
font/woff2 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://culturaenegocios.com.br/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/wp-content/cache/wpo-minify/1705927335/assets/wpo-minify-header-11b98ea7.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://culturaenegocios.com.br/wp-content/cache/wpo-minify/1705927335/assets/wpo-minify-header-11b98ea7.css
Origin: https://culturaenegocios.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 26 Dec 2023 19:50:33 GMT
server: LiteSpeed
etag: "12bdc-658b2e89-571a34c2a0c413c9;;;"
vary: User-Agent
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 76764
expires: Fri, 02 Feb 2024 04:38:47 GMT

GET
H2 200 j8_16_LD37rqfuwxyIuaZhE6cRXOLtm2gfT2hq-MLQwFIg.woff2
fonts.gstatic.com/s/encodesanscondensed/v10/ 15 KB
15 KB 161ms
44ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/encodesanscondensed/v10/j8_16_LD37rqfuwxyIuaZhE6cRXOLtm2gfT2hq-MLQwFIg.woff2

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/wp-content/cache/wpo-minify/1705927335/assets/wpo-minify-header-11b98ea7.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0035ea54756f3d0680a0f9776c34da4fe9510cf3a6e191a95c93c6288ea39764

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://culturaenegocios.com.br/
Origin: https://culturaenegocios.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 08:54:35 GMT
x-content-type-options: nosniff
age: 243852
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15224
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:47:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jan 2025 08:54:35 GMT

GET
H2 200 j8_46_LD37rqfuwxyIuaZhE6cRXOLtm2gfT-PYqZAC4ICHiYFQ.woff2
fonts.gstatic.com/s/encodesanscondensed/v10/ 15 KB
16 KB 137ms
20ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/encodesanscondensed/v10/j8_46_LD37rqfuwxyIuaZhE6cRXOLtm2gfT-PYqZAC4ICHiYFQ.woff2

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/wp-content/cache/wpo-minify/1705927335/assets/wpo-minify-header-11b98ea7.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39511c4e8ab4f29242e08ce365761949e1682d84cef1e8af762949fef28be382

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://culturaenegocios.com.br/
Origin: https://culturaenegocios.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 07:16:17 GMT
x-content-type-options: nosniff
age: 249750
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15364
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:47:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jan 2025 07:16:17 GMT

GET
H3 200 fa-solid-900.woff2
culturaenegocios.com.br/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 76 KB
77 KB 290ms
290ms Font
font/woff2 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://culturaenegocios.com.br/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/wp-content/cache/wpo-minify/1705927335/assets/wpo-minify-header-11b98ea7.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://culturaenegocios.com.br/wp-content/cache/wpo-minify/1705927335/assets/wpo-minify-header-11b98ea7.css
Origin: https://culturaenegocios.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 26 Dec 2023 19:50:33 GMT
server: LiteSpeed
etag: "13174-658b2e89-9eb91f356080f927;;;"
vary: User-Agent
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 78196
expires: Fri, 02 Feb 2024 04:38:47 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 271 KB
90 KB 40ms
36ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-PGDPR62NJV&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T7Q7RRH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c7f7495df9a3d4a70ee398722db2472f82f73655effc924aa31421109936e9fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92396
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 26 Jan 2024 04:38:47 GMT

GET
H2 200 czmb.min.js Show response
api.cazamba.com/common/ 105 KB
106 KB 21ms
21ms Script
application/javascript 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://api.cazamba.com/common/czmb.min.js
Requested by: Host: api.cazamba.com
URL: https://api.cazamba.com/ccfe069e7d03090a85cb6e4872480d0c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 320d8033b4dc2535005db35ed05a86cb63b0df0526f9f6dfa259abc071211c2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
x-amz-version-id: VqCIYLFA9K3Y98t7mA4Tr4UkJwF3jmzR
x-cf-tsc: 1706109965
x-cf3: M
x-amz-request-id: C61NVM7XG71XX6YS
cf4ttl: 315360000.000
x-cf1: 34994:fE.fra2:co:nots:cacheN.fra2-01:H
x-cf-reqid: bed116a043dfa0630936f81a400be085
content-length: 107951
x-amz-id-2: jpQZYnrjcclhKAoF2Xn0hF4gcr2fGwnvT73XJQDqj3Tiwziiji1k/a946x+jyYcNSjOj84YihG4=
x-cf2: H
last-modified: Tue, 23 Feb 2021 19:11:35 GMT
server: CFS 0215
x-cff: B
etag: "fd80cc799e36e281e75205cb74648bb1"
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000, no-transform, public
cf4age: 0
accept-ranges: bytes

GET
H3 200 Andrea.jpeg
culturaenegocios.com.br/wp-content/uploads/2023/08/ 6 KB
6 KB 875ms
875ms Image
image/webp 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://culturaenegocios.com.br/wp-content/uploads/2023/08/Andrea.jpeg

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

711dc4cf38c714f3f9c8bfc94911ac6bb9b7800be18671cfe48d20eb71e0b4fa

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 05 Oct 2023 11:30:59 GMT
server: LiteSpeed
x-wpo-webp: Redirected directly to existing webp
etag: "173e-651e9e73-2c2552c3c907e318;;;"
vary: User-Agent,Accept
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 5950
expires: Fri, 02 Feb 2024 04:38:47 GMT

GET
H3 200 Ava-Galleria-Rio-scaled-400x400.jpg
culturaenegocios.com.br/wp-content/uploads/2023/08/ 28 KB
28 KB 875ms
874ms Image
image/jpeg 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://culturaenegocios.com.br/wp-content/uploads/2023/08/Ava-Galleria-Rio-scaled-400x400.jpg

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

9b96d4ce3e664745d660ea7e4b8c16b03479b28c144a0ddaecac33c732932403

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 19 Aug 2023 00:10:11 GMT
server: LiteSpeed
etag: "7115-64e00863-3f28b2e8afd8b5f2;;;"
vary: User-Agent,Accept
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 28949
expires: Fri, 02 Feb 2024 04:38:47 GMT

GET
H3 200 Bruna.jpg
culturaenegocios.com.br/wp-content/uploads/2023/08/ 8 KB
8 KB 881ms
880ms Image
image/webp 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://culturaenegocios.com.br/wp-content/uploads/2023/08/Bruna.jpg

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

69ba4a9ebe9e974e2d9ecfeb68ce23e8590c08a34317c033889327f7700e9c28

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 05 Oct 2023 11:20:10 GMT
server: LiteSpeed
x-wpo-webp: Redirected directly to existing webp
etag: "200a-651e9bea-177ef6864103c83d;;;"
vary: User-Agent,Accept
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 8202
expires: Fri, 02 Feb 2024 04:38:47 GMT

GET
H3 200 Flavio-scaled-400x400.jpg
culturaenegocios.com.br/wp-content/uploads/2023/08/ 54 KB
54 KB 876ms
875ms Image
image/jpeg 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://culturaenegocios.com.br/wp-content/uploads/2023/08/Flavio-scaled-400x400.jpg

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

c3bc00d3394f0c49f168c55e0f9ad71e0d630f64b9f6115720507dbca9a709bc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 19 Aug 2023 00:02:59 GMT
server: LiteSpeed
etag: "d61e-64e006b3-cbc0af9d50d7f237;;;"
vary: User-Agent,Accept
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 54814
expires: Fri, 02 Feb 2024 04:38:47 GMT

GET
H3 200 Janice-Mansur-scaled-400x400.jpg
culturaenegocios.com.br/wp-content/uploads/2023/08/ 48 KB
48 KB 876ms
875ms Image
image/jpeg 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://culturaenegocios.com.br/wp-content/uploads/2023/08/Janice-Mansur-scaled-400x400.jpg

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

b993c87cc8baa0ecebb84eed2a741b7f1bf5a63c28ea8aa34dcb56e279d88503

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 18 Aug 2023 23:48:44 GMT
server: LiteSpeed
etag: "bea5-64e0035c-87f7cdb9bd88c7e9;;;"
vary: User-Agent,Accept
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 48805
expires: Fri, 02 Feb 2024 04:38:47 GMT

GET
H3 200 cropped-marcelo-calone-jpeg-400x400.webp
culturaenegocios.com.br/wp-content/uploads/2023/09/ 7 KB
8 KB 877ms
876ms Image
image/webp 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://culturaenegocios.com.br/wp-content/uploads/2023/09/cropped-marcelo-calone-jpeg-400x400.webp

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

4e01bb5e958edd676c80c2ad11b169838972248d6f18f3e3b50b195e572f43e3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 01 Sep 2023 23:02:30 GMT
server: LiteSpeed
etag: "1dd6-64f26d86-2855e9da545f30bd;;;"
vary: User-Agent
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 7638
expires: Fri, 02 Feb 2024 04:38:47 GMT

GET
H3 200 Rafael-400x400.jpg
culturaenegocios.com.br/wp-content/uploads/2023/08/ 44 KB
44 KB 877ms
877ms Image
image/jpeg 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://culturaenegocios.com.br/wp-content/uploads/2023/08/Rafael-400x400.jpg

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

a9fa8fd3249847facca86a2268daac86e0d8d55cc14836405fd4075adf709231

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 19 Aug 2023 00:02:57 GMT
server: LiteSpeed
etag: "afb7-64e006b1-b0dd05a7e95c61a9;;;"
vary: User-Agent,Accept
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 44983
expires: Fri, 02 Feb 2024 04:38:47 GMT

GET
H3 200 Wanderlino.jpg
culturaenegocios.com.br/wp-content/uploads/2023/08/ 10 KB
10 KB 883ms
882ms Image
image/webp 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://culturaenegocios.com.br/wp-content/uploads/2023/08/Wanderlino.jpg

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

5262b331c58e8e222309f0cdccacf815cece838ba18d388f80a9ffc9091526a8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 05 Oct 2023 11:30:50 GMT
server: LiteSpeed
x-wpo-webp: Redirected directly to existing webp
etag: "264e-651e9e6a-29c5ac86f8c8b7ea;;;"
vary: User-Agent,Accept
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 9806
expires: Fri, 02 Feb 2024 04:38:47 GMT

GET
H2 200 de5ce16de08ad5c881b57d5570a320b0.js Show response
scripts.cleverwebserver.com/ 128 KB
47 KB 263ms
213ms Script
application/javascript 2606:4700:4400::ac40:919c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.cleverwebserver.com/de5ce16de08ad5c881b57d5570a320b0.js
Requested by: Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:919c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a728f2b8fc5449a2dbce48f9090fa4600eabd540dae4da882f369a27601d5d8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:48 GMT
x-amz-version-id: eCSKrDnD.R0Us7yF1SbqSP6fCcXmhJ.4
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 23 Nov 2023 12:27:04 GMT
server: cloudflare
x-amz-request-id: ZZGG59GQNBCZESQP
etag: W/"39860fdb69bf1bf508493cd173091a02"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1800
cf-ray: 84b611856821693a-FRA
x-amz-id-2: Q+k6LKoReaNwwoN9e4Dg6/Cle/J3AJctBa7eK3gCJP8zUTrsjo45cq39SSRC0VUibPYXKnET6VM=
expires: Fri, 26 Jan 2024 05:08:48 GMT

GET
H2 200 2sDcZG1Wl4LcnbuCNWgzaGW5Kb8VZA.woff2
fonts.gstatic.com/s/oxygen/v15/ 10 KB
10 KB 20ms
19ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oxygen/v15/2sDcZG1Wl4LcnbuCNWgzaGW5Kb8VZA.woff2

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/wp-content/cache/wpo-minify/1705927335/assets/wpo-minify-header-11b98ea7.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f7246e174f919bd7db2e2f9ec15a58b3022bf3320ff39f1fb4dffde15a17d63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://culturaenegocios.com.br/
Origin: https://culturaenegocios.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:37:09 GMT
x-content-type-options: nosniff
age: 190898
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10336
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:30:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jan 2025 23:37:09 GMT

GET
H3 200 f5f99db4-eebe-47a8-ab4d-de6e544652e7-330x220.png
culturaenegocios.com.br/wp-content/uploads/2024/01/ 20 KB
20 KB 844ms
844ms Image
image/webp 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://culturaenegocios.com.br/wp-content/uploads/2024/01/f5f99db4-eebe-47a8-ab4d-de6e544652e7-330x220.png

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

af53d67309b2851978e9737bef211932cb672ddc2b752accc20fd60bab0a3c54

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 23 Jan 2024 17:31:42 GMT
server: LiteSpeed
x-wpo-webp: Redirected directly to existing webp
etag: "4f42-65aff7fe-b7ab8dcd3fd84361;;;"
vary: User-Agent,Accept
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 20290
expires: Fri, 02 Feb 2024 04:38:47 GMT

GET
H3 200 WhatsApp-Image-2024-01-12-at-17.48.07-330x220.webp
culturaenegocios.com.br/wp-content/uploads/2024/01/ 35 KB
35 KB 858ms
854ms Image
image/webp 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://culturaenegocios.com.br/wp-content/uploads/2024/01/WhatsApp-Image-2024-01-12-at-17.48.07-330x220.webp

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

bfd73f7e504110ae16bceb8df4ba8caa4853de4be186dcd36dc27d2b52cd7ec2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 22 Jan 2024 12:27:40 GMT
server: LiteSpeed
etag: "8cf4-65ae5f3c-cc197d2f52dd23c9;;;"
vary: User-Agent
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 36084
expires: Fri, 02 Feb 2024 04:38:47 GMT

GET
H3 200 t_Zeca_FtGutoCosta_0253-330x220.webp
culturaenegocios.com.br/wp-content/uploads/2024/01/ 21 KB
21 KB 860ms
855ms Image
image/webp 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://culturaenegocios.com.br/wp-content/uploads/2024/01/t_Zeca_FtGutoCosta_0253-330x220.webp

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

2c123f88fc69b6e13163d65176c8b2499db472d0b5c310ac04b5a7be06fe6e07

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sun, 21 Jan 2024 23:45:11 GMT
server: LiteSpeed
etag: "52b2-65adac87-f06c34bbf3349b62;;;"
vary: User-Agent
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 21170
expires: Fri, 02 Feb 2024 04:38:47 GMT

GET
H3 200 WhatsApp-Image-2024-01-25-at-09.53.38-330x220.webp
culturaenegocios.com.br/wp-content/uploads/2024/01/ 9 KB
9 KB 846ms
842ms Image
image/webp 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://culturaenegocios.com.br/wp-content/uploads/2024/01/WhatsApp-Image-2024-01-25-at-09.53.38-330x220.webp

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

4b1c290d91511a25fb038a2ea4eaa79e9bac4eff430aa0df5fc4544e6536787c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 25 Jan 2024 13:04:57 GMT
server: LiteSpeed
etag: "22fc-65b25c79-631876be43e848c;;;"
vary: User-Agent
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 8956
expires: Fri, 02 Feb 2024 04:38:47 GMT

GET
H3 200 WhatsApp-Image-2024-01-24-at-12.09.19-330x220.webp
culturaenegocios.com.br/wp-content/uploads/2024/01/ 6 KB
6 KB 848ms
844ms Image
image/webp 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://culturaenegocios.com.br/wp-content/uploads/2024/01/WhatsApp-Image-2024-01-24-at-12.09.19-330x220.webp

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

82000b14473393ec1ec4fabe4761d63136347422ca73e1f29f2a5844d8775d80

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 24 Jan 2024 16:13:36 GMT
server: LiteSpeed
etag: "18ea-65b13730-8f792da2d25ff4b9;;;"
vary: User-Agent
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 6378
expires: Fri, 02 Feb 2024 04:38:47 GMT

GET
H3 200 image2-330x220.webp
culturaenegocios.com.br/wp-content/uploads/2024/01/ 6 KB
6 KB 860ms
856ms Image
image/webp 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://culturaenegocios.com.br/wp-content/uploads/2024/01/image2-330x220.webp

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

2ff6f729a6a68de8245d283387175ad848f5f49eaf1b8b80a4abefa5ef90ade9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 23 Jan 2024 17:49:28 GMT
server: LiteSpeed
etag: "17d0-65affc28-9e6943dab79921a;;;"
vary: User-Agent
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 6096
expires: Fri, 02 Feb 2024 04:38:47 GMT

GET
H3 200 WhatsApp-Image-2024-01-24-at-14.57.12-Copy-330x220.webp
culturaenegocios.com.br/wp-content/uploads/2024/01/ 11 KB
11 KB 849ms
845ms Image
image/webp 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://culturaenegocios.com.br/wp-content/uploads/2024/01/WhatsApp-Image-2024-01-24-at-14.57.12-Copy-330x220.webp

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

eb92fd44a15ababf68114c2eb8cec28b971bbb8d6b2f31f12fa337a7d8f3412e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 24 Jan 2024 18:10:44 GMT
server: LiteSpeed
etag: "2a9e-65b152a4-ec9342645eeaffbe;;;"
vary: User-Agent
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 10910
expires: Fri, 02 Feb 2024 04:38:47 GMT

GET
H3 200 4146-1-Copy-22-330x220.webp
culturaenegocios.com.br/wp-content/uploads/2024/01/ 9 KB
9 KB 851ms
847ms Image
image/webp 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://culturaenegocios.com.br/wp-content/uploads/2024/01/4146-1-Copy-22-330x220.webp

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

e86719cdc703a92c047078e14dffc618146aa269fae729236075332f026c13b9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 24 Jan 2024 17:27:44 GMT
server: LiteSpeed
etag: "2412-65b14890-171912d094822157;;;"
vary: User-Agent
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 9234
expires: Fri, 02 Feb 2024 04:38:47 GMT

GET
H3 200 4146-3-Copy-4-330x220.webp
culturaenegocios.com.br/wp-content/uploads/2024/01/ 5 KB
5 KB 861ms
857ms Image
image/webp 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://culturaenegocios.com.br/wp-content/uploads/2024/01/4146-3-Copy-4-330x220.webp

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

ab5fb8b9aa6dc60c0864f23e97317536426886009cf1692d216cca2a3bd70e96

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 24 Jan 2024 14:05:27 GMT
server: LiteSpeed
etag: "1352-65b11927-e78d4aa9011a77dd;;;"
vary: User-Agent
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 4946
expires: Fri, 02 Feb 2024 04:38:47 GMT

GET
H3 200 WhatsApp-Image-2024-01-24-at-11.50.04-AM-e1706108354711-330x220.webp
culturaenegocios.com.br/wp-content/uploads/2024/01/ 4 KB
4 KB 853ms
849ms Image
image/webp 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://culturaenegocios.com.br/wp-content/uploads/2024/01/WhatsApp-Image-2024-01-24-at-11.50.04-AM-e1706108354711-330x220.webp

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

e42a846a3d2e6db13c633d7640f26061c17da10f7aef278c35342ae8effe27c1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 24 Jan 2024 15:00:58 GMT
server: LiteSpeed
etag: "1128-65b1262a-d202d3e54add259e;;;"
vary: User-Agent
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 4392
expires: Fri, 02 Feb 2024 04:38:47 GMT

GET
H3 200 4146-2-Copy-11-330x220.webp
culturaenegocios.com.br/wp-content/uploads/2024/01/ 6 KB
6 KB 862ms
859ms Image
image/webp 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://culturaenegocios.com.br/wp-content/uploads/2024/01/4146-2-Copy-11-330x220.webp

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

60b619c8e420a3f9c0bcdbcf46dca8f4e92c310270168f6833a9e411d33fbb00

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 23 Jan 2024 17:15:48 GMT
server: LiteSpeed
etag: "182c-65aff444-c84ab6d8b941a00;;;"
vary: User-Agent
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 6188
expires: Fri, 02 Feb 2024 04:38:47 GMT

GET
H3 200 image001-2-330x220.webp
culturaenegocios.com.br/wp-content/uploads/2024/01/ 12 KB
12 KB 864ms
860ms Image
image/webp 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://culturaenegocios.com.br/wp-content/uploads/2024/01/image001-2-330x220.webp

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

a7d1d7049b8e155b75fef6ce97dbdca51a2852feccb09615dbb10e180920c570

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 23 Jan 2024 15:52:03 GMT
server: LiteSpeed
etag: "2e26-65afe0a3-1aaadf836756764f;;;"
vary: User-Agent
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 11814
expires: Fri, 02 Feb 2024 04:38:47 GMT

GET
H3 200 Depositphotos_17457397_S-330x220.webp
culturaenegocios.com.br/wp-content/uploads/2024/01/ 25 KB
26 KB 866ms
863ms Image
image/webp 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://culturaenegocios.com.br/wp-content/uploads/2024/01/Depositphotos_17457397_S-330x220.webp

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

90e1d346c6640ad53d7c73d0b349531101ac3a1502cd4303eaf059cb8e677071

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 04 Jan 2024 19:44:10 GMT
server: LiteSpeed
etag: "65fc-65970a8a-357dd2afc8ba6e7a;;;"
vary: User-Agent
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 26108
expires: Fri, 02 Feb 2024 04:38:47 GMT

GET
H3 200 WhatsApp-Image-2023-12-18-at-10.06.12-330x220.webp
culturaenegocios.com.br/wp-content/uploads/2023/12/ 3 KB
3 KB 869ms
865ms Image
image/webp 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://culturaenegocios.com.br/wp-content/uploads/2023/12/WhatsApp-Image-2023-12-18-at-10.06.12-330x220.webp

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

f25926ff55665105b087457a3b8c4bab026549561639f61d705bd5212381aa15

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 18 Dec 2023 13:12:55 GMT
server: LiteSpeed
etag: "b3c-65804557-53ac33b4f13f50fd;;;"
vary: User-Agent
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 2876
expires: Fri, 02 Feb 2024 04:38:47 GMT

GET
H3 200 whatsapp-330x220.webp
culturaenegocios.com.br/wp-content/uploads/2023/12/ 3 KB
3 KB 869ms
866ms Image
image/webp 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://culturaenegocios.com.br/wp-content/uploads/2023/12/whatsapp-330x220.webp

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

02219c6ac20dcccb47f367b6376828b8b1910e734d2bcb991a876ed1a526db4b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 12 Dec 2023 14:24:52 GMT
server: LiteSpeed
etag: "b8c-65786d34-36c5251a86a301b5;;;"
vary: User-Agent
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 2956
expires: Fri, 02 Feb 2024 04:38:47 GMT

GET
H3 200 5f622bca-375f-4469-9b66-88b92c65e307-330x220.webp
culturaenegocios.com.br/wp-content/uploads/2024/01/ 28 KB
28 KB 871ms
867ms Image
image/webp 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://culturaenegocios.com.br/wp-content/uploads/2024/01/5f622bca-375f-4469-9b66-88b92c65e307-330x220.webp

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

5e68860efb29ffa305b4789519e67284beac186540c24cb1f94c148e6abbadfb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 22 Jan 2024 13:18:41 GMT
server: LiteSpeed
etag: "6e9e-65ae6b31-21ff0cebcff0620e;;;"
vary: User-Agent
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 28318
expires: Fri, 02 Feb 2024 04:38:47 GMT

GET
H3 200 1-4-330x220.webp
culturaenegocios.com.br/wp-content/uploads/2024/01/ 14 KB
14 KB 871ms
868ms Image
image/webp 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://culturaenegocios.com.br/wp-content/uploads/2024/01/1-4-330x220.webp

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

32b282b1c91c890ad3490bf86e5a6b4a297184916c1537b54ebc33c66ba71a3b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 22 Jan 2024 12:51:02 GMT
server: LiteSpeed
etag: "366a-65ae64b6-79238f67e8bffd0;;;"
vary: User-Agent
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 13930
expires: Fri, 02 Feb 2024 04:38:47 GMT

GET
H3 200 WhatsApp-Image-2024-01-19-at-13.32.10-Copy-330x220.webp
culturaenegocios.com.br/wp-content/uploads/2024/01/ 14 KB
14 KB 872ms
869ms Image
image/webp 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://culturaenegocios.com.br/wp-content/uploads/2024/01/WhatsApp-Image-2024-01-19-at-13.32.10-Copy-330x220.webp

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

eeff3f5cc97dce605164dd7be389b8a2b4125e8c480167b2789abd2d7d580ffc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 19 Jan 2024 17:32:05 GMT
server: LiteSpeed
etag: "3938-65aab215-59e0609bec88cea;;;"
vary: User-Agent
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 14648
expires: Fri, 02 Feb 2024 04:38:47 GMT

GET
H3 200 WhatsApp-Image-2024-01-19-at-11.18.48-Copy-330x220.webp
culturaenegocios.com.br/wp-content/uploads/2024/01/ 8 KB
8 KB 873ms
871ms Image
image/webp 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://culturaenegocios.com.br/wp-content/uploads/2024/01/WhatsApp-Image-2024-01-19-at-11.18.48-Copy-330x220.webp

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

da2e43ba9a49cd09e1bd2faebc9c2e889eb17e375754d79fd4e6913383fe6f2c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 19 Jan 2024 17:10:10 GMT
server: LiteSpeed
etag: "1e50-65aaacf2-a181bee449b538eb;;;"
vary: User-Agent
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 7760
expires: Fri, 02 Feb 2024 04:38:47 GMT

GET
H3 200 sofi-froza-release-330x220.webp
culturaenegocios.com.br/wp-content/uploads/2024/01/ 7 KB
7 KB 876ms
873ms Image
image/webp 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://culturaenegocios.com.br/wp-content/uploads/2024/01/sofi-froza-release-330x220.webp

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

bf066e8437c1d58df4ca3f6128d7e4628650e07f5d103c3f756d1fd112b2777a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 19 Jan 2024 16:34:47 GMT
server: LiteSpeed
etag: "1c08-65aaa4a7-6de49c53592e190c;;;"
vary: User-Agent
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 7176
expires: Fri, 02 Feb 2024 04:38:47 GMT

GET
H3 200 handler-4-330x220.webp
culturaenegocios.com.br/wp-content/uploads/2024/01/ 11 KB
11 KB 880ms
877ms Image
image/webp 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://culturaenegocios.com.br/wp-content/uploads/2024/01/handler-4-330x220.webp

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

c1a6b5d22efce43a0187b02393475a7e177a959631af637b1de77227c9ae8d63

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 19 Jan 2024 14:38:49 GMT
server: LiteSpeed
etag: "2c2e-65aa8979-6f396a73bbc3f8cf;;;"
vary: User-Agent
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 11310
expires: Fri, 02 Feb 2024 04:38:47 GMT

GET
H3 200 anuncie-aqui-CN.png
culturaenegocios.com.br/wp-content/uploads/2023/08/ 10 KB
10 KB 881ms
879ms Image
image/webp 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://culturaenegocios.com.br/wp-content/uploads/2023/08/anuncie-aqui-CN.png

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

9a12adfc035f23cfec61c88624ca8424536a91bbfcd5d160ced04c98eb231a5e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 05 Oct 2023 11:08:41 GMT
server: LiteSpeed
x-wpo-webp: Redirected directly to existing webp
etag: "260c-651e9939-148144fa0d8e72eb;;;"
vary: User-Agent,Accept
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 9740
expires: Fri, 02 Feb 2024 04:38:47 GMT

GET
H3 200 capa-2-Copy-330x220.webp
culturaenegocios.com.br/wp-content/uploads/2024/01/ 11 KB
11 KB 882ms
880ms Image
image/webp 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://culturaenegocios.com.br/wp-content/uploads/2024/01/capa-2-Copy-330x220.webp

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

2c73129368d96b6fb2b36aa69a719fa856adb477da604ec895121f64a1705537

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 25 Jan 2024 17:04:57 GMT
server: LiteSpeed
etag: "2c14-65b294b9-5d7eae510af990fb;;;"
vary: User-Agent
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 11284
expires: Fri, 02 Feb 2024 04:38:47 GMT

GET
H3 200 4146-Copy-14-330x220.webp
culturaenegocios.com.br/wp-content/uploads/2024/01/ 6 KB
6 KB 852ms
850ms Image
image/webp 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://culturaenegocios.com.br/wp-content/uploads/2024/01/4146-Copy-14-330x220.webp

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

f0f33532c51af0b190228886dd6da4decb4b60929471b1a514783e392388981d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 24 Jan 2024 21:00:33 GMT
server: LiteSpeed
etag: "1908-65b17a71-6a98f3fc230cad88;;;"
vary: User-Agent
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 6408
expires: Fri, 02 Feb 2024 04:38:47 GMT

GET
H3 200 123-330x220.webp
culturaenegocios.com.br/wp-content/uploads/2024/01/ 11 KB
11 KB 883ms
881ms Image
image/webp 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://culturaenegocios.com.br/wp-content/uploads/2024/01/123-330x220.webp

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

1ba0eab72cdfab953b2aaffe16bc974d136023358e58d6c0bebb050872ff9810

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 24 Jan 2024 19:19:14 GMT
server: LiteSpeed
etag: "2d52-65b162b2-42260359a8229b77;;;"
vary: User-Agent
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 11602
expires: Fri, 02 Feb 2024 04:38:47 GMT

GET
H3 200 WhatsApp-Image-2024-01-24-at-13.13.49-1-Copy-330x220.webp
culturaenegocios.com.br/wp-content/uploads/2024/01/ 12 KB
12 KB 884ms
882ms Image
image/webp 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://culturaenegocios.com.br/wp-content/uploads/2024/01/WhatsApp-Image-2024-01-24-at-13.13.49-1-Copy-330x220.webp

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

660aab0721aa4d37fa76de97797ae0bd009b5161c8189f938c6772c43371c166

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 24 Jan 2024 16:29:16 GMT
server: LiteSpeed
etag: "2fcc-65b13adc-3e1b419d60910cfd;;;"
vary: User-Agent
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 12236
expires: Fri, 02 Feb 2024 04:38:47 GMT

GET
H3 200 WhatsApp-Image-2024-01-24-at-12.59.52-Copy-330x220.webp
culturaenegocios.com.br/wp-content/uploads/2024/01/ 18 KB
18 KB 852ms
850ms Image
image/webp 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://culturaenegocios.com.br/wp-content/uploads/2024/01/WhatsApp-Image-2024-01-24-at-12.59.52-Copy-330x220.webp

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

c866fec44b475b3944fd8aef2d2830affefc34aaf191f67e3deb5d3956632c1c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 24 Jan 2024 16:08:10 GMT
server: LiteSpeed
etag: "48f8-65b135ea-9cda102f985a1592;;;"
vary: User-Agent
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 18680
expires: Fri, 02 Feb 2024 04:38:47 GMT

GET
H3 200 WhatsApp-Image-2024-01-24-at-12.59.30-Copy-330x220.webp
culturaenegocios.com.br/wp-content/uploads/2024/01/ 9 KB
9 KB 886ms
884ms Image
image/webp 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://culturaenegocios.com.br/wp-content/uploads/2024/01/WhatsApp-Image-2024-01-24-at-12.59.30-Copy-330x220.webp

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

dc32db935295393932ba1e330314d339d58b938c6c384efdba9ee58748a27209

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 24 Jan 2024 16:03:52 GMT
server: LiteSpeed
etag: "2340-65b134e8-806debffb21d720b;;;"
vary: User-Agent
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 9024
expires: Fri, 02 Feb 2024 04:38:47 GMT

GET
H3 200 logo_cen-1-300x122.png
culturaenegocios.com.br/wp-content/uploads/2023/08/ 9 KB
9 KB 886ms
885ms Image
image/webp 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://culturaenegocios.com.br/wp-content/uploads/2023/08/logo_cen-1-300x122.png

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

9f4bde535e56f8a8beeb217e1110522f24eaeac7fbfba1ce3f344985ddb3c730

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 05 Oct 2023 11:09:47 GMT
server: LiteSpeed
x-wpo-webp: Redirected directly to existing webp
etag: "2270-651e997b-5c51f82823c3c124;;;"
vary: User-Agent,Accept
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 8816
expires: Fri, 02 Feb 2024 04:38:47 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/ 403 KB
137 KB 128ms
89ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2201480789139736&plah=culturaenegocios.com.br&bust=31080601

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2201480789139736&host=ca-host-pub-2644536267352236

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4a9c28481f9c12beddefb77229552e166434d04722a3049629b00dca38dc1c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139801
x-xss-protection: 0
server: cafe
etag: 8293154763001718556
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 04:38:47 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/ Frame 81C3 9 KB
5 KB 63ms
18ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2201480789139736&host=ca-host-pub-2644536267352236

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://culturaenegocios.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 17890
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 25 Jan 2024 23:40:37 GMT
etag: 3890843268177463596
expires: Thu, 08 Feb 2024 23:40:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
250 B 73ms
28ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-PGDPR62NJV&gtm=45je41o0v889968971&_p=1706243927623&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&gdid=dZTNiMT&cid=37574242.1706243928&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1706243927&sct=1&seg=0&dl=https%3A%2F%2Fculturaenegocios.com.br%2F&dt=Portal%20de%20Not%C3%ADcias%20%7C%20Tend%C3%AAncias%20de%20Neg%C3%B3cios%20%7C%20Cultura%20e%20Neg%C3%B3cios&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2324
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PGDPR62NJV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://culturaenegocios.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
259 B 79ms
26ms Ping
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-PGDPR62NJV&cid=37574242.1706243928&gtm=45je41o0v889968971&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PGDPR62NJV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://culturaenegocios.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 74ms
30ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-PGDPR62NJV&cid=37574242.1706243928&gtm=45je41o0v889968971&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1286253926

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/ 485 KB
195 KB 62ms
18ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LcRTuknAAAAAIx4BmFagOOKfXNE1xclbyyn-RG3&ver=3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

904a9fb41a8def7934e36f12709f58182802250aaeec2d39b80e285941d47093

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://culturaenegocios.com.br/
Origin: https://culturaenegocios.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 17:09:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41366
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 198685
x-xss-protection: 0
last-modified: Mon, 22 Jan 2024 05:28:49 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 Jan 2025 17:09:22 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ 91 KB
33 KB 62ms
19ms XHR
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js

Requested by

Host: api.cazamba.com
URL: https://api.cazamba.com/common/czmb.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 16:55:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 214998
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32954
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jan 2025 16:55:30 GMT

GET
H2 200 TweenMax.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/ 105 KB
31 KB 68ms
26ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/TweenMax.min.js

Requested by

Host: api.cazamba.com
URL: https://api.cazamba.com/common/czmb.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4183766
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 31378
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-1a5b9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=20wPrpm3ejU36vQu63HWpPWqx34ID3eI3PwZLyTrWBLhe4TZrjYEWr74fUSzuqFeVrUR622RMbbH0Bs4105a5Bxm6JbO%2Bq9tUDVO%2Bu4dP74wJDvLG1oAwTbPSJOz4oinr20B181n%2FIRzT0ubYsuKrtS5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84b61186a87591db-FRA
expires: Wed, 15 Jan 2025 04:38:48 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 85ms
26ms Script
application/javascript 18.239.83.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.83.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-83-98.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 01:51:18 GMT
content-encoding: gzip
via: 1.1 c0f1616474eb5ab66a150ca4467bd724.cloudfront.net (CloudFront)
last-modified: Thu, 07 Dec 2023 12:13:41 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P5
age: 10081
x-amz-server-side-encryption: AES256
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: tXD4yRpPlkdZgZC2jQjWPMKFJ1GrA_1SNcZpuYiU59hPB1sEcJ4RBw==

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 377 KB
130 KB 84ms
26ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: api.cazamba.com
URL: https://api.cazamba.com/common/czmb.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68de2363a8937470cb35f5506e47b36bf67d35d8c7dbead836021fe5ed331587

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132611
x-xss-protection: 0
expires: Fri, 26 Jan 2024 04:38:48 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 64ms
18ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: api.cazamba.com
URL: https://api.cazamba.com/common/czmb.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 26 Jan 2024 03:48:09 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3039
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 26 Jan 2024 05:48:09 GMT

GET
H2 200 rm Show response
as.cazamba.com/ 247 B
975 B 848ms
570ms Script
text/javascript 52.87.124.31
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://as.cazamba.com/rm?token=ccfe069e7d03090a85cb6e4872480d0c&r=94649695614&v=13&p=%2F&vp=false&callback=superagentCallback1706243928053203
Requested by: Host: api.cazamba.com
URL: https://api.cazamba.com/common/czmb.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.87.124.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-87-124-31.compute-1.amazonaws.com
Software: nginx /
Resource Hash: fad22c352198a84b54b2afbf53227269a9eebf15a48cd6fd74b74531aa239dbf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:48 GMT
content-encoding: gzip
server: nginx
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: https://culturaenegocios.com.br
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: *

GET
H2 200 / Show response
ui.cleverwebserver.com/ 157 B
379 B 48ms
32ms Script
application/javascript 2606:4700:4400::ac40:919c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ui.cleverwebserver.com/
Requested by: Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:919c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40ec67160f47fe555e57ffd595700b621c74d19c75c18e5299b3f7b7e3fbf154

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:48 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cf-ray: 84b61186e8d2693a-FRA
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
213 B 26ms
25ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1470524450&t=pageview&_s=1&dl=https%3A%2F%2Fculturaenegocios.com.br%2F&ul=en-us&de=UTF-8&dt=Portal%20de%20Not%C3%ADcias%20%7C%20Tend%C3%AAncias%20de%20Neg%C3%B3cios%20%7C%20Cultura%20e%20Neg%C3%B3cios&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAEABAAAAACAAI~&jid=1233191693&gjid=108722993&cid=37574242.1706243928&tid=UA-42852934-1&_gid=477644641.1706243928&_r=1&_slc=1&z=34253597

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://culturaenegocios.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://culturaenegocios.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 58CA 0
188 B 92ms
91ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2201480789139736&output=html&adk=1812271804&adf=3025194257&lmt=1706223589&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fculturaenegocios.com.br%2F&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706243927925&bpp=3&bdt=1187&idt=215&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4441895750607&frm=20&pv=2&ga_vid=37574242.1706243928&ga_sid=1706243928&ga_hid=1470524450&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31080591%2C44785293%2C31080601%2C95320378%2C95321627%2C95322164%2C95323004%2C31061690&oid=2&pvsid=4430117617272459&tmod=1475928934&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=256

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2201480789139736&plah=culturaenegocios.com.br&bust=31080601

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://culturaenegocios.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 26 Jan 2024 04:38:48 GMT
expires: Fri, 26 Jan 2024 04:38:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 b
sb.scorecardresearch.com/ 0
224 B 33ms
33ms Image
text/plain 18.239.83.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=8&c2=16041074&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1706243928233&ns_c=UTF-8&c3=&c7=https%3A%2F%2Fculturaenegocios.com.br%2F&c8=Portal%20de%20Not%C3%ADcias%20%7C%20Tend%C3%AAncias%20de%20Neg%C3%B3cios%20%7C%20Cultura%20e%20Neg%C3%B3cios&c9=
Requested by: Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.83.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-83-98.ams58.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:48 GMT
via: 1.1 c0f1616474eb5ab66a150ca4467bd724.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: AMS58-P5
x-amz-cf-id: uS3jgAMladWiuGc8oE3189_koSRH4uGvuiHu1QzxehysUsMIMQ9zNA==
x-cache: Miss from cloudfront

GET
H2 200 /
call.cleverwebserver.com/ 43 B
105 B 43ms
33ms Image
image/gif 2606:4700:4400::ac40:919c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://call.cleverwebserver.com/?id=55018&c=DE&r=&l=126&b=Chrome&os=Win10&mob=0&v=1.58.1&ref=aHR0cHM6Ly9jdWx0dXJhZW5lZ29jaW9zLmNvbS5ici8%3D&ruri=&iv=-1&ctr=DE&sz=1200
Requested by: Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:919c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:48 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 84b61187a92a693a-FRA
content-length: 43
content-type: image/gif

GET
H2 200 prebid_alright.js Show response
tagmanager.alright.network/ 431 KB
141 KB 25ms
24ms Script
application/javascript 13.32.27.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagmanager.alright.network/prebid_alright.js
Requested by: Host: tagmanager.alright.network
URL: https://tagmanager.alright.network/manager/js/container_ZAhWMzKS.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-44.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 94409b25f60e402ccdd7da8fae9ef7b4cfa2172a143c34d7156d1bcacfb70d88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: goXsX86WUjcKJXQG5HJQYkMJq3z3ECH4
content-encoding: gzip
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
date: Fri, 26 Jan 2024 04:19:54 GMT
last-modified: Tue, 09 Jan 2024 19:59:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 1135
x-amz-server-side-encryption: AES256
etag: W/"61f65572311f24e8bb3243e0ad3dba7a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: RbbBS7ruSF0dv7zsXl7nf7xFgQ_7iErv5rNi_HyUJ8ZipI1ohGU6zQ==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 98 KB
30 KB 127ms
69ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: tagmanager.alright.network
URL: https://tagmanager.alright.network/manager/js/container_ZAhWMzKS.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86003362db4e09b0055c7ef03d973a61b24be57373ce5373293ced08edcabff3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29697
x-xss-protection: 0
server: cafe
etag: 229 / 19748 / 31080639 / config-hash: 11543485900695594775
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 04:38:48 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 66ms
26ms Fetch
application/json 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20240126

Requested by

Host: tagmanager.alright.network
URL: https://tagmanager.alright.network/prebid_alright.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9931954d716dbb95fb23bd8be91a6fc69b9d5b9a8870399917ab71a0b5007826

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://culturaenegocios.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 26 Jan 2024 04:38:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2274
x-jsd-version: 1.0.1946
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230103-FRA, cache-lga21970-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"639-e0qIblFnFntWrc6NdgTLN/5KlQY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N25i9VHYnx0q4njwZzM%2FnWSED3IxQ0Zrv%2F6rns17ND3ClLqD%2B3me49qCUi1WJt5O%2Bz56jJVAi94wjGc8ETMiKnzP7yXA7hNX9OFn36TDQtrW9fGzd2TY2IY9Qo0oRz00%2FG4HazUt93xC6luN34E%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 84b611885db8382c-FRA

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401220101/ 431 KB
135 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401220101/pubads_impl.js?cb=31080639

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69a53ae8e402a25abc88acf3fba1840ae7e371df38eee6dc6fc319462f7c2a88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 15:37:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46887
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138344
x-xss-protection: 0
server: cafe
etag: 5355839101460123655
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 24 Jan 2025 15:37:21 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 283 KB
71 KB 103ms
21ms Script
application/javascript 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: tagmanager.alright.network
URL: https://tagmanager.alright.network/manager/js/container_ZAhWMzKS.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 21e2cc1be6bb33e75287ef99dd7ba094e114326e221a1550b9f9e21de7a1b51c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:14:10 GMT
content-encoding: gzip
via: 1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront), 1.1 c3fc8d1fb362a6655af993732c376dc4.cloudfront.net (CloudFront)
last-modified: Tue, 23 Jan 2024 20:58:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 1479
x-amz-server-side-encryption: AES256
etag: W/"bfb1a1567d75287f0c63152bfd796b6d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: OEHHlQmYVyyvfqQ5BaJFfK_q3kgmQ-VI1vYouqSUw6f7sC2SL5Pg3Q==

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ 483 B
1021 B 68ms
28ms Script
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: tagmanager.alright.network
URL: https://tagmanager.alright.network/prebid_alright.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 26 Jan 2024 04:38:48 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Mon, 27 Nov 2023 07:14:08 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 2496239
ETag: W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=edRDRQOmhsf8jhO7DQyhmBapd9%2FCkjtZTnnOTSqUcM4RuUabBjSjs6wEajOZmkzc7dRnl%2Fv1Z9oD62NhlhnIEji4yh%2B33EPflRzDYHrO8bqZPWVALUdxuOLBaFoB5M6TLIHXgsFbgw%2FjXnne"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 84b6118a7e116955-FRA

GET
H/1.1 204
No Content / Show response
d.vidoomy.com/api/rtbserver/prebid/ 0
373 B 415ms
56ms Fetch
text/plain 212.36.83.245
AS_ADAM Adam Data...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.vidoomy.com/api/rtbserver/prebid/?id=15029&adtype=banner&auc=supertag-ad-8hqirw51b&w=300&h=250&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.224%20Safari%2F537.36&l=en&dt=1&pid=51743&requestId=231a99498bd954&schain=1.0%2C1!alright.com.br%2C596a9712571d12e1f410204bf3df63e7%2C1%2C%2C%2C&eids=&bidfloor=0.15&d=culturaenegocios.com.br&sp=https%253A%252F%252Fculturaenegocios.com.br%252F&usp=&coppa=false&videoContext=&bcat=&badv=&bapp=&btype=&battr=
Requested by: Host: tagmanager.alright.network
URL: https://tagmanager.alright.network/prebid_alright.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.36.83.245 Sant Vicenç dels Horts, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS: lb1.vdmy.dtic.es
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://culturaenegocios.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

Date: Fri, 26 Jan 2024 04:38:49 GMT
Server: nginx
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: https://culturaenegocios.com.br
Access-Control-Expose-Headers: X-VD-C
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2

200

ROS Show response
pbjs.e-planning.net/hb/1/4d628/1/culturaenegocios.com.br/
Redirect Chain

https://pbjs.e-planning.net/pbjs/1/4d628/1/culturaenegocios.com.br/ROS?rnd=0.469746027528414&e=300x250_0%3A300x250%2C300x600%2C160x600%2C320x250%2C320x480%2C120x600%7C0.15&ur=https%3A%2F%2Fculturae...
https://pbjs.e-planning.net/hb/1/4d628/1/culturaenegocios.com.br/ROS?ct=1&r=pbjs&rnd=0.469746027528414&e=300x250_0%3A300x250%2C300x600%2C160x600%2C320x250%2C320x480%2C120x600%7C0.15&ur=https%3A%2F%...

293 B
714 B

38ms
38ms

Fetch
application/json

193.3.178.4
E-PLANNING-

General

Check archive.org

Show headers Download Go to

Full URL: https://pbjs.e-planning.net/hb/1/4d628/1/culturaenegocios.com.br/ROS?ct=1&r=pbjs&rnd=0.469746027528414&e=300x250_0%3A300x250%2C300x600%2C160x600%2C320x250%2C320x480%2C120x600%7C0.15&ur=https%3A%2F%2Fculturaenegocios.com.br%2F&pbv=8.29.0-pre&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fculturaenegocios.com.br%2F
Requested by: Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/
Protocol: H2
Server: 193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 5e337f522f574d3ec6ee384f7ab408119b1049bec62762991cec82a7197735ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Fri, 26 Jan 2024 04:38:48 GMT
date: Fri, 26 Jan 2024 04:38:48 GMT
server: openresty
content-type: application/json
access-control-allow-origin: https://culturaenegocios.com.br
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-length: 293
x-sid: AMS-937

Redirect headers

date: Fri, 26 Jan 2024 04:38:48 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://culturaenegocios.com.br
location: /hb/1/4d628/1/culturaenegocios.com.br/ROS?ct=1&r=pbjs&rnd=0.469746027528414&e=300x250_0%3A300x250%2C300x600%2C160x600%2C320x250%2C320x480%2C120x600%7C0.15&ur=https%3A%2F%2Fculturaenegocios.com.br%2F&pbv=8.29.0-pre&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fculturaenegocios.com.br%2F
content-type: text/html; charset=iso-8859-1
access-control-allow-credentials: true
x-sid: AMS-937

POST
H2 200 prebid Show response
mp.4dex.io/ 60 B
221 B 140ms
96ms Fetch
application/json 2606:4700:4400::ac40:994e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: tagmanager.alright.network
URL: https://tagmanager.alright.network/prebid_alright.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:994e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39

Request headers

Referer: https://culturaenegocios.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

x-version: 3.0.0-gcp-ams
date: Fri, 26 Jan 2024 04:38:48 GMT
x-err: Shapings: no adunits with size and seat and mapping
via: 1.1 google
cf-cache-status: DYNAMIC
content-encoding: gzip
x-warn: Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: supertag-ad-8hqirw51b
pragma: no-cache
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://culturaenegocios.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 84b6118a8b5f9b8f-FRA
expires: 0

POST v1
prg.smartadserver.com/prebid/ 0
0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 387 B
915 B 115ms
49ms Fetch
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16794&site_id=303964&zone_id=1533546&size_id=15&alt_size_ids=9%2C8%2C10%2C67%2C159&rp_schain=1.0,1!alright.com.br,596a9712571d12e1f410204bf3df63e7,1,,,&rf=https%3A%2F%2Fculturaenegocios.com.br%2F&tg_i.domain=culturaenegocios.com.br&tg_i.page=https%3A%2F%2Fculturaenegocios.com.br%2F&tk_flint=pbjs_lite_v8.29.0-pre&l_pb_bid_id=107bbc35674fd98&p_screen_res=1600x1200&rp_floor=0.2&rp_secure=1&rp_hard_floor=0.15&rp_maxbids=1&m_ch_mobile=%3F0&slots=1&rand=0.6728188587544977
Requested by: Host: tagmanager.alright.network
URL: https://tagmanager.alright.network/prebid_alright.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 61b60b9d1a9a29547d3f6d027176b5f44ab97c612f12ddfbba60d5d87505b7d9

Request headers

Referer: https://culturaenegocios.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:48 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://culturaenegocios.com.br
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 387
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 41 KB
13 KB 368ms
47ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401220101/pubads_impl.js?cb=31080639

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

885cb38c43b35c7ff9befe60f6c96f653d15befa0770f5f2ea0ea5cbc5d03a68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 18 Jan 2024 07:12:05 GMT
server: nginx
etag: W/"65a8cf45-a585"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 27 Jan 2024 04:38:49 GMT

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 76ms
22ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401220101/pubads_impl.js?cb=31080639
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 19:42:46 GMT
content-encoding: gzip
age: 1760162
x-guploader-uploadid: ABPtcPoloqixCCgTXomADCSOsA3BvcXFUxsBHUY7D-XO-cwUIkLuV-5nhidCq6Qut0LCqSjbEWf0KZgVTA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Sat, 04 Jan 2025 19:42:46 GMT

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 17 KB
6 KB 92ms
29ms Script
application/javascript 172.64.152.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401220101/pubads_impl.js?cb=31080639
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86036cbe1dd82dc84489e713501e2fb7e5e18d2f41b3668006f5657e3deb512a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:48 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 23 Jan 2024 20:10:49 GMT
server: cloudflare
age: 122681
etag: W/"65b01d49-42c8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 84b6118aa8d66a75-TXL
expires: Mon, 29 Jan 2024 04:38:48 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 82ms
20ms Script
text/javascript 65.9.66.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401220101/pubads_impl.js?cb=31080639
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-97.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:06:49 GMT
content-encoding: gzip
via: 1.1 cc763905c39a59494c951c09271b0422.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 1920
x-amz-server-side-encryption: AES256
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: xzgOlCtHq4FV5ADpR5yDfhRjdmeX9JvKsyIS8_S7uZrFrzNWJbEDgQ==

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 91ms
36ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401220101/pubads_impl.js?cb=31080639
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:48 GMT
via: 1.1 google, 1.1 google
last-modified: Thu, 03 Aug 2023 03:28:51 GMT
server: Google Frontend
etag: fc4e6bfe266081c4873c6f08c8298e5c
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: 3ef8d5e6d94bba0b9c6c7818f411e673
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207

GET
H2 200 lodash.min.js Show response
tagmanager.alright.network/ 71 KB
26 KB 25ms
25ms Script
application/javascript 13.32.27.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagmanager.alright.network/lodash.min.js
Requested by: Host: tagmanager.alright.network
URL: https://tagmanager.alright.network/manager/js/container_ZAhWMzKS.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-44.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a9705dfc47c0763380d851ab1801be6f76019f6b67e40e9b873f8b4a0603f7a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
date: Fri, 26 Jan 2024 04:35:43 GMT
last-modified: Wed, 26 Jan 2022 15:28:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 222
etag: W/"9becc40fb1d85d21d0ca38e2f7069511"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: UlThj7UEAZ2Q5vT2jzFsUMlC5xxGULJLm6l_1C2_xeM0yTPaEkcOBg==

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/alright-network/ 1 MB
95 KB 262ms
213ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/alright-network/loader.js
Requested by: Host: tagmanager.alright.network
URL: https://tagmanager.alright.network/manager/js/container_ZAhWMzKS.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d654f528122cc5c85307d7138e0b6bce88bc97a4e9f79e12beb615c22a9c5b56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: iOh6rlUu4rn0zrakMqT0tynXCiBDb6Pv
content-encoding: gzip
via: 1.1 varnish
date: Fri, 26 Jan 2024 04:38:48 GMT
x-amz-request-id: QHB3S8XB3P1HZ71H
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 96725
x-amz-id-2: gaB6ag52kGISrBGa/mn1/3xcDvA0VVLeHKR2xTaSyaFQsbebImxFdm9dv5o8JXspdpTSAGyPwRQ=
x-served-by: cache-fra-etou8220069-FRA
last-modified: Thu, 25 Jan 2024 10:51:57 GMT
server: AmazonS3
x-timer: S1706243929.728969,VS0,VE196
etag: "576c48db941bcd2d8fbcecbfc4056748"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 43
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

POST
H2 200 prebid Show response
mp.4dex.io/ 60 B
139 B 131ms
93ms Fetch
application/json 2606:4700:4400::ac40:994e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: tagmanager.alright.network
URL: https://tagmanager.alright.network/prebid_alright.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:994e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39

Request headers

Referer: https://culturaenegocios.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:48 GMT
x-err: Shapings: no adunits with size and seat and mapping
x-version: 3.0.0-gcp-ams
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://culturaenegocios.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 84b6118a8b609b8f-FRA
expires: 0

GET
H2

200

ROS Show response
pbjs.e-planning.net/hb/1/4d628/1/culturaenegocios.com.br/
Redirect Chain

https://pbjs.e-planning.net/pbjs/1/4d628/1/culturaenegocios.com.br/ROS?rnd=0.469746027528414&e=728x90_0%3A728x90%2C970x90%7C0.15&ur=https%3A%2F%2Fculturaenegocios.com.br%2F&pbv=8.29.0-pre&ncb=1&vs=...
https://pbjs.e-planning.net/hb/1/4d628/1/culturaenegocios.com.br/ROS?ct=1&r=pbjs&rnd=0.469746027528414&e=728x90_0%3A728x90%2C970x90%7C0.15&ur=https%3A%2F%2Fculturaenegocios.com.br%2F&pbv=8.29.0-pre...

292 B
712 B

32ms
32ms

Fetch
application/json

193.3.178.4
E-PLANNING-

General

Check archive.org

Show headers Download Go to

Full URL: https://pbjs.e-planning.net/hb/1/4d628/1/culturaenegocios.com.br/ROS?ct=1&r=pbjs&rnd=0.469746027528414&e=728x90_0%3A728x90%2C970x90%7C0.15&ur=https%3A%2F%2Fculturaenegocios.com.br%2F&pbv=8.29.0-pre&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fculturaenegocios.com.br%2F
Requested by: Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/
Protocol: H2
Server: 193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 3208917346cc451fbe5b42a75986b24bf806bc0a3ec89b3051a6e66e86eb7f28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Fri, 26 Jan 2024 04:38:48 GMT
date: Fri, 26 Jan 2024 04:38:48 GMT
server: openresty
content-type: application/json
access-control-allow-origin: https://culturaenegocios.com.br
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-length: 292
x-sid: AMS-937

Redirect headers

date: Fri, 26 Jan 2024 04:38:48 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://culturaenegocios.com.br
location: /hb/1/4d628/1/culturaenegocios.com.br/ROS?ct=1&r=pbjs&rnd=0.469746027528414&e=728x90_0%3A728x90%2C970x90%7C0.15&ur=https%3A%2F%2Fculturaenegocios.com.br%2F&pbv=8.29.0-pre&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fculturaenegocios.com.br%2F
content-type: text/html; charset=iso-8859-1
access-control-allow-credentials: true
x-sid: AMS-937

GET
H/1.1 204
No Content / Show response
d.vidoomy.com/api/rtbserver/prebid/ 0
373 B 424ms
62ms Fetch
text/plain 212.36.83.245
AS_ADAM Adam Data...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.vidoomy.com/api/rtbserver/prebid/?id=15029&adtype=banner&auc=supertag-ad-fekjhihon&w=728&h=90&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.224%20Safari%2F537.36&l=en&dt=1&pid=51743&requestId=164457b9054ea91&schain=1.0%2C1!alright.com.br%2C596a9712571d12e1f410204bf3df63e7%2C1%2C%2C%2C&eids=&bidfloor=0.15&d=culturaenegocios.com.br&sp=https%253A%252F%252Fculturaenegocios.com.br%252F&usp=&coppa=false&videoContext=&bcat=&badv=&bapp=&btype=&battr=
Requested by: Host: tagmanager.alright.network
URL: https://tagmanager.alright.network/prebid_alright.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.36.83.245 Sant Vicenç dels Horts, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS: lb1.vdmy.dtic.es
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://culturaenegocios.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

Date: Fri, 26 Jan 2024 04:38:49 GMT
Server: nginx
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: https://culturaenegocios.com.br
Access-Control-Expose-Headers: X-VD-C
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 382 B
730 B 107ms
50ms Fetch
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16794&site_id=303964&zone_id=1533546&size_id=2&alt_size_ids=55&rp_schain=1.0,1!alright.com.br,596a9712571d12e1f410204bf3df63e7,1,,,&rf=https%3A%2F%2Fculturaenegocios.com.br%2F&tg_i.domain=culturaenegocios.com.br&tg_i.page=https%3A%2F%2Fculturaenegocios.com.br%2F&tk_flint=pbjs_lite_v8.29.0-pre&l_pb_bid_id=1856848c227735b&p_screen_res=1600x1200&rp_floor=0.2&rp_secure=1&rp_hard_floor=0.15&rp_maxbids=1&m_ch_mobile=%3F0&slots=1&rand=0.2123366948192722
Requested by: Host: tagmanager.alright.network
URL: https://tagmanager.alright.network/prebid_alright.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 9f59d625efa6fe837a639187ed0500b8ed57e7a2a2ca58e4ab782c374ddbb36e

Request headers

Referer: https://culturaenegocios.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:48 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://culturaenegocios.com.br
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 382
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 prebid Show response
mp.4dex.io/ 60 B
402 B 88ms
54ms Fetch
application/json 2606:4700:4400::ac40:994e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: tagmanager.alright.network
URL: https://tagmanager.alright.network/prebid_alright.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:994e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39

Request headers

Referer: https://culturaenegocios.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:48 GMT
x-err: Shapings: no adunits with size and seat and mapping
x-version: 3.0.0-gcp-ams
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://culturaenegocios.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 84b6118a8b629b8f-FRA
expires: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 186 B
573 B 378ms
41ms Fetch
application/json 178.32.210.227
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tagmanager.alright.network
URL: https://tagmanager.alright.network/prebid_alright.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.32.210.227 , France, ASN16276 (OVH, FR),
Reverse DNS: ip227.ip-178-32-210.eu
Software: /
Resource Hash: 3409c1dfa8da857c546c778335d7a9637d37651c91fb161ba7d1e7c4f1d6e88a

Request headers

Referer: https://culturaenegocios.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:48 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://culturaenegocios.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 200 bid Show response
s.seedtag.com/c/hb/ 11 B
375 B 352ms
296ms Fetch
application/json 34.149.50.64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.seedtag.com/c/hb/bid
Requested by: Host: tagmanager.alright.network
URL: https://tagmanager.alright.network/prebid_alright.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 64.50.149.34.bc.googleusercontent.com
Software: openresty /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://culturaenegocios.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 26 Jan 2024 04:38:49 GMT
via: 1.1 google
server: openresty
vary: X-HTTP-Method-Override
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: https://culturaenegocios.com.br
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 11
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 204
No Content / Show response
d.vidoomy.com/api/rtbserver/prebid/ 0
373 B 399ms
55ms Fetch
text/plain 212.36.83.245
AS_ADAM Adam Data...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.vidoomy.com/api/rtbserver/prebid/?id=15029&adtype=banner&auc=supertag-ad-k4dtalyep&w=728&h=90&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.224%20Safari%2F537.36&l=en&dt=1&pid=51743&requestId=26c2df8a04435d4&schain=1.0%2C1!alright.com.br%2C596a9712571d12e1f410204bf3df63e7%2C1%2C%2C%2C&eids=&bidfloor=0.15&d=culturaenegocios.com.br&sp=https%253A%252F%252Fculturaenegocios.com.br%252F&usp=&coppa=false&videoContext=&bcat=&badv=&bapp=&btype=&battr=
Requested by: Host: tagmanager.alright.network
URL: https://tagmanager.alright.network/prebid_alright.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.36.83.245 Sant Vicenç dels Horts, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS: lb1.vdmy.dtic.es
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://culturaenegocios.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

Date: Fri, 26 Jan 2024 04:38:49 GMT
Server: nginx
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: https://culturaenegocios.com.br
Access-Control-Expose-Headers: X-VD-C
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2

200

ROS Show response
pbjs.e-planning.net/hb/1/4d628/1/culturaenegocios.com.br/
Redirect Chain

https://pbjs.e-planning.net/pbjs/1/4d628/1/culturaenegocios.com.br/ROS?rnd=0.469746027528414&e=728x90_0%3A728x90%2C970x90%7C0.15&ur=https%3A%2F%2Fculturaenegocios.com.br%2F&pbv=8.29.0-pre&ncb=1&vs=...
https://pbjs.e-planning.net/hb/1/4d628/1/culturaenegocios.com.br/ROS?ct=1&r=pbjs&rnd=0.469746027528414&e=728x90_0%3A728x90%2C970x90%7C0.15&ur=https%3A%2F%2Fculturaenegocios.com.br%2F&pbv=8.29.0-pre...

292 B
712 B

37ms
37ms

Fetch
application/json

193.3.178.4
E-PLANNING-

General

Check archive.org

Show headers Download Go to

Full URL: https://pbjs.e-planning.net/hb/1/4d628/1/culturaenegocios.com.br/ROS?ct=1&r=pbjs&rnd=0.469746027528414&e=728x90_0%3A728x90%2C970x90%7C0.15&ur=https%3A%2F%2Fculturaenegocios.com.br%2F&pbv=8.29.0-pre&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fculturaenegocios.com.br%2F
Requested by: Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/
Protocol: H2
Server: 193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 3208917346cc451fbe5b42a75986b24bf806bc0a3ec89b3051a6e66e86eb7f28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Fri, 26 Jan 2024 04:38:48 GMT
date: Fri, 26 Jan 2024 04:38:48 GMT
server: openresty
content-type: application/json
access-control-allow-origin: https://culturaenegocios.com.br
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-length: 292
x-sid: AMS-937

Redirect headers

date: Fri, 26 Jan 2024 04:38:48 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://culturaenegocios.com.br
location: /hb/1/4d628/1/culturaenegocios.com.br/ROS?ct=1&r=pbjs&rnd=0.469746027528414&e=728x90_0%3A728x90%2C970x90%7C0.15&ur=https%3A%2F%2Fculturaenegocios.com.br%2F&pbv=8.29.0-pre&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fculturaenegocios.com.br%2F
content-type: text/html; charset=iso-8859-1
access-control-allow-credentials: true
x-sid: AMS-937

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame CA2D 45 KB
28 KB 45ms
45ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcRTuknAAAAAIx4BmFagOOKfXNE1xclbyyn-RG3&co=aHR0cHM6Ly9jdWx0dXJhZW5lZ29jaW9zLmNvbS5icjo0NDM.&hl=de&v=QUpyTKFkX5CIV6EF8TFSWEif&size=invisible&cb=2yk37e9esove

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

30721b6d96e3c05620327641edf74ab2766ecdda06f1133004e37dbde8df93e0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Dvd5cnjJBKGvXETfI1lELg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://culturaenegocios.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Dvd5cnjJBKGvXETfI1lELg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 26 Jan 2024 04:38:48 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H3 200 admin-ajax.php Show response
culturaenegocios.com.br/wp-admin/ 2 B
243 B 3482ms
3482ms XHR
application/json 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://culturaenegocios.com.br/wp-admin/admin-ajax.php

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/wp-content/cache/wpo-minify/1705927335/assets/wpo-minify-header-f5440c18.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed / PHP/7.4.33

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://culturaenegocios.com.br/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 26 Jan 2024 04:38:49 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
x-powered-by: PHP/7.4.33
content-length: 6
referrer-policy: strict-origin-when-cross-origin
server: LiteSpeed
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://culturaenegocios.com.br
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
platform: hostinger
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 dialog.min.js Show response
culturaenegocios.com.br/wp-content/plugins/elementor/assets/lib/dialog/ 10 KB
3 KB 230ms
230ms Script
application/x-javascript 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://culturaenegocios.com.br/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/wp-content/cache/wpo-minify/1705927335/assets/wpo-minify-footer-9b0926e9.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

e9ba3d0c5d5408e00becd36ad394fa9ad9c0616741ebdd6dddc8e837db3605ba

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:48 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 26 Dec 2023 19:50:33 GMT
server: LiteSpeed
etag: "29fd-658b2e89-edc97747f0b846c7;br"
vary: Accept-Encoding,User-Agent
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 3286
expires: Fri, 02 Feb 2024 04:38:48 GMT

GET
H3 200 mega-menu.f4e036531fed147c8f1f.bundle.min.js Show response
culturaenegocios.com.br/wp-content/plugins/elementor-pro/assets/js/ 18 KB
5 KB 300ms
299ms Script
application/x-javascript 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://culturaenegocios.com.br/wp-content/plugins/elementor-pro/assets/js/mega-menu.f4e036531fed147c8f1f.bundle.min.js

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/wp-content/cache/wpo-minify/1705927335/assets/wpo-minify-footer-70bf3b61.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

589e51094967f8ad69a80d493f549c8b79edc1f97e16bcaef4c376dc392da335

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:48 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 02 Dec 2023 21:53:22 GMT
server: LiteSpeed
etag: "48a1-656ba752-915d41c0000acfc7;br"
vary: Accept-Encoding,User-Agent
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 4728
expires: Fri, 02 Feb 2024 04:38:48 GMT

GET
H3 200 mega-menu-stretch-content.b203a97f096c18f3d1a2.bundle.min.js Show response
culturaenegocios.com.br/wp-content/plugins/elementor-pro/assets/js/ 926 B
460 B 301ms
301ms Script
application/x-javascript 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://culturaenegocios.com.br/wp-content/plugins/elementor-pro/assets/js/mega-menu-stretch-content.b203a97f096c18f3d1a2.bundle.min.js

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/wp-content/cache/wpo-minify/1705927335/assets/wpo-minify-footer-70bf3b61.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

0ab9751491176afacd6960432874ccc3fad5056fcff3debad433783b746a55de

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:48 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 02 Dec 2023 21:53:22 GMT
server: LiteSpeed
etag: "39e-656ba752-f945726e2cc7bca7;br"
vary: Accept-Encoding,User-Agent
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 408
expires: Fri, 02 Feb 2024 04:38:48 GMT

GET
H3 200 menu-title-keyboard-handler.ec514149d506e0fe9c54.bundle.min.js Show response
culturaenegocios.com.br/wp-content/plugins/elementor-pro/assets/js/ 3 KB
977 B 302ms
301ms Script
application/x-javascript 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://culturaenegocios.com.br/wp-content/plugins/elementor-pro/assets/js/menu-title-keyboard-handler.ec514149d506e0fe9c54.bundle.min.js

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/wp-content/cache/wpo-minify/1705927335/assets/wpo-minify-footer-70bf3b61.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

ca4b38d09d1c0d4b0ee2ccb0d9fa68480d130d1abeaba1b357ce12997dff22e2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:48 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 02 Dec 2023 21:53:22 GMT
server: LiteSpeed
etag: "b57-656ba752-b03af7bc110d8b00;br"
vary: Accept-Encoding,User-Agent
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 925
expires: Fri, 02 Feb 2024 04:38:48 GMT

GET
H3 200 text-editor.2c35aafbe5bf0e127950.bundle.min.js Show response
culturaenegocios.com.br/wp-content/plugins/elementor/assets/js/ 1 KB
652 B 302ms
301ms Script
application/x-javascript 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://culturaenegocios.com.br/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/wp-content/cache/wpo-minify/1705927335/assets/wpo-minify-footer-70bf3b61.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

d191094291904cb0410cf3a475ea46eee6573c0922cc204759445e326d6d9233

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:48 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 26 Dec 2023 19:50:33 GMT
server: LiteSpeed
etag: "550-658b2e89-23ba7aa65e7e4323;br"
vary: Accept-Encoding,User-Agent
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 601
expires: Fri, 02 Feb 2024 04:38:48 GMT

GET
H3 200 nav-menu.70d63d6d093f3a45a0c6.bundle.min.js Show response
culturaenegocios.com.br/wp-content/plugins/elementor-pro/assets/js/ 5 KB
2 KB 302ms
302ms Script
application/x-javascript 2a02:4780:13:990:0:71e:fb98:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://culturaenegocios.com.br/wp-content/plugins/elementor-pro/assets/js/nav-menu.70d63d6d093f3a45a0c6.bundle.min.js

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/wp-content/cache/wpo-minify/1705927335/assets/wpo-minify-footer-70bf3b61.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:13:990:0:71e:fb98:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

11ea1a93d916ef7f4023e821c6b9b9c31fa92ca91c885753a3e014386fa654c4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:48 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 02 Dec 2023 21:53:22 GMT
server: LiteSpeed
etag: "122b-656ba752-b1aa613814a201a8;br"
vary: Accept-Encoding,User-Agent
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 1558
expires: Fri, 02 Feb 2024 04:38:48 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/ Frame CA2D 55 KB
24 KB 73ms
24ms Stylesheet
text/css 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcRTuknAAAAAIx4BmFagOOKfXNE1xclbyyn-RG3&co=aHR0cHM6Ly9jdWx0dXJhZW5lZ29jaW9zLmNvbS5icjo0NDM.&hl=de&v=QUpyTKFkX5CIV6EF8TFSWEif&size=invisible&cb=2yk37e9esove

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 14:56:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49344
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 22 Jan 2024 05:28:49 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 Jan 2025 14:56:24 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/ Frame CA2D 485 KB
194 KB 77ms
28ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

904a9fb41a8def7934e36f12709f58182802250aaeec2d39b80e285941d47093

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 17:09:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41366
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 198685
x-xss-protection: 0
last-modified: Mon, 22 Jan 2024 05:28:49 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 Jan 2025 17:09:22 GMT

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ 75 KB
24 KB 80ms
27ms Fetch
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 26 Jan 2024 04:38:48 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 60952
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 27 Nov 2023 07:14:07 GMT
Server: cloudflare
ETag: W/"6faf3acfde3bb82adada71be4fc1deb0"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iY5kLkKcR08hWXhuA97L6pUNYg%2FazcSpcGeykNx8HDRzNk2vBqFT4h%2BcxHpaYhUSFFSiB5PSzxc2BFag3Tb%2BGbyc9vkC6YpM2W4KMw9j2xmBe3%2BHkoiCwFn4CYIzbC%2BD0j8GATs1mYxuiYDK"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 84b6118b3d9c3673-FRA

GET
H2 200 cloudinary-core.min.js Show response
tagmanager.alright.network/ 96 KB
23 KB 57ms
57ms Script
application/javascript 13.32.27.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagmanager.alright.network/cloudinary-core.min.js
Requested by: Host: tagmanager.alright.network
URL: https://tagmanager.alright.network/manager/js/container_ZAhWMzKS.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-44.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2a9c8c1325096f3efd38f7e471f4f85fd0c212fa91ceb9591b037bc959dbcd54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
date: Fri, 26 Jan 2024 04:38:48 GMT
last-modified: Wed, 26 Jan 2022 15:28:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 47
etag: W/"a1be2e94d994f87394275c7c24229e51"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: HaCGgsxRPIqzW9fkcrmIQVg4IG5nTq6vzt-3r1s-pERQyb3Mb7UeBQ==

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fculturaenegocios.com.br%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fculturaenegocios.com.br%2F&rid=esp&cc=1

85 B
194 B

3151ms
3148ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fculturaenegocios.com.br%2F&rid=esp&cc=1
Requested by: Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 08c455d224daaac85bafbf640908485eea2a018433cb88e284fb01db0927ada2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:49 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-f4j1+lQH8Q0NDvNDOYKcWNTryto"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://culturaenegocios.com.br
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Fri, 26 Jan 2024 04:38:48 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://culturaenegocios.com.br
location: /esp?url=https%3A%2F%2Fculturaenegocios.com.br%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
338 B 220ms
45ms XHR
application/json 54.220.173.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.173.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-173-30.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 805ecc2a0f1749aded0df1f468564fc28540c7687f8a78a84d53cb5626828466

Request headers

Referer: https://culturaenegocios.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:48 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://culturaenegocios.com.br
cache-control: no-cache
x-server: 10.45.0.26
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 6b1b4854-5ad6-4263-b293-3504bff09793 Show response
config.aps.amazon-adsystem.com/configs/ 564 B
839 B 123ms
66ms Script
application/javascript 99.86.4.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/6b1b4854-5ad6-4263-b293-3504bff09793
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-128.fra6.r.cloudfront.net
Software: CloudFront /
Resource Hash: df6a9de88ee4e7d4c68cab877e0fe746475b9d62004ca321205ed2bfb16ad460

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:00:17 GMT
via: 1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
age: 2311
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 564
x-amz-cf-id: gstojeCCpL2k9ZkZUj4k6b7Qtih6QWolju4Gcl-qJIIN3IZ8jnF-nw==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 488 B
842 B 119ms
119ms XHR
application/json 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fculturaenegocios.com.br&pubid=6b1b4854-5ad6-4263-b293-3504bff09793
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 69212075b1d37228d4784482d0604cc6c9d957042c7fac32a4d3441ea848315e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:48 GMT
via: 1.1 c3fc8d1fb362a6655af993732c376dc4.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://culturaenegocios.com.br
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 488
x-amz-cf-id: Lg__Z6x0-7dTCJal0oNMqhCbIibRhWTcsNx150_moj6Xq6FycNRiyA==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
363 B 211ms
135ms XHR
text/javascript 18.245.47.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fculturaenegocios.com.br%2F&pid=EslAp1dcb0HG8&cb=0&ws=1600x1200&v=24.117.1925&t=2000&slots=%5B%7B%22sd%22%3A%22supertag-ad-8hqirw51b%22%2C%22s%22%3A%5B%22300x250%22%2C%22320x250%22%2C%22320x480%22%2C%22300x600%22%2C%22120x600%22%2C%22160x600%22%5D%2C%22sn%22%3A%22%2F21830119956%2C22828698084%2Fculturaenegocio%2F23u_SIDEBAR1%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&pubid=6b1b4854-5ad6-4263-b293-3504bff09793&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.47.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-47-29.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:48 GMT
via: 1.1 79d85d2de1f5aa38558ef6bab6274390.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P9
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://culturaenegocios.com.br
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: F-SGw9hUZ62KNx8UGBniCcZg0eu234SOTuXBBlb1U_3XXZA3kXnobQ==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 488 B
842 B 112ms
111ms XHR
application/json 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fculturaenegocios.com.br&pubid=6b1b4854-5ad6-4263-b293-3504bff09793
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 69212075b1d37228d4784482d0604cc6c9d957042c7fac32a4d3441ea848315e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:48 GMT
via: 1.1 c3fc8d1fb362a6655af993732c376dc4.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://culturaenegocios.com.br
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 488
x-amz-cf-id: 7s3qOFdO7fgKBSZOzsN-WOWHetRBJ659AMrd1pdUmiT99y3x0rDjEg==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
362 B 212ms
140ms XHR
text/javascript 18.245.47.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fculturaenegocios.com.br%2F&pid=EslAp1dcb0HG8&cb=1&ws=1600x1200&v=24.117.1925&t=2000&slots=%5B%7B%22sd%22%3A%22supertag-ad-fekjhihon%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F21830119956%2C22828698084%2Fculturaenegocio%2F23n_STICKY_DESK%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&pubid=6b1b4854-5ad6-4263-b293-3504bff09793&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.47.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-47-29.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:48 GMT
via: 1.1 79d85d2de1f5aa38558ef6bab6274390.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P9
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://culturaenegocios.com.br
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: ag8z3RvTf32IEMIX7ivrTwOrHxFbZI5MNPwFKKazJcFZHcCaSBCb0A==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 488 B
842 B 112ms
111ms XHR
application/json 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fculturaenegocios.com.br&pubid=6b1b4854-5ad6-4263-b293-3504bff09793
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 69212075b1d37228d4784482d0604cc6c9d957042c7fac32a4d3441ea848315e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:48 GMT
via: 1.1 c3fc8d1fb362a6655af993732c376dc4.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://culturaenegocios.com.br
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 488
x-amz-cf-id: zr7F1EcqmdqjkPO2pl9ipkA2ul9kbJD-XyffQW7cJDaMQ65VWSsOkw==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
361 B 3348ms
3278ms XHR
text/javascript 18.245.47.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fculturaenegocios.com.br%2F&pid=EslAp1dcb0HG8&cb=2&ws=1600x1200&v=24.117.1925&t=2000&slots=%5B%7B%22sd%22%3A%22supertag-ad-k4dtalyep%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F21830119956%2C22828698084%2Fculturaenegocio%2F23n_HEADER_DESK%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&pubid=6b1b4854-5ad6-4263-b293-3504bff09793&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.47.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-47-29.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:49 GMT
via: 1.1 79d85d2de1f5aa38558ef6bab6274390.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P9
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://culturaenegocios.com.br
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: G33mEt7Xk4vaY5WbwkcnG0IXaNZW6y-joon0-5FLrpLlDZUUuOLguw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 3349ms
3306ms XHR
application/javascript 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 20a87151baa74b57c01624c82e244c6a.cloudfront.net (CloudFront)
date: Fri, 26 Jan 2024 04:38:50 GMT
x-amz-cf-pop: FRA56-P6
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: EEYEGp78uomW84ZViItBL8hU_0daTf9pwsyFL7a1VMRu-7ESG2zkRw==

GET
H2 200 cld-video-player.min.js Show response
tagmanager.alright.network/ 2 MB
431 KB 22ms
21ms Script
application/javascript 13.32.27.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagmanager.alright.network/cld-video-player.min.js
Requested by: Host: tagmanager.alright.network
URL: https://tagmanager.alright.network/manager/js/container_ZAhWMzKS.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-44.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b1e61d7061d6f054ace39c480436a348ab293b49a37e272a4c8cf8583c78ab3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
date: Fri, 26 Jan 2024 04:22:54 GMT
last-modified: Fri, 04 Feb 2022 16:19:43 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 965
etag: W/"f424c0548bcfc13402d775a5f3c7e056"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 7euyuAacJtqPcMMn-8lIqHMIGaC3k5mD5Xpu1cb8t65cX7FYtw9APw==

GET
H2 200 cs Show response
as.cazamba.com/ Frame 5F8D 5 KB
2 KB 121ms
120ms Document
text/html 52.87.124.31
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://as.cazamba.com/cs?publisher_id=2157&g=1706243929
Requested by: Host: api.cazamba.com
URL: https://api.cazamba.com/common/czmb.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.87.124.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-87-124-31.compute-1.amazonaws.com
Software: nginx /
Resource Hash: de85994531214f8295ade173e105a9745315f560bedb3e5496cf840c70adbaac

Request headers

Referer: https://culturaenegocios.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 26 Jan 2024 04:38:48 GMT
server: nginx

GET
H2 204 b
sb.scorecardresearch.com/ 0
225 B 34ms
33ms Image
text/plain 18.239.83.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=1&c2=16041074&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1706243928904&ns_c=UTF-8&c5=12&c7=https%3A%2F%2Fculturaenegocios.com.br%2F&c8=Portal%20de%20Not%C3%ADcias%20%7C%20Tend%C3%AAncias%20de%20Neg%C3%B3cios%20%7C%20Cultura%20e%20Neg%C3%B3cios&c9=
Requested by: Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.83.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-83-98.ams58.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:48 GMT
via: 1.1 c0f1616474eb5ab66a150ca4467bd724.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: AMS58-P5
x-amz-cf-id: 4ez54NmY1jV9Zybc0942ynJhhlISdzi_WyZc5NcKRKoENED43CvN_g==
x-cache: Miss from cloudfront

GET
H2 200 p
sb.scorecardresearch.com/ 43 B
299 B 40ms
40ms Image
image/gif 18.239.83.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=2&c2=16041074&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=6050342b9eabec6c&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=&c4=&c6=&ns_ts=1706243930
Requested by: Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.83.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-83-98.ams58.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:48 GMT
via: 1.1 c0f1616474eb5ab66a150ca4467bd724.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: AMS58-P5
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: muMmJVVtINFcSl39qXVf91H4j-QuI0kjW3YGLPMkh7yCftTz2y4a1Q==

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 113 KB
28 KB 84ms
33ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d351ad9e0491a3bb72ba3995d0dfe67f6af54bbf7d97e18f43ff203ffc5efe1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:48 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 08 Jan 2024 11:20:59 GMT
server: cloudflare
x-amz-request-id: 3K7JHCZJENBBQ898
age: 1335
etag: W/"9692928e9024f20ea54c02122b35d5bb"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 84b6118c2caa18c7-FRA
x-amz-id-2: bjWowwapkVSb0HP6x/GH+CsDoqfBpNJVhhNCfbhpc4shK5LQQ1/EieWWEm078S+elvhv0rXgDi4FCxQ7+vg1LA==

POST
H2 200 recordVendorsLoaded Show response
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ 0
128 B 120ms
119ms XHR
text/plain 52.73.37.218
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.73.37.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-73-37-218.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://culturaenegocios.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Fri, 26 Jan 2024 04:38:52 GMT
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

OPTIONS
H2 200 recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 0
0 3508ms
119ms Preflight 52.73.37.218
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.73.37.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-73-37-218.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://culturaenegocios.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Fri, 26 Jan 2024 04:38:52 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H3 200 zftWH1OehvU7cp4CwShG1rGJcDUeSLUwVTlpfhapoYQ.js Show response
www.google.com/js/bg/ Frame CA2D 17 KB
7 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/zftWH1OehvU7cp4CwShG1rGJcDUeSLUwVTlpfhapoYQ.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdfb561f539e86f53b729e02c12846d6b18970351e48b5305539697e16a9a184

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcRTuknAAAAAIx4BmFagOOKfXNE1xclbyyn-RG3&co=aHR0cHM6Ly9jdWx0dXJhZW5lZ29jaW9zLmNvbS5icjo0NDM.&hl=de&v=QUpyTKFkX5CIV6EF8TFSWEif&size=invisible&cb=2yk37e9esove
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 23:50:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 103718
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6922
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 10:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 Jan 2025 23:50:10 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame CA2D 102 B
135 B 29ms
28ms Other
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=QUpyTKFkX5CIV6EF8TFSWEif

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

45f3e73f5b5d8f1accdba00c41a0ac3c0a6fdeee2f7e7d7f517296e8161188bc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcRTuknAAAAAIx4BmFagOOKfXNE1xclbyyn-RG3&co=aHR0cHM6Ly9jdWx0dXJhZW5lZ29jaW9zLmNvbS5icjo0NDM.&hl=de&v=QUpyTKFkX5CIV6EF8TFSWEif&size=invisible&cb=2yk37e9esove
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Fri, 26 Jan 2024 04:38:48 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 377 KB
130 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: tagmanager.alright.network
URL: https://tagmanager.alright.network/manager/js/container_ZAhWMzKS.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68de2363a8937470cb35f5506e47b36bf67d35d8c7dbead836021fe5ed331587

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132611
x-xss-protection: 0
expires: Fri, 26 Jan 2024 04:38:49 GMT

GET
H2 200 load.js Show response
pm-widget.taboola.com/alright-network/ 4 KB
2 KB 3091ms
3072ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pm-widget.taboola.com/alright-network/load.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/alright-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 304785f2b2e77f4c3c3a9eb8701862eb4b3a8eb3b74991d54ef8476e3b907541

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: rkw4vfIiLS5ksNiiorlo43l2ZsAsLDeV
content-encoding: gzip
via: 1.1 varnish
date: Fri, 26 Jan 2024 04:38:52 GMT
x-amz-request-id: VKYCVC48V4VBCA2D
age: 2186
x-cache: HIT
content-length: 1317
x-amz-id-2: UHIQzTgdTIRCVcGxrvTFHnS4ZQOyx0xtmb39joglvLdw0amNCRwlKUNsdFU13BEKkE1/8VGxyb0=
x-served-by: cache-fra-etou8220069-FRA
last-modified: Tue, 26 Sep 2023 09:09:26 GMT
server: AmazonS3
x-timer: S1706243932.144911,VS0,VE1
etag: "d63e1a950fbafe5175f9b0790c35d57f"
vary: Accept-Encoding,
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 impl.20240125-5-RELEASE.js Show response
cdn.taboola.com/libtrc/ 842 KB
174 KB 18ms
18ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20240125-5-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/alright-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: e57eed97b19a7b770dd3aa55cdbde01e5d83de9d25ffc1fca6a38c96fe4c7aff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: ozy8W.hAe1AoVQ_eyEkaj_w9muMcTBm1
content-encoding: br
via: 1.1 varnish
date: Fri, 26 Jan 2024 04:38:49 GMT
x-amz-request-id: JN3YCDS6TDA8H9M0
age: 9551
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 177933
x-amz-id-2: p8Y5vFpefZgESDCseqFgIeSfC+ZEHYcZj7HbofAJzimVynwN1gHOgiQGoPxd+/hRJP7WSb/gydc=
x-served-by: cache-fra-etou8220069-FRA
last-modified: Thu, 25 Jan 2024 09:51:45 GMT
server: AmazonS3-br
x-timer: S1706243929.086173,VS0,VE0
etag: "3eb08da99246feefc99d5e32897e1b6d"
vary: Accept-Encoding
content-type: application/javascript
abp: 38
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 6367

GET
H2 200 profiles.js Show response
d.tailtarget.com/ Frame 5F8D 13 KB
6 KB 3226ms
21ms Script
application/javascript 35.201.123.184
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.tailtarget.com/profiles.js
Requested by: Host: as.cazamba.com
URL: https://as.cazamba.com/cs?publisher_id=2157&g=1706243929
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b5de679f41d5e07318bf721f4877d6320d3e351d6cfd58a00471854e2503d48c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.cazamba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 00:09:03 GMT
content-encoding: gzip
age: 16189
x-guploader-uploadid: ABPtcPqBzhjZX59244OL7Njio0SpSVYFWQB3sst2SHrbNDx-sS8I_oKpLd97S_yeW-SdCWmHwyk
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5287
last-modified: Thu, 14 Sep 2023 12:59:30 GMT
server: UploadServer
etag: "275a2ca262b6a5880df533bb6481142a"
x-goog-hash: crc32c=Z8R9Yw==, md5=J1osomK2pYgN9TO7ZIEUKg==
x-goog-generation: 1694696370292847
content-language: en
content-type: application/javascript
cache-control: public, max-age=86400,no-transform
x-goog-stored-content-length: 5287
accept-ranges: bytes
expires: Sat, 27 Jan 2024 00:09:03 GMT

GET
H2 200 universal.min.js Show response
tag.navdmp.com/ Frame 5F8D 14 KB
5 KB 3230ms
26ms Script
application/javascript 2606:4700::6810:ff3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/universal.min.js
Requested by: Host: as.cazamba.com
URL: https://as.cazamba.com/cs?publisher_id=2157&g=1706243929
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6123603aeabe4b8467cc64a9ee3329093d346f494179fea936f699aeec37fdd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.cazamba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:52 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 05 Apr 2023 20:59:24 GMT
server: cloudflare
age: 1145
etag: W/"642de12c-36d1"
vary: Accept-Encoding
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 84b611a11aaa3827-FRA
expires: Fri, 26 Jan 2024 05:19:47 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 37 KB
15 KB 3301ms
3301ms Fetch
text/plain 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4430117617272459&correlator=1471530367429631&eid=31080255%2C31080639%2C31079527%2C31061690&output=ldjh&gdfp_req=1&vrg=202401220101&ptt=17&impl=fifs&iu_parts=21830119956%3A22828698084%2Cculturaenegocio%2C23n_STICKY_DESK&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90&ifi=2&didk=930981467&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1706243929139&lmt=1706223589&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fculturaenegocios.com.br%2F&vis=1&psz=728x-1&msz=0x-1&fws=644&ohw=1600&ga_vid=37574242.1706243928&ga_sid=1706243928&ga_hid=1470524450&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY3-TAoNQxSABSAghkEhsKDDMzYWNyb3NzLmNvbRjf5MCg1DFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Y3-TAoNQxSABSAghkEhcKCHJ0YmhvdXNlGNjlwKDUMUgAUgIIahIUCgVvcGVueBjf5MCg1DFIAFICCGQ.&cbidsp=Co8BCAESFQoGYWRhZ2lvEJsBIAJSBmFkYWdpbxIbCgllcGxhbm5pbmcQmwEgAlIJZXBsYW5uaW5nEhcKB3ZpZG9vbXkQyAMgAlIHdmlkb29teRgCIiRkMDIyNTk1OS02NWJhLTQzNDAtYjBjYy1jOGYzNzlkNWU0OTAqBAgDIAAyC3Y4LjI5LjAtcHJlQLgXSgA.&dlt=1706243926738&idt=1738&prev_scp=sitestructure%3DRON%26pageposition%3Dabovefold%26adposition%3Dwidescreen%26iabsafe%3Dtrue%26amznbid%3D2%26amznp%3D2&adks=1403396578&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401220101/pubads_impl.js?cb=31080639

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe8f48420e059b1f4f6a8edf6efbbdd83da9977b73b53ee568b8dddd20da2584

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:52 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15011
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://culturaenegocios.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4B8F 6 KB
3 KB 3205ms
28ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401220101/pubads_impl.js?cb=31080639

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://culturaenegocios.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 26 Jan 2024 04:38:52 GMT
expires: Sat, 25 Jan 2025 04:38:52 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 3BD5 14 KB
6 KB 3192ms
29ms Document
text/html 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=culturaenegocios.com.br

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://culturaenegocios.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 26 Jan 2024 04:38:51 GMT
server: Kestrel
server-processing-duration-in-ticks: 290625
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 cld-video-player.min.css
tagmanager.alright.network/ 88 KB
22 KB 2987ms
2987ms Stylesheet
text/css 13.32.27.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagmanager.alright.network/cld-video-player.min.css
Requested by: Host: tagmanager.alright.network
URL: https://tagmanager.alright.network/manager/js/container_ZAhWMzKS.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-44.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 332130fba45236182c20ef4e7955f2a79a6abc776f579e6c03c433315987ee61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
date: Fri, 26 Jan 2024 04:16:13 GMT
last-modified: Wed, 26 Jan 2022 15:28:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 1360
etag: W/"7504d85c52d7210f8a3616c7f446e29d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: E_ENV2KXfOcWd18cDIR5aMLjTm-WZZJ4N2B-4ysEvIHW4Xm2EbSCXg==

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 38 KB
15 KB 3294ms
3294ms Fetch
text/plain 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4430117617272459&correlator=4419188105069819&eid=31080255%2C31080639%2C31079527%2C31061690&output=ldjh&gdfp_req=1&vrg=202401220101&ptt=17&impl=fifs&iu_parts=21830119956%3A22828698084%2Cculturaenegocio%2C23n_HEADER_DESK&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C728x90%7C970x90&fluid=height&ifi=3&didk=2697881728&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1706243929181&lmt=1706223589&adxs=436&adys=133&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fculturaenegocios.com.br%2F&vis=1&psz=1600x195&msz=1600x0&fws=4&ohw=1600&ga_vid=37574242.1706243928&ga_sid=1706243928&ga_hid=1470524450&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY3-TAoNQxSABSAghkEhsKDDMzYWNyb3NzLmNvbRjf5MCg1DFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Y3-TAoNQxSABSAghkEhcKCHJ0YmhvdXNlGNjlwKDUMUgAUgIIahIUCgVvcGVueBjf5MCg1DFIAFICCGQ.&cbidsp=CuUBCAESFwoHcnViaWNvbhCXASACUgdydWJpY29uEhQKBmFkYWdpbxB1IAJSBmFkYWdpbxIjCg1zbWFydGFkc2VydmVyENsDIAJSDXNtYXJ0YWRzZXJ2ZXISFwoHc2VlZHRhZxDTAyACUgdzZWVkdGFnEhcKB3ZpZG9vbXkQuwMgAlIHdmlkb29teRIbCgllcGxhbm5pbmcQlgEgAlIJZXBsYW5uaW5nGAIiJDA1NzJmZGM2LTIyNWUtNGZjYS1iNmI5LTAzMzkzNmE4MDUxZSoECAMgADILdjguMjkuMC1wcmVAuBdKAA..&dlt=1706243926738&idt=1738&prev_scp=sitestructure%3DRON%26iabsafe%3Dtrue%26amznbid%3D1%26amznp%3D1&adks=2852280210&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401220101/pubads_impl.js?cb=31080639

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e2dc7ab6253fd1ef2505ec37816c747e33539dcdc57f41e37736207f93c71ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:52 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15348
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://culturaenegocios.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 inject_inarcticle.js Show response
cdn.cazamba.com/common/ 3 KB
3 KB 2965ms
2921ms Script
application/javascript 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cazamba.com/common/inject_inarcticle.js
Requested by: Host: api.cazamba.com
URL: https://api.cazamba.com/common/czmb.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: b3b8c509c3ac5a899a4741d6c98f3fe4a15d83e268dedd00ff39bb492c7891e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:52 GMT
x-amz-version-id: b7IxvrEB2fvQFB0lnUr_l7ZQ0UkSxHd1
x-cf-tsc: 1705860372
x-cf3: H
x-amz-request-id: QP9NXCJBNNNWKS0P
cf4ttl: 2250048.750
x-amz-server-side-encryption: AES256
x-cf1: 34995:fE.fra2:co:nots:cacheN.fra2-01:H
x-cf-reqid: bf6e1d850063fc437d58cb83f949bda8
content-length: 2665
x-amz-id-2: dwge64aTnVIVTmVJU2UPwELjS9RbGKOHkInROTDA+2BhpfnxZ0doS8X4emABihum5VavkP04Igg=
x-cf2: H
last-modified: Wed, 26 Apr 2023 22:03:40 GMT
server: CFS 0215
x-cff: B
etag: "90b17ef143156d1ab8a68110c20830b2"
content-type: application/javascript
cf4age: 428351
x-amz-meta-version-id: YG1Z7OOIzOzNziKq9xJnr6fNMUB_.fTj
accept-ranges: bytes

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame CA2D 14 KB
10 KB 2912ms
2911ms XHR
application/json 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LcRTuknAAAAAIx4BmFagOOKfXNE1xclbyyn-RG3

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

08b6cc864796c90b20503b424f80a27db97cfcfa3654b918cef00cda8bc48041

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcRTuknAAAAAIx4BmFagOOKfXNE1xclbyyn-RG3&co=aHR0cHM6Ly9jdWx0dXJhZW5lZ29jaW9zLmNvbS5icjo0NDM.&hl=de&v=QUpyTKFkX5CIV6EF8TFSWEif&size=invisible&cb=2yk37e9esove
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Fri, 26 Jan 2024 04:38:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Fri, 26 Jan 2024 04:38:52 GMT

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
283 B 2168ms
19ms Fetch
application/json 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

b85261e84d2e780e6eeaf5f7f0f73408690ff578d71196890fe2a218f93e673e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin: https://culturaenegocios.com.br
date: Fri, 26 Jan 2024 04:38:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
13 KB 815ms
815ms Fetch
text/plain 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4430117617272459&correlator=3425560198426215&eid=31080255%2C31080639%2C31079527%2C31061690&output=ldjh&gdfp_req=1&vrg=202401220101&ptt=17&impl=fifs&iu_parts=21830119956%3A22828698084%2Cculturaenegocio%2C23u_SIDEBAR1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%7C320x250%7C320x480%7C300x600%7C120x600%7C160x600&fluid=height&ifi=4&didk=3873880151&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1706243931669&lmt=1706223589&adxs=1024&adys=1949&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fculturaenegocios.com.br%2F&vis=1&psz=321x3096&msz=300x0&fws=4&ohw=1600&ga_vid=37574242.1706243928&ga_sid=1706243928&ga_hid=1470524450&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY3-TAoNQxSABSAghkEhsKDDMzYWNyb3NzLmNvbRjf5MCg1DFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Y3-TAoNQxSABSAghkEhcKCHJ0YmhvdXNlGNjlwKDUMUgAUgIIahIUCgVvcGVueBjf5MCg1DFIAFICCGQ.&cbidsp=Cs0BCAESFwoHdmlkb29teRDLAyACUgd2aWRvb215EhsKCWVwbGFubmluZxClASACUgllcGxhbm5pbmcSFQoGYWRhZ2lvEKQBIAJSBmFkYWdpbxIjCg1zbWFydGFkc2VydmVyELgXIANSDXNtYXJ0YWRzZXJ2ZXISFwoHcnViaWNvbhCgASACUgdydWJpY29uGAIiJDA5NDY3YWQ2LWIxZWUtNGZjZi1hZTAwLTNjNmE2NmMzOGM4OSoECAMgADILdjguMjkuMC1wcmVAuBdKAA..&dlt=1706243926738&idt=1738&prev_scp=sitestructure%3DRON%26iabsafe%3Dtrue%26amznbid%3D2%26amznp%3D2&adks=1795915844&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401220101/pubads_impl.js?cb=31080639

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f618ec59c68ef72aa7edef132178fa070cc28c8e8c27ebca9568f3169636303

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:52 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13105
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://culturaenegocios.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
spl.zeotap.com/ Frame 4A6C 9 KB
2 KB 80ms
36ms Document
text/html 2606:4700:10::6816:3262
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Requested by

Host: tagmanager.alright.network
URL: https://tagmanager.alright.network/prebid_alright.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3262 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b734b1f3db0cd4d342fce3f78b5cdd2e1e5a3c7ac403b27a196b2e1b80c6121f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://culturaenegocios.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://culturaenegocios.com.br
cf-cache-status: DYNAMIC
cf-ray: 84b611a1488a9211-FRA
content-encoding: br
content-type: text/html
date: Fri, 26 Jan 2024 04:38:52 GMT
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
via: 1.1 google
x-content-type-options: nosniff

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 9781 281 B
555 B 92ms
33ms Document
text/html 104.79.89.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: tagmanager.alright.network
URL: https://tagmanager.alright.network/prebid_alright.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.79.89.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-79-89-214.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://culturaenegocios.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 26 Jan 2024 04:38:52 GMT
ETag: "280524-119-60b38417c4040"
Last-Modified: Tue, 28 Nov 2023 15:41:45 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1

200
OK

setuid
a-prebid.vidoomy.com/
Redirect Chain

https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D$%7BUID%7D
https://a-prebid.vidoomy.com/setuid?bidder=openx&uid=fad7f4cf-9d73-4fe2-874f-11389f43831b

0
571 B

359ms
62ms

Image
text/html

212.36.83.246
AS_ADAM Adam Data...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a-prebid.vidoomy.com/setuid?bidder=openx&uid=fad7f4cf-9d73-4fe2-874f-11389f43831b
Requested by: Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/
Protocol: HTTP/1.1
Server: 212.36.83.246 Sant Vicenç dels Horts, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS: lb2.vdmy.dtic.es
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 Jan 2024 04:38:52 GMT
Server: nginx
Vary: Accept-Encoding, Origin
Content-Type: text/html
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:52 GMT
via: 1.1 google
content-type: text/html; charset=utf-8
location: https://a-prebid.vidoomy.com/setuid?bidder=openx&uid=fad7f4cf-9d73-4fe2-874f-11389f43831b
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 116

GET
H2 200 cookie
cm.adform.net/ 43 B
106 B 217ms
32ms Image
image/gif 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dadf%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Requested by: Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:52 GMT
server: nginx
content-length: 43
content-type: image/gif

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ 0
239 B 220ms
19ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-vidoomy&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 402fba8a82f093def2459220061c8d31
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ 0
187 B 218ms
34ms Image
text/plain 98.98.134.241
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D
Requested by: Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: A /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Fri, 26 Jan 2024 04:38:52 GMT
cache-control: max-age=0,no-cache,no-store
server: A
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

sync
odr.mookie1.com/t/v2/
Redirect Chain

https://x.bidswitch.net/sync?ssp=vidoomy&gdpr=0&gdpr_consent=&us_privacy=
https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&gdpr=0&gdpr_consent=&us_privacy=
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=72803c21-3cf3-4caa-adca-1d3b22576b0d&ssp=vidoomy&gdpr=0&gdpr_consent=

42 B
94 B

29ms
28ms

Image
image/gif

34.160.236.64
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=72803c21-3cf3-4caa-adca-1d3b22576b0d&ssp=vidoomy&gdpr=0&gdpr_consent=
Requested by: Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/
Protocol: H2
Server: 34.160.236.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 64.236.160.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:52 GMT
via: 1.1 google
last-modified: Thu, 19 Oct 2023 06:07:48 GMT
server: nginx
etag: "6530c7b4-2a"
content-type: image/gif
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

Location: //odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=72803c21-3cf3-4caa-adca-1d3b22576b0d&ssp=vidoomy&gdpr=0&gdpr_consent=
Date: Fri, 26 Jan 2024 04:38:52 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame F6E0 199 B
298 B 88ms
28ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e

Request headers

Referer: https://culturaenegocios.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 151
content-type: text/html
date: Fri, 26 Jan 2024 04:38:52 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 pmk-20220605.6.js Show response
pm-widget.taboola.com/alright-network/ 102 KB
29 KB 172ms
20ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pm-widget.taboola.com/alright-network/pmk-20220605.6.js
Requested by: Host: pm-widget.taboola.com
URL: https://pm-widget.taboola.com/alright-network/load.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ce1ca297a4aa1309ebb8c299d850f937f2be53afe7f530701d2977145c200509

Request headers

Referer: https://culturaenegocios.com.br/
Origin: https://culturaenegocios.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 5UlTmO_wGMXE3pm9AilN46O6xnDnLI78
content-encoding: gzip
via: 1.1 varnish
date: Fri, 26 Jan 2024 04:38:52 GMT
x-amz-request-id: E23W5W2NBDT19JGZ
age: 193978
x-cache: HIT
content-length: 28794
x-amz-id-2: 7DTyyriXMI5gOm7J+xG+35mtoKXRZ+AUNh23f5nwLo62b1mz+sjipbbnka7lBt83unBTGPTMO6U=
x-served-by: cache-fra-etou8220071-FRA
last-modified: Tue, 26 Sep 2023 09:09:25 GMT
server: AmazonS3
x-timer: S1706243932.330259,VS0,VE1
etag: "b3739c2e729b0b6ae6ed49049779685a"
vary: Accept-Encoding, ,Origin
access-control-allow-methods: GET,POST,PUT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
287 B 146ms
30ms Script
text/javascript 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240125-5-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://culturaenegocios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:52 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 284143
expires: 60

POST
H2 200 v3 Show response
id5-sync.com/gm/ 403 B
692 B 78ms
21ms XHR
application/json 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/gm/v3

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

bb2ea09d4eb9409ddeb36a93a6fdc584f71f274e4a925281f2715ab4580f296a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://culturaenegocios.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://culturaenegocios.com.br
date: Fri, 26 Jan 2024 04:38:52 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 200 profile Show response
d.t.tailtarget.com/ Frame 5F8D 92 B
291 B 180ms
120ms Script
application/x-javascript 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.t.tailtarget.com/profile
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/profiles.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: e593d32d2b3c25b54c4632fc55d4c55cce4154e0bfaeb75883da07b742e762dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.cazamba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:52 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 30 Jan 2020 20:26:00 GMT
server: nginx/1.17.8
etag: W/"5e333bd8-5c"
vary: Accept-Encoding, Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 26 Jan 2024 05:38:52 GMT

GET
H2 200 44768 Show response
tag.navdmp.com/u/ Frame 5F8D 590 B
526 B 149ms
145ms Script
application/javascript 2606:4700::6810:ff3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/u/44768
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04bc269ca65c325114dfb91d780a63874a6f47cc21dba133c57e965769099c98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.cazamba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:52 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 05 Nov 2021 18:14:27 GMT
server: cloudflare
etag: W/"61857483-24e"
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 84b611a14ace3827-FRA
expires: Fri, 26 Jan 2024 05:38:52 GMT

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame 3BD5 452 B
578 B 27ms
27ms Fetch
application/json 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=publishertagids&domain=culturaenegocios.com.br&sn=ChromeSyncframe&so=0&topUrl=culturaenegocios.com.br&cw=1&lsw=1&topicsavail=0&fledgeavail=0

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=culturaenegocios.com.br

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e2efb418f3f7bcc3ffd5179fd2d18923a7e3f39cec1102d4760a3d85d54ee25e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=culturaenegocios.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:52 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2686657
expires: 0

GET
H2 400 getuid
ib.adnxs.com/ Frame 4A6C 0
0 101ms
28ms Image
text/html 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a02225b6-7fcb-49c9-40ba-68a47d4b4720&reqId=0c4c8c35-54fb-4c99-4916-4c4ea17d9eb7&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 4A6C 170 B
409 B 88ms
29ms Image
image/png 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a02225b6-7fcb-49c9-40ba-68a47d4b4720&reqId=0c4c8c35-54fb-4c99-4916-4c4ea17d9eb7&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 4A6C
Redirect Chain

https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
https://mwzeom.zeotap.com/mw?cid=a2689ff9-98b9-4d29-946a-429cfcbfc06c&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a02225b6-7fcb-49c9-40ba-68a47d4b4720&reqId=0c4c8c35-54fb-4c99...

95 B
154 B

32ms
32ms

Image
image/png

2606:4700:10::6816:3262
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?cid=a2689ff9-98b9-4d29-946a-429cfcbfc06c&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a02225b6-7fcb-49c9-40ba-68a47d4b4720&reqId=0c4c8c35-54fb-4c99-4916-4c4ea17d9eb7&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::6816:3262 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:52 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 84b611a258e29211-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

date: Fri, 26 Jan 2024 04:38:52 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://mwzeom.zeotap.com/mw?cid=a2689ff9-98b9-4d29-946a-429cfcbfc06c&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a02225b6-7fcb-49c9-40ba-68a47d4b4720&reqId=0c4c8c35-54fb-4c99-4916-4c4ea17d9eb7&zdid=1361
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 403 /
dmp.adform.net/serving/cookie/match/ Frame 4A6C 0
454 B 112ms
29ms Image
text/plain 37.157.2.229
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a02225b6-7fcb-49c9-40ba-68a47d4b4720&reqId=0c4c8c35-54fb-4c99-4916-4c4ea17d9eb7&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 4A6C 70 B
149 B 245ms
45ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da02225b6-7fcb-49c9-40ba-68a47d4b4720%26reqId%3D0c4c8c35-54fb-4c99-4916-4c4ea17d9eb7%26zdid%3D1361&gdpr=1&gdpr_consent=
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:52 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 cm
trc.taboola.com/sg/zeotap/1/ Frame 4A6C 0
123 B 37ms
27ms Image
text/plain 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a02225b6-7fcb-49c9-40ba-68a47d4b4720&reqId=0c4c8c35-54fb-4c99-4916-4c4ea17d9eb7&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-vcl-time-ms: 8
date: Fri, 26 Jan 2024 04:38:52 GMT
via: 1.1 varnish
x-served-by: cache-fra-etou8220069-FRA
server: nginx
x-timer: S1706243932.416048,VS0,VE8
x-fastly-to-nlb-rtt: 7518
x-cache: MISS
accept-ranges: bytes
content-length: 0
x-service-version: v1
x-cache-hits: 0

GET
H/1.1 200
OK u
dmp.v.fwmrm.net/ad/ Frame 4A6C 0
460 B 411ms
113ms Image
text/html 2600:1f18:6593:f602:82a0:df8e:67ea:6e72
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f18:6593:f602:82a0:df8e:67ea:6e72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 Jan 2024 04:38:52 GMT
X-Fw-Request-Id: ume4b65_1706243932685612097
Content-Type: text/html
P3P: policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control: no-store
Connection: keep-alive
Keep-Alive: timeout=300
Content-Length: 0
Expires: 0

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 4A6C 0
166 B 113ms
30ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da02225b6-7fcb-49c9-40ba-68a47d4b4720%26reqId%3D0c4c8c35-54fb-4c99-4916-4c4ea17d9eb7%26zdid%3D1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Fri, 26 Jan 2024 04:38:50 GMT
content-length: 0
content-type: text/html; charset=UTF-8

GET genericusersync.ashx
sync.tidaltv.com/ Frame 4A6C 0
0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 4A6C
Redirect Chain

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=a02225b6-7fcb-49c9-40ba-68a47d4b4720&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=a02225b6-7fcb-49c9-40ba-68a47d4b4720&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
https://mwzeom.zeotap.com/mw?cid=47622039860759293112579590827818019451&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a02225b6-7fcb-49c9-40ba-68a47d4b4720&reqId=0c4c8c35-54fb-...

95 B
154 B

41ms
40ms

Image
image/png

2606:4700:10::6816:3262
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?cid=47622039860759293112579590827818019451&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a02225b6-7fcb-49c9-40ba-68a47d4b4720&reqId=0c4c8c35-54fb-4c99-4916-4c4ea17d9eb7&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::6816:3262 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:52 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 84b611a3692e9211-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

dcs: dcs-prod-irl1-1-v054-08e40c941.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Fri, 26 Jan 2024 04:38:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: c04aeUUrTuo=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://mwzeom.zeotap.com/mw?cid=47622039860759293112579590827818019451&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a02225b6-7fcb-49c9-40ba-68a47d4b4720&reqId=0c4c8c35-54fb-4c99-4916-4c4ea17d9eb7&zdid=1361
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 204 /
loadeu.exelator.com/load/ Frame 4A6C 0
324 B 235ms
42ms Image
text/plain 54.78.254.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a02225b6-7fcb-49c9-40ba-68a47d4b4720&reqId=0c4c8c35-54fb-4c99-4916-4c4ea17d9eb7&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:52 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET zeotap.php
bn01.er.bemail.it/ Frame 4A6C 0
0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 4A6C
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
https://mwzeom.zeotap.com/mw?cid=7328261886946900122&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a02225b6-7fcb-49c9-40ba-68a47d4b4720&reqId=0c4c8c35-54fb-4c99-4916-...

95 B
154 B

36ms
35ms

Image
image/png

2606:4700:10::6816:3262
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?cid=7328261886946900122&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a02225b6-7fcb-49c9-40ba-68a47d4b4720&reqId=0c4c8c35-54fb-4c99-4916-4c4ea17d9eb7&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::6816:3262 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:52 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 84b611a2f90b9211-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

Location: https://mwzeom.zeotap.com/mw?cid=7328261886946900122&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a02225b6-7fcb-49c9-40ba-68a47d4b4720&reqId=0c4c8c35-54fb-4c99-4916-4c4ea17d9eb7&zdid=1361
Date: Fri, 26 Jan 2024 04:38:52 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

check
pixel.tapad.com/idsync/ex/receive/ Frame 4A6C
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=a02225b6-7fcb-49c9-40ba-68a47d4b4720
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=a02225b6-7fcb-49c9-40ba-68a47d4b4720

95 B
124 B

31ms
31ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=a02225b6-7fcb-49c9-40ba-68a47d4b4720

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:52 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

date: Fri, 26 Jan 2024 04:38:52 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=a02225b6-7fcb-49c9-40ba-68a47d4b4720
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 4A6C
Redirect Chain

https://idsync.frontend.weborama.fr/ids?key=zeotap&value=a02225b6-7fcb-49c9-40ba-68a47d4b4720&gdpr=1&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%...
https://idsync.frontend.weborama.fr/ids?key=zeotap&value=a02225b6-7fcb-49c9-40ba-68a47d4b4720&gdpr=1&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%...
https://mwzeom.zeotap.com/mw?webouuid=PVZysCSiEExCJFCulIAWqu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a02225b6-7fcb-49c9-40ba-68a47d4b4720&reqId=0c4c8c35-54fb-4c...

95 B
154 B

33ms
33ms

Image
image/png

2606:4700:10::6816:3262
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?webouuid=PVZysCSiEExCJFCulIAWqu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a02225b6-7fcb-49c9-40ba-68a47d4b4720&reqId=0c4c8c35-54fb-4c99-4916-4c4ea17d9eb7&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::6816:3262 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:52 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 84b611a329209211-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:51 GMT
via: 1.1 google
last-modified: Fri, 26 Jan 2024 04:38:52 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://mwzeom.zeotap.com/mw?webouuid=PVZysCSiEExCJFCulIAWqu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a02225b6-7fcb-49c9-40ba-68a47d4b4720&reqId=0c4c8c35-54fb-4c99-4916-4c4ea17d9eb7&zdid=1361
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 404 2.gif
dmp.theadex.com/d/949/i/ Frame 4A6C 0
84 B 116ms
25ms Image
text/plain 185.15.245.81
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=a02225b6-7fcb-49c9-40ba-68a47d4b4720&axd_pid=175
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.15.245.81 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:52 GMT
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 4A6C
Redirect Chain

https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=a02225b6-7fcb-49c9-40ba-68a47d4b4720?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a02225b6-7fcb-49c9-40ba-68a47d4b4720&reqId=0c4c8c35-54fb-4c99-4916-4c4ea17d9eb7&zdid=1361

95 B
165 B

38ms
37ms

Image
image/png

2606:4700:10::6816:3262
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a02225b6-7fcb-49c9-40ba-68a47d4b4720&reqId=0c4c8c35-54fb-4c99-4916-4c4ea17d9eb7&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::6816:3262 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:52 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 84b611a1e8c39211-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:52 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a02225b6-7fcb-49c9-40ba-68a47d4b4720&reqId=0c4c8c35-54fb-4c99-4916-4c4ea17d9eb7&zdid=1361
cache-control: no-cache
x-server: 10.45.23.17
content-length: 0
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 4A6C
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP
https://mwzeom.zeotap.com/mw?cid=y-parduKFE2oo4q8g0uX_FBDYid.FB2QnKLA--~A&zpartnerid=570&env=mWeb

95 B
154 B

45ms
45ms

Image
image/png

2606:4700:10::6816:3262
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?cid=y-parduKFE2oo4q8g0uX_FBDYid.FB2QnKLA--~A&zpartnerid=570&env=mWeb

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::6816:3262 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:52 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 84b611a379389211-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?cid=y-parduKFE2oo4q8g0uX_FBDYid.FB2QnKLA--~A&zpartnerid=570&env=mWeb
date: Fri, 26 Jan 2024 04:38:52 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 4A6C
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a02225b6-7fcb-49c9-40ba-68a47d4b4720&reqId=0c4c8c35-54fb-4c99-4916-4c4ea17d9eb7&zd...
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=p81CbJ%2F4aWU7%2BYl0skc8D0LzVoWLSp44%2BS41iYitP1U%3D

95 B
154 B

32ms
31ms

Image
image/png

2606:4700:10::6816:3262
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=p81CbJ%2F4aWU7%2BYl0skc8D0LzVoWLSp44%2BS41iYitP1U%3D

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::6816:3262 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:52 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 84b611a3c94b9211-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:52 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=p81CbJ%2F4aWU7%2BYl0skc8D0LzVoWLSp44%2BS41iYitP1U%3D
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires: 0

GET
H2 200 v2
odr.mookie1.com/t/ Frame 4A6C 42 B
204 B 76ms
29ms Image
image/gif 34.160.236.64
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=a02225b6-7fcb-49c9-40ba-68a47d4b4720&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a02225b6-7fcb-49c9-40ba-68a47d4b4720&reqId=0c4c8c35-54fb-4c99-4916-4c4ea17d9eb7&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.236.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 64.236.160.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:52 GMT
via: 1.1 google
last-modified: Thu, 19 Oct 2023 06:07:48 GMT
server: nginx
etag: "6530c7b4-2a"
content-type: image/gif
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 4A6C 0
338 B 161ms
45ms Image
text/plain 108.128.229.209
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a02225b6-7fcb-49c9-40ba-68a47d4b4720&reqId=0c4c8c35-54fb-4c99-4916-4c4ea17d9eb7&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.229.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-229-209.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by: beacon-n012-dub-prod.krxd.net
date: Fri, 26 Jan 2024 04:38:52 GMT
cache-control: private, no-cache, no-store
x-request-time: D=46 t=1706243932
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 204 /
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 4A6C 0
65 B 113ms
26ms Image
text/plain 168.119.146.39
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=a02225b6-7fcb-49c9-40ba-68a47d4b4720&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a02225b6-7fcb-49c9-40ba-68a47d4b4720&reqId=0c4c8c35-54fb-4c99-4916-4c4ea17d9eb7&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 168.119.146.39 Frankfurt am Main, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.39.146.119.168.clients.your-server.de
Software: nginx/1.14.1 / PHP/8.2.4
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:37 GMT
x-powered-by: PHP/8.2.4
server: nginx/1.14.1

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 4A6C
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZbM3XAAAAM5pQQBK&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a02225b6-7fcb-49c9-40ba-68a47d4b4720&reqId=0c4c8c35-54fb-4c99-4916-4c4...

95 B
154 B

36ms
35ms

Image
image/png

2606:4700:10::6816:3262
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZbM3XAAAAM5pQQBK&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a02225b6-7fcb-49c9-40ba-68a47d4b4720&reqId=0c4c8c35-54fb-4c99-4916-4c4ea17d9eb7&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::6816:3262 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:52 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 84b611a509bb9211-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

x-served-by: cache-fra-eddf8230020-FRA
pragma: no-cache
date: Fri, 26 Jan 2024 04:38:52 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1706243933.851327,VS0,VE93
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZbM3XAAAAM5pQQBK&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a02225b6-7fcb-49c9-40ba-68a47d4b4720&reqId=0c4c8c35-54fb-4c99-4916-4c4ea17d9eb7&zdid=1361
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 4A6C
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a02225b6-7fcb-49c9-40ba-68a47d4b4720&reqId=0c4c8c35-54fb-4c99-4916-4c4ea17d9eb7&zdid=1361
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a02225b6-7fcb-49c9-40ba-68a47d4b4720&reqId=0c4c8c35-54fb-4c99-4916-4c4ea17d...

0
338 B

45ms
45ms

Image
text/plain

108.128.229.209
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a02225b6-7fcb-49c9-40ba-68a47d4b4720&reqId=0c4c8c35-54fb-4c99-4916-4c4ea17d9eb7&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 108.128.229.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-229-209.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by: beacon-n007-dub-prod.krxd.net
date: Fri, 26 Jan 2024 04:38:53 GMT
cache-control: private, no-cache, no-store
x-request-time: D=34 t=1706243933
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a02225b6-7fcb-49c9-40ba-68a47d4b4720&reqId=0c4c8c35-54fb-4c99-4916-4c4ea17d9eb7&zdid=1361
date: Fri, 26 Jan 2024 04:38:53 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a014-ash-prod.krxd.net

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame 4A6C
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=a02225b6-7fcb-49c9-40ba-68a47d4b4720&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a02225b6-7fcb-49c9-40b...
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=a02225b6-7fcb-49c9-40ba-68a47d4b4720&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a02225b6-7fcb-49c9-40b...

43 B
568 B

49ms
49ms

Image
image/gif

67.220.226.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=a02225b6-7fcb-49c9-40ba-68a47d4b4720&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a02225b6-7fcb-49c9-40ba-68a47d4b4720&reqId=0c4c8c35-54fb-4c99-4916-4c4ea17d9eb7&zdid=1361&dcc=t

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

HTTP/1.1

Server

67.220.226.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 Jan 2024 04:38:52 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: EEBPH81D10WMK7G4AFD5
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 26 Jan 2024 04:38:52 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 7NG6HJ213S895T1KATDD
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=a02225b6-7fcb-49c9-40ba-68a47d4b4720&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a02225b6-7fcb-49c9-40ba-68a47d4b4720&reqId=0c4c8c35-54fb-4c99-4916-4c4ea17d9eb7&zdid=1361&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 400 87734
tags.bluekai.com/site/ Frame 4A6C 0
145 B 239ms
159ms Image
text/plain 72.246.169.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/87734?id=a02225b6-7fcb-49c9-40ba-68a47d4b4720&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a02225b6-7fcb-49c9-40ba-68a47d4b4720&reqId=0c4c8c35-54fb-4c99-4916-4c4ea17d9eb7&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.246.169.24 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-246-169-24.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:52 GMT
content-length: 0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 4A6C
Redirect Chain

https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da02...
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a02225b6-7fcb-49c9-40ba-68a47d4b4720&reqId=0c4c8c35-54fb-4c99-4916-4c4ea17d9eb7&zdid=1361

95 B
154 B

31ms
30ms

Image
image/png

2606:4700:10::6816:3262
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a02225b6-7fcb-49c9-40ba-68a47d4b4720&reqId=0c4c8c35-54fb-4c99-4916-4c4ea17d9eb7&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::6816:3262 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:52 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 84b611a4e9b19211-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a02225b6-7fcb-49c9-40ba-68a47d4b4720&reqId=0c4c8c35-54fb-4c99-4916-4c4ea17d9eb7&zdid=1361
date: Fri, 26 Jan 2024 04:38:52 GMT
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
content-length: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 4A6C
Redirect Chain

https://pixel.rubiconproject.com/token?pid=41544&puid=a02225b6-7fcb-49c9-40ba-68a47d4b4720&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a02225b6-7fcb-49c9-40ba-68a47d4b...
https://mwzeom.zeotap.com/mw?cid=LRU5KXBA-2-25E6&env=mWeb&zpartnerid=1770&gdpr=1

95 B
154 B

34ms
34ms

Image
image/png

2606:4700:10::6816:3262
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?cid=LRU5KXBA-2-25E6&env=mWeb&zpartnerid=1770&gdpr=1

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::6816:3262 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:52 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 84b611a419669211-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

Location: https://mwzeom.zeotap.com/mw?cid=LRU5KXBA-2-25E6&env=mWeb&zpartnerid=1770&gdpr=1
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 402fba8a82f093def2459220061c8d31
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK syncd
x.bidswitch.net/ Frame 4A6C 43 B
235 B 58ms
37ms Image
image/gif 35.214.149.91
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/syncd?dsp_id=461&user_group=1&expires=5&user_id=a02225b6-7fcb-49c9-40ba-68a47d4b4720&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBSW_UID%7D%26env%3DmWeb%26zpartnerid%3D1771%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da02225b6-7fcb-49c9-40ba-68a47d4b4720%26reqId%3D0c4c8c35-54fb-4c99-4916-4c4ea17d9eb7%26zdid%3D1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 91.149.214.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 26 Jan 2024 04:38:52 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 4A6C 95 B
154 B 31ms
30ms Image
image/png 2606:4700:10::6816:3262
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?zpartnerid=1353&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a02225b6-7fcb-49c9-40ba-68a47d4b4720&reqId=0c4c8c35-54fb-4c99-4916-4c4ea17d9eb7&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3262 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:52 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 84b611a419659211-FRA
access-control-allow-headers: *
content-length: 95

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 4A6C
Redirect Chain

https://cms.quantserve.com/pixel/p-2vLHuZkZPAz2_.gif?idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=a02225b6-7fcb-49c9-40ba-68a47d4b4720&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_...
https://mwzeom.zeotap.com/mw?cid=elaNG39U2kthB9keLVbCHHkB2xthVNlLKFb4-TLq&env=mWeb&zpartnerid=1875&gdpr=1&gdpr_consent=&idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=a02225b6-7fcb-49c...

95 B
154 B

31ms
31ms

Image
image/png

2606:4700:10::6816:3262
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?cid=elaNG39U2kthB9keLVbCHHkB2xthVNlLKFb4-TLq&env=mWeb&zpartnerid=1875&gdpr=1&gdpr_consent=&idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=a02225b6-7fcb-49c9-40ba-68a47d4b4720&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a02225b6-7fcb-49c9-40ba-68a47d4b4720&reqId=0c4c8c35-54fb-4c99-4916-4c4ea17d9eb7&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::6816:3262 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:52 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 84b611a499969211-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:52 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://mwzeom.zeotap.com/mw?cid=elaNG39U2kthB9keLVbCHHkB2xthVNlLKFb4-TLq&env=mWeb&zpartnerid=1875&gdpr=1&gdpr_consent=&idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=a02225b6-7fcb-49c9-40ba-68a47d4b4720&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a02225b6-7fcb-49c9-40ba-68a47d4b4720&reqId=0c4c8c35-54fb-4c99-4916-4c4ea17d9eb7&zdid=1361
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 cmp.min.js Show response
spl.zeotap.com/ Frame 4A6C 557 B
469 B 35ms
34ms Script
text/plain 2606:4700:10::6816:3262
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a02225b6-7fcb-49c9-40ba-68a47d4b4720&reqId=0c4c8c35-54fb-4c99-4916-4c4ea17d9eb7&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3262 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

badb52a9ac49e10e3bb7a611e3d3917285f038f0c01f40eab6b33b07f4db3fa2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:52 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 84b611a188a49211-FRA
access-control-allow-headers: *

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 9781 39 KB
11 KB 25ms
24ms Script
text/html 104.79.89.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.79.89.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-79-89-214.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: ee3d91bec75876c3e7419b881af0ece847fa97dd2140c30eb5a0679528846b07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 26 Jan 2024 04:38:52 GMT
Content-Encoding: gzip
Last-Modified: Fri, 26 Jan 2024 00:05:16 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=69977
Connection: keep-alive
Content-Length: 10901
Expires: Sat, 27 Jan 2024 00:05:09 GMT

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 9781 7 B
380 B 83ms
21ms XHR
application/json 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: e8e3ec71b160ae7345e4e302cc752a77
Expires: 0

GET
H2 200 container.html Show response
fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D0E8 6 KB
3 KB 19ms
19ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401220101/pubads_impl.js?cb=31080639

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://culturaenegocios.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 26 Jan 2024 04:38:52 GMT
expires: Sat, 25 Jan 2025 04:38:52 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 20C2 624 B
242 B 58ms
56ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjIioH8ATAB&v=APEucNXutDdwcOxLsqJf7f_vEbAefXhcujn_VofUacSoKYKMHglhRMQLYcJzCBdBQKQzS_1yINWv-AGHZFrK8DqAKY_OYpgkdhsMHrXQgJ2BI3H-YvPRUUP-b4IZNCrTD3cnfgSXo2JV9ZfigYmWxebWc8W0hOZEbqxxRfT1Kh9EmW3-FFILMl8

Requested by

Host: fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com
URL: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 26 Jan 2024 04:38:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame D0E8 89 KB
31 KB 119ms
119ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com
URL: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 04:38:52 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame D0E8 42 B
63 B 50ms
48ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AkAdtsUZE-6a6tUlBsMc17Q_xAXxJmU1RC90tF8KQnCJ31Fjrgf0pBI0FC1v1U9iofZ7WGevXIn1G7owFnForabjZN19zy8Zy52q8wFXC-PugSpPE

Requested by

Host: fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com
URL: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adj Show response
fw.adsafeprotected.com/rjss/bgd/1520146/76103085/xbbe/creative/ Frame D0E8 278 KB
82 KB 168ms
45ms Script
application/javascript 108.128.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/bgd/1520146/76103085/xbbe/creative/adj?p=APEucNWduAWxxFE2yDnPDruzexwLuItWJNxjquzP5r69jxxWWxXDHhQ&d=CokBAKAmf-DWbp62DJM3WVoEXH3pBDlZOS6yR7Y2k5vpmmISeSriC2v1purRfauPhiO1u78_4yKw1MqxiupLw4YU25kY4qTf6wHgPJ5k9hI82peIP2julREXDw72hOZVb7RcGXQCIoOCVSzIVezbt7ABrG2uV_Zn5XJgBL3XAxyjcf9uJNf6MaZU0IUSyRYAoCZ_4IFvrK7q-V-sfdNDv_jAMDYrbmgLTq-soxVEqlcn-DTYRfSaR-iPUofbQ6h-0iYp_6FvX8E6xLot4qO4ZRnbNTUG3QAMwYlBh5uxr4DuB-Y2SVwXPqmpOg9t5HTcH7PVkDFFA-zKB57w6XCR6aAQwd7a7ISuVL-1urd91AU_GgT7qLxUqrqHSWLKx3C48tDM3wSlNtxBuARVF1pGg_j_aevaiWlTPdl8adZVAFncVptWzG8ymb1xEryKdiAXwqxdW99lLQnY_E5OKFPBGt4LaYxzg7yimai7YSQJxiYcOC6BJv8ptjUh_UpRSKc6MDnyGBT9zOUVWjnp67Su0n_OiCkMfVECWwQ09tHUxj_BsDc7q3WcGT8XUbp5qMAaAXwo323jVO9zZZE2qAn9ak-KSSz3fEp69xsCi35U2d2SNqFn3D4IVY5-C2csvnpRZVNyVFxdnTfF70o8HC9igLRxn_NmjUt5WjuPiGbRdCwcO9X6AxCon8IyqaWCUmYe3CGkZeAug8fFoBEZElwPQsBR5ZSHe5h-kZtuDMdlNzqvmuuq1yftGl7wfL1gQlevvddvj4SHaNfj1NXad09g4DHjZOXHvtWCDSP3Jw439GQbAi4yw5MLDHvfDXpMjT2mt_H7nv2GlT6bBHINYTdSdibI3Hew1yyfqwn4NeKmd2Xo5gX58Ssg2S5hwU_8dXkmZ2yUJumR4Dp40gA7g47GitBN7im5gfC02BtlYCF08Y9XIJFdc6mDTmrQHAm5eSp9ZijIOHJVWROFcRp4Fi7PB-EnsRI9Gz1B7c1SofTKoDELklCt5j0LraL5bOjd9pJlsMLDb_AxZ5-taswLhvOaUMOETV3GoPwSvWQa17MUR4ZgiUvT8Kfi9r3-BZjAHk5NqYQF3Lt4dtzByNrkse-HotOHBV6xFl3b-v_KLErTNNK2tMtny77SEqjNRsGB1UnD6XzRjcy9CF8JkTkKNZgEeydLXJmbG00d9fELrQBfd0IXrRKVvIIn9e2rubcBPBKk3CVowsQhaC05os3oxGTXXIX4kSyH1kzcPcMJL8aR3thu9EZfIxmtjKlTmtwjacDRpxcxbYUfdYAvMj4kyo3pxYmSrLuJp1QFm4nCNQ6E_6xDPHhltb9e-vIcfgsH7d7mFzE8eSjNfdGKeU2edtsx_eYvuEPEenGPShAw2yK188dloyROe9ThumV0ukA0j1-Vgxf3Qu6etkAPCfC43zPLLaYMv5YxzC3WwviEyhrQrtVNfXbIMLiFGOT4X2Kh3tDBQXVG4pJ8T0qHzDWsYPCKaVmsrwlBNZ8O1UEzOZovTmVYUbsLIIPHFHvo0fVCu5OCOMtwCWhYRQ37Rr94ng3ppR3EeLq3R21Xq31NPBBEs6A37CyNqSSSd2ZcRFT6gE1RP4pu2LJHbObVN_SgPUtLMiJgdX5QcnFNa7SDbuEZwb3Ha9lIp2kpLaym90sCt8VGoujHG7IyXezh80vTF3sdoqWCUe9zYYm-LLPW8CDkQUCMaXeToZYTJa9tEMv-mS7wjJT15gUEpQQL-AiArasvV5dfAphIzVZA6npRqzxaw9YqqQuRzMhVGd1dh8RmfmxBorwPizuJO6fLGaS1gTWCT1EDJEOccVzWI2ObSIgzdUPxFupfKG6Piw38WyW0u2MUW7kUBnx9xD7kG2PaG7ET1jh7bcldAnjUeI55tw2t-6GKakZITbUYEwR0KlZhRHoWTssfoh3HyDp6OcD_OliySAyYwIkJPp-l9cjDI7fa9-jVu7RmFvwPpFqvGSuVdipPhfcVGoBM9lIv0VyZAclpXfjXkTkfGU95JcFecvdAfi0BV2z1sOISxn3rGuJDLlaXbnMPnjVUBVahrAzgq83Q8p8JebP7UhCz6G0vRqA59cDTWpLrXusU5ofCGitw3Muf8C0w3nTk0AxgxnlMSZimhuj3tZflucH5t77QTiqbYXR3k3IlTqh_8zGU_yA2Lo7iMB3XeL32GyFWr4vZCiHQS_-m8PvpEfWasX8VDhWx4O4Goq_plrY2Nrt74jZXB7JhxDTEogiKC-VakeBEVrimisfFrkWoEvy3fCUJ2lmu2-KRcq1Jh_9o_Bc630AAk425g0b9j2PHHxkz0uPpiKlkrYGGCd1afwIv_So4S-d7rEUVqL0q9SuhpjwIrYFbHWhkXu5-NSnoUpMMWXSYi0nLNY5B_mlUom2kScfrR_Hxk9Xzpj-UzE48vMg5iG1UDzsm7M48c-QUjcBd6Tj1yw6HckhwAJ9SdYvg_on5JrgQll-m-JLnBv99mV2fRndNEnw0atghH9MmJ4KeHB5jcXTxFn95qvJkiR0kumtqT9hL3Yf9ooOVO3SmoWp2UHv47fNbUiEIwDQYF0jjpft9__fngl84GhJ8_gRQbrv0gESNLmtEPXYh2mxXkYGyQ3RFaL9TpGnF_n0WHu-rAdBxvkBwao3hdT6cK9ptswcAGzp2J0VTy6RBnaqNCXLyB8ClPHktjCOSbJGuNpEVElIConSwSUUhzitDIGEwtBmQbH4e-wY7hDh-wSEvwfw_bVo8T2pwuzOelxJ5puh0d58G1jNX9cZ8SmRrv5ejr2LnzYd78g9ovFCobI_64EvPCWKQfnm6GnaiPLbDwKdzdXiMuUlxku6pMR90TZDHmcDeMrRIgihyNsCzmMiW6eO7z6sqSph-wYuxAqk0Zatwt2tAAdb28F7_yujougCksfAADfmXXQmku1bB_cAPhp8_l5S1a4q24cCdy0heXpBWn8fjL-NNn_i_Fs4BCkIg89VpSFD6TyoiRMB5RFBj4gL_updLzW2tmXwkcZi5ad7gYHCTGcZwtcNpyLGBwLxYpgXEcywg3AiRfC_uZlntjhijF4j0JY49YsZADEuVKQJrfoYp0pIJ8TkYdqri0j2s5QHB-J-vXj3k5Y_zBNGhuZGXyId8ZsdbmYuRb9_c5mN5Ojul5N_tz1HuK_zFKMjnkwo7-kUNNN1hADw4Hy-D0jn_-8Jj_TVHEn7QNKHa6VZ1MIe6mS5HqDvuOkNRu0UiKaiCzAa3PzHMZ96dgKmpHzuUZwUgx_bdojSV8_ZSaT20_hoVcQ2MV532CGNCzWodsisX4wahmsSlX_0p7kjyn0C3R-mjoHU6Li3U9TwYAZPY_gi_W8zeWgmFdjRZPHzg2t87fHfL4FtbYqVmpgyBnWYi4afLCmBW-ClqutBQOH9EEGlxlXkDon7__CEC_r6ee9_WoYu0udrOTT0g0ivCz_MyiVjPP5Cn_W_hGhmyF5Rh78iqyX_dRPqgOXNhXNfLt7TCCvdWEnjBhLDrMrohDL0BMEohhEPem2LAi45RKAVdbAwgteVwlk6OEsk7-N-bJo0lrUkaPMzLEkawvl_eC9nB9XvdkmeYoXYi7ac8_n7ZOqchg1kPzyW7lR9RMX5zArrsL6j_rsBJ0P3DBhrkRhZ7ks6l4yj7qTps_3DUo3XTWBDFJEzsa0YW_p6MzJGYoxrw7XPkNs8aKrQniXM61KYKeD3FAI27KIparekSUGqHGFbrBtukLMrINBgwzElsw-2WfAlu7X1pq-8v1mz69OxFgf8PkdrJiVpoVXGkFHF-CmvI5H6zDrxEHQjMmnEON0naQxZ13MmR6C19wvLXH3Xn8b7kGAJKQ02k_P6T1xzfagh-0QAoXmU_3cwmhCPQRs1QoPUa3DxrZ5QYAmDP36k26skPudeuFsZ_Q-FM_k3g0Dqa7kAxaBJxOcqJPR7Vfg1MfdqMv4mrJQCEZGl4L-RcqpOp_J4RO0zR6HXS6TUkHQJQR-pn2WowgL1OJ5o03UiB0AubczthPTWz7Ghx5IXwRD6YDAtnUDls6171MTQaQQgEEjsALx4X_zR5T6QETRLLbqnJMo0NEqSemEW2eTH9s_u_snNoUUJfUmyqX8uOvQCIAXwUJOTneG3pFPifdxgBYAE&bundleId=&ias_dspID=3&ias_campId=1013172746&ias_pubId=pub-9153399113741741&ias_chanId=1&ias_placementId=20409788283&bidurl=https://culturaenegocios.com.br/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0jzzbXNSsc0FqidM4cMYuLi
Requested by: Host: fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com
URL: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.8.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-8-111.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 9c2f193af05df649aaf978b25b6cfc313eb2d527b4a6032bbad2087424a5ae69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:52 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame D0E8 3 KB
1 KB 144ms
22ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Host: fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com
URL: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 21:27:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25889
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Feb 2024 21:27:23 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame D0E8 20 KB
9 KB 141ms
19ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com
URL: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 23:41:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17815
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Feb 2024 23:41:57 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame D0E8 0
0 28ms
27ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQAae00SJSHt1ZApeLF3wtoFBzcacDJaMfm_8NNHCl54z8GD1Bu9WM2_xBnledggCANNF2Z8XqT3XgsOmx5vfutyhhINw
Requested by: Host: fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com
URL: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame D0E8 205 KB
65 KB 155ms
33ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com
URL: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66337
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706100845105677"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Jan 2024 04:38:52 GMT

GET
H3 200 container.html Show response
fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 40B8 6 KB
3 KB 20ms
20ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401220101/pubads_impl.js?cb=31080639

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://culturaenegocios.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 26 Jan 2024 04:38:52 GMT
expires: Sat, 25 Jan 2025 04:38:52 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 usr Show response
usr.navdmp.com/ Frame 5F8D 359 B
431 B 164ms
156ms Script
application/javascript 2606:4700::6810:ff3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usr.navdmp.com/usr?v=7&acc=44768&u=1&new=1&wst=0&wct=1&wla=1
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a29481410bd31e306a8ba02c79725b22e6333160a93ad089c7a4c608f6a17a65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.cazamba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: public
date: Fri, 26 Jan 2024 04:38:52 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: max-age=3600
act: f0
cf-ray: 84b611a24b643827-FRA
expires: Fri, 26 Jan 2024 05:38:52 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 20C2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL8f9bSdeLekk0PDEblgi_I&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL8f9bSdeLekk0PDEblgi_I&google_cver=1&C=1

43 B
343 B

45ms
44ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL8f9bSdeLekk0PDEblgi_I&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjIioH8ATAB&v=APEucNXutDdwcOxLsqJf7f_vEbAefXhcujn_VofUacSoKYKMHglhRMQLYcJzCBdBQKQzS_1yINWv-AGHZFrK8DqAKY_OYpgkdhsMHrXQgJ2BI3H-YvPRUUP-b4IZNCrTD3cnfgSXo2JV9ZfigYmWxebWc8W0hOZEbqxxRfT1Kh9EmW3-FFILMl8
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:52 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iTjVQW%2F%2ByzWmZT%2FuAEzf341NgkZdK%2BBxhIM0%2B4twcJbXcYDEECEBBK8zE9F2oorHz1cJH8tHSfi4JKUMAIK5dmYZYJsk73tCYvGZH9vb2rbscOfJvnCFsk%2BmLpnHr9eA6G9QNhlBZK%2FsIg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84b611a359b66a73-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:52 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mkUSPQpYE9azTCscN8NNbUyZPbUHeqLLj0HwsI6FCLW%2F5fnZUCkRVG%2BnT72nkNdWLPIQ8ODrhrDEAOJJmVbblphBLdFKiXLlXAk8bUcBphlJt1JIW76CPLApjA2xAkoFlm8VMnC2bPQRUg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEL8f9bSdeLekk0PDEblgi_I&google_cver=1&C=1
cache-control: no-cache
cf-ray: 84b611a309666a73-TXL
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 20C2
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZbM3XK-fHyF9pbdCjX5dvwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL8f9bSdeLekk0PDEblgi_I&google_cver=1

43 B
740 B

47ms
47ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL8f9bSdeLekk0PDEblgi_I&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjIioH8ATAB&v=APEucNXutDdwcOxLsqJf7f_vEbAefXhcujn_VofUacSoKYKMHglhRMQLYcJzCBdBQKQzS_1yINWv-AGHZFrK8DqAKY_OYpgkdhsMHrXQgJ2BI3H-YvPRUUP-b4IZNCrTD3cnfgSXo2JV9ZfigYmWxebWc8W0hOZEbqxxRfT1Kh9EmW3-FFILMl8
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:52 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0RcroV%2Bk4iGXK477Z%2BSHqu%2BCfKgYBcpJt7Gag7%2FGp5THzqi2M6jppPYqkX7YuxQFNvtxoxgD%2Fv4R%2BJQrHcDOqN6CRvWNJ2boCzfKHGaxlS8vvbQhO0dr3YVk1on%2BAfH%2FgB9Q8E4mu7okHw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84b611a3d9fa451c-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:52 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL8f9bSdeLekk0PDEblgi_I&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 20C2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEA7_H3I_hJH9RRFbHCkNQYQ&google_cver=1

43 B
1 KB

30ms
29ms

Image
image/gif

185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEA7_H3I_hJH9RRFbHCkNQYQ&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjIioH8ATAB&v=APEucNXutDdwcOxLsqJf7f_vEbAefXhcujn_VofUacSoKYKMHglhRMQLYcJzCBdBQKQzS_1yINWv-AGHZFrK8DqAKY_OYpgkdhsMHrXQgJ2BI3H-YvPRUUP-b4IZNCrTD3cnfgSXo2JV9ZfigYmWxebWc8W0hOZEbqxxRfT1Kh9EmW3-FFILMl8

Protocol

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:52 GMT
an-x-request-uuid: 4d01b6dc-e84c-42f6-8469-17b822c0053b
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.218.20; 217.114.218.20; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:52 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEA7_H3I_hJH9RRFbHCkNQYQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 20C2
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM2NDg5NzA1Mjc4OTMyMjQxMA%3D%3D

170 B
188 B

30ms
30ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM2NDg5NzA1Mjc4OTMyMjQxMA%3D%3D

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:52 GMT
an-x-request-uuid: b2acd214-9777-42af-9bc1-8181c65cb952
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM2NDg5NzA1Mjc4OTMyMjQxMA%3D%3D
x-proxy-origin: 217.114.218.20; 217.114.218.20; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D0E8 0
20 B 50ms
50ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3130736280687&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D0E8 0
20 B 49ms
49ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3130736280687&version=m202309260101&ct=76&x=1&cor=3660099279167028700

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame D0E8 16 KB
12 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BPj9k8iILcfRtGVbHAfMUDlh5TJiskA5560TiazjrR_pRDmlnE-lBjjS0rrMytLCvcuCMwTRXbgAl37yjCZzfeMzOMZFEdZ-d0oUDrP17cYea2wdpQLZCRL4crAOEbFrrxIBCA69wiLfSDhF7766P6rlpjaqCpj5FfKNQnRHvjU3v09dg&cry=1&dbm_d=AKAmf-DLMHgSe9dX16zEelPfd-GnbkVSCY5zLanxh69tBeErHYiSlO1sLgpoL161aduCiAXQCV3bwMAMOGjF6pAOamWK-WnMdFt7Ex7_1Gq15KoSXeFFAZcQG5DhlZeCathrKxhwswOwbpH-CguwAb88oyvhI_eDr23xk-vnaZQIMPgVI5aGdH2tZCQy2bW9Gk8RWiioF5m8Gsxhd4ODkoyNaRhxSkDS0qYqZ9NrEX4TFPzwkiwZKxw8ljnB1OAspzL331F9n-cmRSriq4lkDviNz8VpbXRDx7iwQo5YsUZArwFufMlNYk_2ct7jycyK2XsLasGaKiDmOklLfxrK0vBqEcmlJZA-yzdHnBv7prbLHzVEk_uVT2IBojb5Anc1FuRs89LMiTi0KcorOWfLZy5L_d_jM2TMdyRktPjkyWlRJDezc1Zp9UrAcPFCFqVs380n5TVlDTEoXvmzLLwoyKy-rK_VVXGoArR0MJ6_vrp18PbzQCBeRyuSOWR3HxYKz8eDEUGazgBrKP5uefbuGscD0HHwDaXWuRmOzlN6gBRab6GP63WLpNIk4JUk8gdW21eQb8BiH7qiPXmV9DTz57bY8AiWz36si5B93dcqcMzmg6cHxVInqzM2oB58UYaIhjL8-6HcGsrHKKNMrbOTBn_jglVoM1e56OkFsWy5yV6IMul2GqoEpROyABqAkZfYJ6yO_5tCySZVo1Zv8d3hogv4eqLtvb7pQn0-ex7ZuOovA8qGpWa7A86SlbNLY00AU2JfKOAeAoSANabgXYKuDUL_D2rchn5uvOSqP6oFuu4ItOzdvofKAxh3qoOa7z3jrke0w6M_KKJJFu9DRJkt8xNUeVAXPvDegE3s4mXrP5MF1EBTdG8EsgqfJ3oe2_TY8SQUT0xEQfzehWdoEYmhHrnuO2rBNp-UmduL1YYwgfFWjtZSM2fNWrJ1dKNud_i23wpSh8P5qaC7wOG4oW7x3N-W43aIx2TXSdnweKBlrh85oXtsemj4MyJN7t5kiMB-a-sSdsbehSGEhnjyVDAKhFShlFDLTX3DW6006ruG9Pwl9Hp13dhoMc-5JwygFsrlFqWwAIA-P_H0_AoHfFoZ1DCMzCOBejODCzo-EW7f9PStBIGWGv2UxLk-lE1SRfyr82EH-fQQqJq2QgI8Lcgf44Cyyu25oWz52tndk58ZQueYqyMaI3w225a0PHvEouLXrSabGoLgFCmgd5sTtC-pN0rSoLCr7ykKFhXf4wHsN6ZhvT35hVk8PL1w2Jz78skzwULYS66q2XhuBx-5bJn5BMVRjdh1Y60qmsaIUsX52rd-Q_5R4wWiru3F-y_6UhX4gGasHB9xXgHfAI8i1S2TlI0RnjErKnCmzDPhggm2iyRaLEEXnhF1lYNUnaCjiLg9KYv6j1WEa0nkIE9SxewWlJ-_IUoa6YH7cD0OavjuR-SyZIoVrAqz5WS6hRFEFbeshSg1YKMCPPBKHQm_bVlYKyiXB0WC5uUKFTTefttpyVHQ0OhW-gkyZzo-TXcWM0m5SuYGuB59M9wu8MowTP_mHSGNhXSY83Cse8gL50YK59KSF_C0mDUDbxBIAemFbLx0fgii0H5Xan_0Dd_xijHDvVMlQesas9iyN6fy4VLK4d5svvcRCrR1vzdsXmm4-K3o7W82sS0w_euvTl34h2Na0SOcipuNe-C5LNvRrbeHoaXsWmCXQEO4juasDA8Rixow9ZNaHDONeoNOZPcZ_cUaUZ0QSyx6PmertEonXOfNr7OUSPD1aCz9eQQuJXmEjn747CtsW5lSgDv8ot6d0S_-lTKzVVVVwY4HKH1TmAdgeZWgA0LQO2r_oZUWWomSDvfs7LllreqGcZAufugE-RCZm6_K6vs-w7gczwPZ4Oew7tRQ_47j4OuvfQ11hx4DfW3GSGyAsxdk-K1OEnEv6T5SfrP81isE33kNy8cAQwkP30jvWnSWBHewHk70y3C2T57dnMLTfU9VykQG7-mlclJdanXhYEvnjqI6f6S4NtNISh4KwO4aDfx2l25PCrwaVtqiWaTJVNDSLMi5k-qh1LmxNg4xmgVLCcb7iKFK55S3yumeI_z1OpsOvhyyLojlSj7KGVxLDRkanjSxPsaEEsWrmTLSNBYShLAs0IEWuNNOJOfdpP1KUbnm2UjvpBWg6CCTwzq7PL4y_jnjcwP7dhvPAFlwbH1lckau812DRtfcj9LN_cxwoz92GCQhgkojzmEHFKDMv1UEDmYUFIkRbP0VkQbZ5Xg_3BHrf-vNcur_dTNqwoiLfgiS4d7XR0OUogVK3O62H6mnxO_YMWCsUK0-mlVmgk-jyrteFyYigM3mjON0rbRSOYdeIdt0cZ293F1Bp02qKYXZc85QWIVZ-otaV2ka-TNRwWVZSERRZ6o4mxrcXlNoqe6r31SE1k6dVlV0PJsi0c1mj654u1pXa5mtobWIHYAMQYWF93NMjBSgRpxMAfNJ-A3_BTZHJ_pFKp-zn2tA7WJBOMhU7GO9fqwrbsb9RjqupgHMZV18w-v0wMmRTgRjRbzTvp_jZ6xmYMdRQXl2MAqzaESVjWDhV1hypvV647tW5I8_teQ6RvtuR67MbrnXTyYKXBbSy0EJewQU_36GGYsvcdKawkMayKZlcJp3YMmg5xxrv4Gd3hJZ2FUcyMJLxPqSnBCJCnGgO2ALsnrtH1qIvvBjRbo0yKNSwWfJwGvYsvsbPPj6PtxBdbEThuPaQ6CjcbHOk4NuGgGlkLX2m9ssHykEjqLHo8dRfj7gS6tP71e4LTnXkLTKFD2G5kUDd7KqEQ-HiVw0XQlXak0mzjbcODibwHHyG83HOx569ls1ZIRlW-dutybyq5aZL9FnZytkVHpTWmQOBy3k2kfs8wKK6JhZuFN-6zWlYCw7TkEWpcSa49T5aldd8f8nsSYywPtMyqC78quWDTERZFgPFgxqa3CpfBRXqAUOCiOG1-9dMoubETNFCslceXgYePOgZSNFW2_ldDo5Zi1YtzzDmnsZwXGHOGg2QWD552sALhHknl_yBw26hJWH4-XQ3dAd8xZB2I3HCO6TYsASlC1l_D9xS0X8wwoQwHcdLKgoEvWisp3e8p_FMwiQmBzBJSWnz60SyUcx4AbzjdhO9TpRbk3IEFJtJcMIZQlmB_dOCizYuR_pRYnVxTIMYOO8TPNeFac04NARI0xHp-tUtI77-6RsPclHMB2-Q3SiPX8Z2vUv4CwHSwJgtL-hMjHHyyFHkAjH5bqiDJC0sINjkz336GizrNFZlqceUFC08GebYKX-tf-yK0-aw9xgoVKYz2ISsZzmWHVpj5G00T2oIC_E7heyjagChC7G4gU7ctIsa3SEJU2gc4kGdqhFz9ZPIYieRnOKphM&cid=CAQSOwAvHhf_NHlPpARNEstuqckyjQ0SpJ6YRbZ5Mf2z-7-yc2hRQl9SbKpfy469AIgBfBQk5Od4bekU-J93GAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fculturaenegocios.com.br%2F&ds=l&xdt=1&iif=1&cor=3660099279167028700&adk=943508964&idt=125&cac=0&dtd=6

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fba588afc7b52d89d5552ab2b6751522b410bcc2e76d3e945a6f0dbbc24f4e70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12339
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D775 624 B
242 B 62ms
59ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjIioH8ATAB&v=APEucNUggBvctL5Y4vkk9PRlcQ82LppTGOzAjLnf1yIp-VMxTWJI_iz1M5OYVlsrlE5k8lugCQEBEgAGn2D_fwNjMnzPtw_J1ystuyORQlWVoFy9_q49nvWb1Z9hz7gAzW7SVkg0cZJbur62lZx1H8Pn8ODU_Ao-7Gl0X85R9zcjV7ER23_mg8M

Requested by

Host: fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com
URL: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 26 Jan 2024 04:38:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 40B8 89 KB
31 KB 71ms
66ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com
URL: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 04:38:52 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 40B8 42 B
63 B 52ms
49ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BkNXARFlpbVcTYoOsntMSZw0q24HzzjNH-mHMXgxNDAv7VtwBOiUptMYrsO9G__WGpZbzQE-TgAY_XhGgiWtjxc91PoOVRCd5-L1_jR-hYYBHu8pI

Requested by

Host: fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com
URL: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adj Show response
fw.adsafeprotected.com/rjss/bgd/1520146/76103085/xbbe/creative/ Frame 40B8 278 KB
83 KB 107ms
102ms Script
application/javascript 108.128.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/bgd/1520146/76103085/xbbe/creative/adj?p=APEucNWduAWxxFE2yDnPDruzexwLuItWJNxjquzP5r69jxxWWxXDHhQ&d=CokBAKAmf-CdaaK0vBI9GHnXsoGR6415zPXAXKeniT1x-5Zz5rgjByD_xHaopoyyUiXEt5bvY1scMPMkriRIxt_zKuqjTYYFYljI1oisnMlbDi-TM53nJmM9GUB9K9Xq4FF5RIPLearso7x9VKestBHq6MgOUJpdkOYtCm-Qw7jS-cE2eVKcgDsQf3oS6RYAoCZ_4AsVaKDHTgHE3tFUPDOizhTGTkXm-x4sncriFcDWds5a_O1w6VVthv1vKjbJVNIlNDx7jNdvbY4rZamq2-Rp12OQlqWB94E9AVdvpvHfGo4IjLf8v90c8JtPqXwuqIWLTK5tylmiKbFaTz3NzV_divl0YuJMdRD-7OirnNO30t4R8TQqBgmN0h3kuyJoFXil9tiI99pUdYOoJgT1GvaIs851JHH7xI3orLs8YCU23kHFmPCJMW5Cz6xw6qQVHtB5z4p0DRhmUR47zQLF6DzYGDvFWBwX6X33zomayZ__EdeuckESZlUFOzmggM-ALwutuK3kHmCoA1id8ams7a2LfFo7wg3O4alSooKN6eOD4B-MSsciGQ3DjpxY9vhv0L6HYh8_yXaWeEhLu78pWNuVsK_bq0DyIU9YWuK_OtODDdjL2StTBADOy2dafBLc-Pkhrw62g7-5QDfAfkkd4ycO2r1WTNXN97A42Jj7q7EvwadvnXqYeR0cIisVyGRUH87pWPnfeurDHXfojV1LFw0bngF_Hc6prRmTNoCPdvcFvNk7Q15u5bBT_BxVoxBgJZa2EROygVxJ5Xnbl9NZubqEWulAad-l-HePfEWEGUPlm2nBL5o6NtM9Hn0qJpdIOX3JXRWp1eZLQhnR70P8qZKdne898YFmMfymg5cuLvEhnJJqnf5iu5Or0WV91887W-NGTLMTm-dYe76HfssOTFfSgIJxfiFtcpjwc5JZduFDteQKx54JZLrnESI15IA3InHbfQu6T9veiKON9LxDQKDNx9eZakhPGMkelRDYizd4KE2ad2mMrtSwMkU40KMr8qHwpsbPX7KbjoB9Re4l7Z_TQT12W5ygm_8rJWlbfs4tyntXJ9D8IG6o98V7F1rCQ0nngwhif1P8vVjOLXzkAXMnmm2IKdMTCNk0eEBU5mW95nLznB-K8YZ_Iv1Iqgf7Jnqcl-RpkLz8A_nrJzsjI-nLmvrnYla-5KHwE79EjtU92q1iQo3nIkrSpYBurQxlOeMUPnfbwCe5jm5aFXQK90hHgcuzCPCKqdtWXLUhDGOUBsoBOdxdYtNrj2oJ2d-3WQXfjgw-lH28bu-du22BGflalESxXfXiOdHhA3ek6EEqlDUEZ8z373vsu1G5u92VvM7rV-wZnzioYjIYH77CrpScChkXMVp0f61cdpkGhHVnWBEsQER-BybyKWeWsg9sKD9QEZpsWgL0nBEV4tX_XKA8CpM2_Oy0Hb1Hpdghb5fLxt3upUuLT9Gyy-vMdGmKvoNNcHij1Mgo7548s4UHJjO22EjbjBz_plkSmp3OlcGq1QxDYbOBBnAyuZsnEgPh7MrXCVyXa8AHIw5DHOerzIyYDY0uy4yoDWcuvYes3blf27UgDMPjrjbEsotOkPG6UafLFy4Ba8lzmaThwCMpaD34HWS_Mo8upSGKFfkpXXx5Af6bI63Nk0d26p6NxEaxRmaNPWLiTN6EicDU6sYt7nG5qg0sjBiK_CXyT4Ta4UtdpUWyDK07Z0J0H12ocOxzbqbDcCZnEF7P-JSmhQmmKxxZ3TjxzKOEmfwjsiyTrDnxLIGVxy7Z47NkGVvKTd2MpMHsnp7EQaaXV52DuxckhRhDCbPkIRP8t4oWAsFJry1InSo-Bxutr3Sm9ArIfW08lZmGXZ1yK4LYWXVw3TJcZOId6y45ABulgT44Lj5c62o0WJGXr6rCMVgFdvxnBwDDlTqGHS6AZld5dooIH49WrPt_Abvo1flUYl2OaioQfm0ThN28nJFihJNFuFMizz5Qs15-6Bfegq4qio0j9_igw_YsIXGBRpflmJhKzRnmgwHUwNisUSxgPKLDXHPwgdgsrR0Atryrb1_NOK4NOqIKV3ptp0EYL17NdO13ZeU95gnFFCT6-00bfmWPpHYXaM7zLnmuDwQo95fzlOHHQw-svyVi7Ert9B9hjBx97MNEIJILATQ2K6ZYne3BYJ1XiGtLG_LBVKuhuiNv1mMKXpD36uQhZpTINWHip_A5nAAKiPRNu6umiMZyZ9Szu1khxxYl3DREaGBGCOiIqrtZLpmNafAqhUAHSobqilDDF4A-16fLvJQ48iSPnFaBY1VgZFOnFYUkWezrrjLJYUzOaR9MiFx1JWXG-G7UDq4TYdmLnF1YoUB6bKmmQJ3u7WAVABpE563HZFNnxQyQXJCpUAq-uPUAnhH_tCEw_hd10BYrU-dPdTuoloZjJGpjwmjzpTXhJKX3ph5ub89DkAFQaZwmoI-A-7zC86P0MVkJdFXZ78IKRClouZZfy8VFiKTcXoNPDhy3USjmmhWHezU2F68HFux20mbGB1uC_JZkh_QHT5dHO_AVWuCd0iHMp_hYEXcSG7WGWTpzRRFKkXGxbXYk36ZB5nhq58si6SLGO8QeYvnFrroPhLTlMz1zrpUlHopTt7FLrS1LGUxXJnMg_wVpaa6hvmgZlIn_YO11gCMELH1d5sLf8BNWQdp7_bFzEls7MIf35XGmj9l9ldrHyd68b2L2rACGJpGdR9ECoSHn0w5SS_VC3DA2FCFwsTOtcJRLaRjoAPMn4uWtGT33mz2cY_9F_aE5FLMC9Zff7R7UbLTtxpT9guyWj-MnVojp57DXKCpzMgZWfitGm-Qd7ilQcMQ72dO459OexQ-FaDJF9My5VZd6I1XMKbZuG_V3Q6XVNz3P7BMlvMOzLdaEsDcr7lNlNGX_f2cdJt-XMIsu4N91OQ6EtDa4GYdbMysSMFVY_KLUg511Ew1MItLkE0v_dNdrlz0IWud-zKOB7amytDQl2m8zzIY6vAUMyXWNUPGDnk3ZGYXSGGtZJPpBKiSb0R7vNWvKbnXhsp2jy79kXMgo1L0J01o-3SrVcrqjWOsBDIg6dx1Lv08wgT2haFj51PaW4y1uWEEd9QnIuaVVQ7CZt33kk7JeuJaAOt5Yd73Un_36KylSdgiD7oMxmgbOREXihtvPcGkHmBE3jMQG-0yz9_CAx8248fAt0v1qeu_e6v2V5OGO1e5uwQuBeG3MgxHtEvhMmHQkvgne3w25jYeh3ZI7qdLS4iidluYXx_bV51SQTG1lc5QBSiGToQ78KozXVKOmXKJ06Mm3MIPo-6H8ZBeJ5fLdg5e2EOUDd7x7q00gZAwbcxxnXR6Q8dIyWYDK1qnrTti2hyPqjEUavOLewNP4Mg-31bh6X_LO5FnFq8Y1JkePdaWBh7hTswyD1iX_6h9p1gGGge2WhKU3k0KhH7Nj7HhLRqyAOrAo_Ftfsi42Vurt-kccZUS3HTo621r9ezEJRNTpcjiDjZmqbcEqWl6TauC2-ovrHQwjWSKwAwVFmyF77ddpH7yfjXaKi8Yi0f81j6WFyOtqssCOfJ97oju114fbqfB_UV0AtUzH9ck5gJEwqDENJmMeDIRYm_ODY4h4gHay4vox6ypxjFYbc7JBxVbSJc-T_9h407r3wTy6fIJIsNwFinnNL8_n6U4H6inbFi-CAoCGSuzh_kUuQe9ZIyL67LM3hcnuXtV40YQD8sDroztjZc2MkyIM2AVwEeS-iFRxRkjuh-8wXtj4YRwRtcn9-UsTPp4f4ymY0IRbpor544Msbih21IK235fCWHTObaLbsZ47UmfnWkWctUFaSp1OLIedGVTum199Y3ufzVPKksSU9G-NSNPkjgyNvUG9K2GTM5mOyyfRc9JZQXV75w32XulRJjSNkkJTZVZq_s6RMfkMWEmtd7P0D-aYZPOLdbK4WP8_So4r_n4Udessq_8fZNK9vBdCP5XBN6X-2a6NDs2AphY7aKQsvxu0ABthd_OrIh1DOAQZRusykBM0Qnx8cF6ZOtXP7MkvuAvqO9i_gDragxNnnejl9MkZZVl4lFBQsn9SiP78wvPw-K7KzexuUBpBCAQSOwAvHhf_2kyPXCmO0fz-vdcL_iz5bBJCSNYLlDvJuRcEIG0U2pclXuEnyz95p-gwjY5OZeTVUfStbiePGAFgAQ&bundleId=&ias_dspID=3&ias_campId=1013172746&ias_pubId=pub-9153399113741741&ias_chanId=1&ias_placementId=20409788283&bidurl=https://culturaenegocios.com.br/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0jL_G-lsoEtPT3wvcEunjqR
Requested by: Host: fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com
URL: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.8.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-8-111.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: d878e25a6833544b1b4d3a654d3269a6484efbe859d52ebc15ecf9a97ebfb7bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:52 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 40B8 3 KB
1 KB 25ms
21ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Host: fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com
URL: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 21:27:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25889
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Feb 2024 21:27:23 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 40B8 20 KB
8 KB 22ms
19ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com
URL: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 23:41:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17815
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Feb 2024 23:41:57 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 40B8 0
0 29ms
27ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQdZ7a1r67mwfm66ZQkjhH4zA1ayAfRbIie70gqHin6qi8NB-LRo6kgzId4lPd2Bf1WHTaz96mZb890U1OCFhbGkjY4Cg
Requested by: Host: fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com
URL: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 40B8 205 KB
65 KB 41ms
37ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com
URL: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66337
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706100845105677"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Jan 2024 04:38:52 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame D0E8 41 KB
14 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BPj9k8iILcfRtGVbHAfMUDlh5TJiskA5560TiazjrR_pRDmlnE-lBjjS0rrMytLCvcuCMwTRXbgAl37yjCZzfeMzOMZFEdZ-d0oUDrP17cYea2wdpQLZCRL4crAOEbFrrxIBCA69wiLfSDhF7766P6rlpjaqCpj5FfKNQnRHvjU3v09dg&cry=1&dbm_d=AKAmf-DLMHgSe9dX16zEelPfd-GnbkVSCY5zLanxh69tBeErHYiSlO1sLgpoL161aduCiAXQCV3bwMAMOGjF6pAOamWK-WnMdFt7Ex7_1Gq15KoSXeFFAZcQG5DhlZeCathrKxhwswOwbpH-CguwAb88oyvhI_eDr23xk-vnaZQIMPgVI5aGdH2tZCQy2bW9Gk8RWiioF5m8Gsxhd4ODkoyNaRhxSkDS0qYqZ9NrEX4TFPzwkiwZKxw8ljnB1OAspzL331F9n-cmRSriq4lkDviNz8VpbXRDx7iwQo5YsUZArwFufMlNYk_2ct7jycyK2XsLasGaKiDmOklLfxrK0vBqEcmlJZA-yzdHnBv7prbLHzVEk_uVT2IBojb5Anc1FuRs89LMiTi0KcorOWfLZy5L_d_jM2TMdyRktPjkyWlRJDezc1Zp9UrAcPFCFqVs380n5TVlDTEoXvmzLLwoyKy-rK_VVXGoArR0MJ6_vrp18PbzQCBeRyuSOWR3HxYKz8eDEUGazgBrKP5uefbuGscD0HHwDaXWuRmOzlN6gBRab6GP63WLpNIk4JUk8gdW21eQb8BiH7qiPXmV9DTz57bY8AiWz36si5B93dcqcMzmg6cHxVInqzM2oB58UYaIhjL8-6HcGsrHKKNMrbOTBn_jglVoM1e56OkFsWy5yV6IMul2GqoEpROyABqAkZfYJ6yO_5tCySZVo1Zv8d3hogv4eqLtvb7pQn0-ex7ZuOovA8qGpWa7A86SlbNLY00AU2JfKOAeAoSANabgXYKuDUL_D2rchn5uvOSqP6oFuu4ItOzdvofKAxh3qoOa7z3jrke0w6M_KKJJFu9DRJkt8xNUeVAXPvDegE3s4mXrP5MF1EBTdG8EsgqfJ3oe2_TY8SQUT0xEQfzehWdoEYmhHrnuO2rBNp-UmduL1YYwgfFWjtZSM2fNWrJ1dKNud_i23wpSh8P5qaC7wOG4oW7x3N-W43aIx2TXSdnweKBlrh85oXtsemj4MyJN7t5kiMB-a-sSdsbehSGEhnjyVDAKhFShlFDLTX3DW6006ruG9Pwl9Hp13dhoMc-5JwygFsrlFqWwAIA-P_H0_AoHfFoZ1DCMzCOBejODCzo-EW7f9PStBIGWGv2UxLk-lE1SRfyr82EH-fQQqJq2QgI8Lcgf44Cyyu25oWz52tndk58ZQueYqyMaI3w225a0PHvEouLXrSabGoLgFCmgd5sTtC-pN0rSoLCr7ykKFhXf4wHsN6ZhvT35hVk8PL1w2Jz78skzwULYS66q2XhuBx-5bJn5BMVRjdh1Y60qmsaIUsX52rd-Q_5R4wWiru3F-y_6UhX4gGasHB9xXgHfAI8i1S2TlI0RnjErKnCmzDPhggm2iyRaLEEXnhF1lYNUnaCjiLg9KYv6j1WEa0nkIE9SxewWlJ-_IUoa6YH7cD0OavjuR-SyZIoVrAqz5WS6hRFEFbeshSg1YKMCPPBKHQm_bVlYKyiXB0WC5uUKFTTefttpyVHQ0OhW-gkyZzo-TXcWM0m5SuYGuB59M9wu8MowTP_mHSGNhXSY83Cse8gL50YK59KSF_C0mDUDbxBIAemFbLx0fgii0H5Xan_0Dd_xijHDvVMlQesas9iyN6fy4VLK4d5svvcRCrR1vzdsXmm4-K3o7W82sS0w_euvTl34h2Na0SOcipuNe-C5LNvRrbeHoaXsWmCXQEO4juasDA8Rixow9ZNaHDONeoNOZPcZ_cUaUZ0QSyx6PmertEonXOfNr7OUSPD1aCz9eQQuJXmEjn747CtsW5lSgDv8ot6d0S_-lTKzVVVVwY4HKH1TmAdgeZWgA0LQO2r_oZUWWomSDvfs7LllreqGcZAufugE-RCZm6_K6vs-w7gczwPZ4Oew7tRQ_47j4OuvfQ11hx4DfW3GSGyAsxdk-K1OEnEv6T5SfrP81isE33kNy8cAQwkP30jvWnSWBHewHk70y3C2T57dnMLTfU9VykQG7-mlclJdanXhYEvnjqI6f6S4NtNISh4KwO4aDfx2l25PCrwaVtqiWaTJVNDSLMi5k-qh1LmxNg4xmgVLCcb7iKFK55S3yumeI_z1OpsOvhyyLojlSj7KGVxLDRkanjSxPsaEEsWrmTLSNBYShLAs0IEWuNNOJOfdpP1KUbnm2UjvpBWg6CCTwzq7PL4y_jnjcwP7dhvPAFlwbH1lckau812DRtfcj9LN_cxwoz92GCQhgkojzmEHFKDMv1UEDmYUFIkRbP0VkQbZ5Xg_3BHrf-vNcur_dTNqwoiLfgiS4d7XR0OUogVK3O62H6mnxO_YMWCsUK0-mlVmgk-jyrteFyYigM3mjON0rbRSOYdeIdt0cZ293F1Bp02qKYXZc85QWIVZ-otaV2ka-TNRwWVZSERRZ6o4mxrcXlNoqe6r31SE1k6dVlV0PJsi0c1mj654u1pXa5mtobWIHYAMQYWF93NMjBSgRpxMAfNJ-A3_BTZHJ_pFKp-zn2tA7WJBOMhU7GO9fqwrbsb9RjqupgHMZV18w-v0wMmRTgRjRbzTvp_jZ6xmYMdRQXl2MAqzaESVjWDhV1hypvV647tW5I8_teQ6RvtuR67MbrnXTyYKXBbSy0EJewQU_36GGYsvcdKawkMayKZlcJp3YMmg5xxrv4Gd3hJZ2FUcyMJLxPqSnBCJCnGgO2ALsnrtH1qIvvBjRbo0yKNSwWfJwGvYsvsbPPj6PtxBdbEThuPaQ6CjcbHOk4NuGgGlkLX2m9ssHykEjqLHo8dRfj7gS6tP71e4LTnXkLTKFD2G5kUDd7KqEQ-HiVw0XQlXak0mzjbcODibwHHyG83HOx569ls1ZIRlW-dutybyq5aZL9FnZytkVHpTWmQOBy3k2kfs8wKK6JhZuFN-6zWlYCw7TkEWpcSa49T5aldd8f8nsSYywPtMyqC78quWDTERZFgPFgxqa3CpfBRXqAUOCiOG1-9dMoubETNFCslceXgYePOgZSNFW2_ldDo5Zi1YtzzDmnsZwXGHOGg2QWD552sALhHknl_yBw26hJWH4-XQ3dAd8xZB2I3HCO6TYsASlC1l_D9xS0X8wwoQwHcdLKgoEvWisp3e8p_FMwiQmBzBJSWnz60SyUcx4AbzjdhO9TpRbk3IEFJtJcMIZQlmB_dOCizYuR_pRYnVxTIMYOO8TPNeFac04NARI0xHp-tUtI77-6RsPclHMB2-Q3SiPX8Z2vUv4CwHSwJgtL-hMjHHyyFHkAjH5bqiDJC0sINjkz336GizrNFZlqceUFC08GebYKX-tf-yK0-aw9xgoVKYz2ISsZzmWHVpj5G00T2oIC_E7heyjagChC7G4gU7ctIsa3SEJU2gc4kGdqhFz9ZPIYieRnOKphM&cid=CAQSOwAvHhf_NHlPpARNEstuqckyjQ0SpJ6YRbZ5Mf2z-7-yc2hRQl9SbKpfy469AIgBfBQk5Od4bekU-J93GAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fculturaenegocios.com.br%2F&ds=l&xdt=1&iif=1&cor=3660099279167028700&adk=943508964&idt=125&cac=0&dtd=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 11:54:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60275
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Jan 2025 11:54:17 GMT

GET
H2 200 req Show response
cdn.navdmp.com/ Frame 5F8D 6 B
77 B 158ms
147ms Script
application/x-javascript 2606:4700::6810:ff3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.navdmp.com/req?v=7&id=1408335b8e0fbd8d449c75527710%7C0&acc=44768&tit=CZMB&url=https%253A%2F%2Fas.cazamba.com%2Fcs%253Fpublisher_id%253D2157%2526g%253D1706243929&upd=1&new=1&ref=https%253A%2F%2Fculturaenegocios.com.br%2F
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.cazamba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:52 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 84b611a34c073827-FRA
content-length: 6
content-type: application/x-javascript

POST
H2 200 cs Show response
as.cazamba.com/ Frame 5F8D 0
206 B 121ms
120ms XHR
text/html 52.87.124.31
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://as.cazamba.com/cs
Requested by: Host: as.cazamba.com
URL: https://as.cazamba.com/cs?publisher_id=2157&g=1706243929
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.87.124.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-87-124-31.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://as.cazamba.com/cs?publisher_id=2157&g=1706243929
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 26 Jan 2024 04:38:52 GMT
content-encoding: gzip
server: nginx
content-type: text/html; charset=UTF-8

GET
H2

200

sync Show response
sync2.navdmp.com/ Frame 5F8D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=86036929422
https://sync2.navdmp.com/sync?prtid=2&id=86036929422&google_gid=CAESEJ9SYx7QSuX7ATygmdtonkU&google_cver=1

6 B
57 B

161ms
153ms

Script
application/javascript

2606:4700::6810:ff3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync2.navdmp.com/sync?prtid=2&id=86036929422&google_gid=CAESEJ9SYx7QSuX7ATygmdtonkU&google_cver=1
Requested by: Host: as.cazamba.com
URL: https://as.cazamba.com/cs?publisher_id=2157&g=1706243929
Protocol: H2
Server: 2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.cazamba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:52 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 84b611a38c243827-FRA
content-length: 6
content-type: application/javascript

Redirect headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:52 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync2.navdmp.com/sync?prtid=2&id=86036929422&google_gid=CAESEJ9SYx7QSuX7ATygmdtonkU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync
sync.navdmp.com/ Frame 5F8D
Redirect Chain

https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D
https://sync.navdmp.com/sync?img=1&mdia=89bb65b3-375c-4200-99e0-b2ddb0059654

43 B
152 B

158ms
150ms

Image
image/gif

2606:4700::6810:ff3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.navdmp.com/sync?img=1&mdia=89bb65b3-375c-4200-99e0-b2ddb0059654
Requested by: Host: as.cazamba.com
URL: https://as.cazamba.com/cs?publisher_id=2157&g=1706243929
Protocol: H2
Server: 2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.cazamba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:53 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
cf-ray: 84b611a47ca23827-FRA
content-length: 43
content-type: image/gif

Redirect headers

x-cache-hits: 0
date: Fri, 26 Jan 2024 04:38:52 GMT
via: 1.1 varnish
expires: Fri, 26 Jan 2024 04:38:51 GMT
server: MT3 1237 600843f master ord ord-pixel-x16 config_version:"3754"
x-timer: S1706243933.741490,VS0,VE102
x-cache: MISS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
location: https://sync.navdmp.com/sync?img=1&mdia=89bb65b3-375c-4200-99e0-b2ddb0059654
content-type: image/gif
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra-eddf8230097-FRA

GET
H2

204

cms
ups.analytics.yahoo.com/ups/58727/ Frame 5F8D
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=NAVEG
https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG

0
15 B

23ms
23ms

Image
text/plain

3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG

Requested by

Host: as.cazamba.com
URL: https://as.cazamba.com/cs?publisher_id=2157&g=1706243929

Protocol

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.cazamba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:52 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG
date: Fri, 26 Jan 2024 04:38:52 GMT
cache-control: no-store
content-type: text/html
server: ATS/9.1.10.94
content-length: 344
content-language: en

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 5F69 38 KB
13 KB 20ms
19ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 60275
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 25 Jan 2024 11:54:17 GMT
expires: Fri, 24 Jan 2025 11:54:17 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame D775
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL8f9bSdeLekk0PDEblgi_I&google_cver=1

43 B
776 B

45ms
45ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL8f9bSdeLekk0PDEblgi_I&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjIioH8ATAB&v=APEucNUggBvctL5Y4vkk9PRlcQ82LppTGOzAjLnf1yIp-VMxTWJI_iz1M5OYVlsrlE5k8lugCQEBEgAGn2D_fwNjMnzPtw_J1ystuyORQlWVoFy9_q49nvWb1Z9hz7gAzW7SVkg0cZJbur62lZx1H8Pn8ODU_Ao-7Gl0X85R9zcjV7ER23_mg8M
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:52 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=be%2Frs%2F%2BcmNWw1ph4CId6RAgXux8CUJo3%2BzXUqCJPiLBtoaXqNBws1%2B0ysPaiEN02pjkJ%2Fzd4Y0vtRMVxZU9RX3tnZJjCazNDyovgZYxPOMpgHxtJhqx4piiYnL1N%2B%2FOQTePKkCSqQF3Wiw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84b611a39996451c-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:52 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL8f9bSdeLekk0PDEblgi_I&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame D775
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZbM3XHAZ1pIAoZnlm7D6UAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL8f9bSdeLekk0PDEblgi_I&google_cver=1

43 B
730 B

65ms
65ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL8f9bSdeLekk0PDEblgi_I&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjIioH8ATAB&v=APEucNUggBvctL5Y4vkk9PRlcQ82LppTGOzAjLnf1yIp-VMxTWJI_iz1M5OYVlsrlE5k8lugCQEBEgAGn2D_fwNjMnzPtw_J1ystuyORQlWVoFy9_q49nvWb1Z9hz7gAzW7SVkg0cZJbur62lZx1H8Pn8ODU_Ao-7Gl0X85R9zcjV7ER23_mg8M
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:52 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nuXSydhKo8PKr9viXmMoEw1EQfSEwJ8XLaUDo9BouXqmDweGMcuB84ET0wcW656cKlD7RTC7mYbXla5RiWmbiZwyfWyvlX9k6fIRqEMnAghaBDZjKCB84E%2B9dvcxEUf7f871p1GRB7MoPw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84b611a3da09451c-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:52 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL8f9bSdeLekk0PDEblgi_I&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame D775
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEA7_H3I_hJH9RRFbHCkNQYQ&google_cver=1

43 B
1 KB

29ms
29ms

Image
image/gif

185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEA7_H3I_hJH9RRFbHCkNQYQ&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjIioH8ATAB&v=APEucNUggBvctL5Y4vkk9PRlcQ82LppTGOzAjLnf1yIp-VMxTWJI_iz1M5OYVlsrlE5k8lugCQEBEgAGn2D_fwNjMnzPtw_J1ystuyORQlWVoFy9_q49nvWb1Z9hz7gAzW7SVkg0cZJbur62lZx1H8Pn8ODU_Ao-7Gl0X85R9zcjV7ER23_mg8M

Protocol

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:52 GMT
an-x-request-uuid: 1d86f199-2ec9-4731-99de-c6cc712b9deb
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.218.20; 217.114.218.20; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:52 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEA7_H3I_hJH9RRFbHCkNQYQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D775
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM2NDg5NzA1Mjc4OTMyMjQxMA%3D%3D

170 B
188 B

29ms
29ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM2NDg5NzA1Mjc4OTMyMjQxMA%3D%3D

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:52 GMT
an-x-request-uuid: e58dcf0a-6478-4c3b-a2f3-28c2db5fed71
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM2NDg5NzA1Mjc4OTMyMjQxMA%3D%3D
x-proxy-origin: 217.114.218.20; 217.114.218.20; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 40B8 0
20 B 49ms
49ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4995969478793&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 40B8 0
20 B 52ms
52ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4995969478793&version=m202309260101&ct=76&x=1&cor=2260530472186362400

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 40B8 16 KB
12 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cve5dkJ2eBANfK2nN10nKM-6TBZ9Ozak2Umg-Oy2hRAmGiTNBm8b_hchpMwLB-V4VeAtmxqFp97tzX90ELLXGEK5qNYuKCf355yZWzri34Olf84gvrCe-_XpnEiRCgX9A7m6RGYWYu6yUfO30Q7QtAVRzPovqZX6p4CGN9F05duNoUOvI&cry=1&dbm_d=AKAmf-DIi1yQqo_kA2oeQiutwFzQ_2u7mfyt1IcROfYKz2ZrSP7dC7luBJ9fdGj-BW4r9lr6vL2MyT9zZE_m1fZawzXcryMSPnKRjj0Md9JsrpSj1c5_yNBaJe2OBsarywRWk3Ue6oIMWcVm_zpq2CrL_z8tObna84MnN-dYX0WBfRWFamN0yTHvj_RCoNJuelxbhOQPBIsOqHXzau7EFzR8UPOuWYCrzDBI6GqaKYav4AG3wFZnIiLLnb4b1MUT0P71YQuhURRw_FARmzd0Z23CgFcu80nwwOUvROC8Tk0uLWQu6R7VZvN5meftf6nCf1aiNRclTmt-C129Zt0mLrnEUJDQ4ZJ1d82yfJiTbxoO_FKuo5H1Gmi1QhFWBD3tj1_9Zb5C53Qz61p7PbHqzBZle2_vUoWzgdBKHVuEMyWYjxR03vVlBesT-819L3nL3gA0Lpfvm2oG81uKgliBAObxETuWklGPTE_szCrO1LNUohCUBD8-Ww0PMFRefkqtDjSet12oYIZosgCuyn8bLL1sXgf6GjOZjx78J7XRmXvF1H4sKPuXziq90whdBVKK24DfnY3bsXZIsAQ9utPpOe7YsWv8R4Tj1FjPtFY9psKKq2zAsfVJ5P6akiAn4bu0HPami0Aa527DI9MIxN0BGDmkOyQ51h1F7726Jr52YcC5xUVw1yB9Q6C5e2tI00rupZYbI-oOaE7ID7ea-syKDFbPUAf3U_hpsFaSAlxpV80A6ADrC0Qew4ciuPmlqC8QKIoFYtp5c8BIk9hgx9UYs_ICz0DqquNWYRBNZS_PNY5Ab5Id_s2utZOUm0r1HLJH0tCKakeEtwYAwmxMd4gCLDRLvRE46uf6i8ntzZ5g0OHy8i6F_beogXxxf1HnXnY_jbug-hg39PeOhPQP1PUzgoJ6DOO8NEg7GwdlavSJ1n-8TumVC5vsMZOX-LyNFt4IkbtpkwuUX1YziKfr7CmCP42Xc7UdfvT_74c0ZNwEdKJVMB963g5Wfpu48l3QlDFQQ6zBY6SR9gKBo4vdzOfLEKoaoEYzdvPx9v6uaEjsJG6-3AR9m6IzrNNjpBPjuYCHwoy3M04H6bF3zIf85ztL9jZMsxrBZsk3-aP0XNaprxEyzvn8BO821tK9TLkIbE_Qpmnr9rU1PZNTXcS86k1gXmW7MyZGaA35x-5zYP53cXM5_jh2Z9yQiJ75d7ZhNC6H01Xlnf-4eBXmZc4UMsV18gKcMcn75KtBgMJuTSi2CL5PobmdXgB0PmG1sPGsRixkgEZecE7hJONtGUWuw19YDmxu-ROnIBR0z44gr6c0Yur4Ps-MckzzZ8PBIS1dRVhyYR-DyOefjwz4p6-YqVVXkC6YFej8zp4hFier3G1ARAENmtiW1TBg0EqhXBmZ0Vw4_OvcYZboM-FuGmqtgzzpB4Qr55pmqU5VeVfNGEhFomFwRMUkbjTIUVhAZSsiC2BAMQcJEWuiBSdELbOlxEtM8TDKr3IzIz4AHiD5MJYyFmLjN5XO5w2vBrMc9jQkDt1mfe3T6BU17L8Xahz8T9JPz4VnUxo-nIIUQnt-oGhLN1JA4d9EZWQqeDDxp9XHuzN4EHypaEEit3UHY_0nXEDJLmD8TjmpDMSDfhGjUOwnLjG4qs4TI8aQu_hEzi9EUEqqg_HZVi5roi8-S0HTYPDvo2ilrfkG-qQE9o80RFjlc3KT4HmwsLlU6gHYHE8topuZhyIqwQnntxxt1dWvNPwrco5mHBDg9mKac2xCDbuA2pEDe9-VAywfW8sNi-B78fRx8P92fXswGB_NepPVCfrt9-I3cgT28H-uCAmC0QHzHI0Aun00UUVvqZiugHKthv54Xm0va0vNczjE1UU6KX483ZFB50dTyGEU1QOYaPbqfcROkVm2R_hS0801fnhJuInhuOhUnu-V6rjvcTa1LCi5QBfyzkAlSfFEOmAYZyW94BSob4pnY4KNMff8Sauct9PBO4E4d9lL6gTRHfVckEFA5DvnMo5SCTwLWcF_w5e9VpnSMjSoUQTjOAEZz1a_0Uasu-yd7mRwsg3Tv3RM9al-1hd-EA_BuEtRrp9ghJ_XT18Jihkn_38B-KLWumYKN2cXVVeuSfWCueyJOCy-Hjm_SkILNzogPch3CadJY5PTvxAkCP4kq7igDKzgKTcmyN_ekdvly5inyp-VL2zMcYw8aajAdrRkdlFefCs3DHneRYtPO0WXAQpMeHTHTqp7O9d3XRaxU8P3qUm-Tu55M42h1HTBT1zQ-pO8IRlNA4nMqIcvwQxJkXF6k2Ei2ckuLssa41Z7ecizNp4RqPwCwMUwhnVwgJbDjZav-8yi2YBQWylFAbN5pgJ6rO0iG21_SjVEhVF7bKtr_sNJdUj1OmSb4giW3MBQWPX0qP0BguDQTtKfC5rrE1KJNOO0kOIWhFSt_Xvpqq974vm1nKxB2rrmT4kNV1Tj3iP8pwXowzpLt69kqJjz6dACjmxN-64XejZ5eW-H8dh_XK0YAJc_AyZuiFHSjoLtuT1DhmWCmyH9jfCuCX_nmQpnWswZaP6NHnq1wQjo7zxm4uILtnFTh1s5D-FA84gm0iqTVkDQUx-3i_l_HOwIyfdu7FzAC5hEJoPA0YmxxGp7qXdBroyM5mHSZwy-41Fi2WwD5IJQ82mD0cKp5MMcVxad00CE_SVIRLJL_N_7JcO-JNo4fo2uX9-Mj7m39AQjcbZBfzO1fSmeCDTNWIw08k_VrN1Q_SS3RcyOlDq9526A8LwLY2Urrtz2Yfwvgp-R9EHAw0w6kmal1AtDRQCQl54rR-yAvSTzDBO7pTKyNx0tfkAOlS3bUxcNxdCHkEoajSELH4F9sqlIFvziIst2HhdKqMbt5F8c0WwykdVcTyUf3H0m1lyvF1qMVoQaN7oBoN7wVU202vyp9DyVWU_6-5sUj96VrdM1xcTq4r3YgmoETtW5tb93eM8MlrgyFP-rz6r7KD4R5RekHpkmtDBoghXUtmWYwZY7m52T13pO8fPsmN-c6pyGF-tyW-MgOgAv0HstaLyow3S7iEsMIr0uXnsnTDRNDb4JOyC2euSghp1fhkupDNtatZi7X0YMf-VgGxs9CkT5xbjzC39xMNT_6LujcRTZZoCiczPdi5jfUPqUIO4KH4vPkcNCdCMAkVWv9U2po45H_SLkeu-sb4fd1AYl0gqo68NllzCxeiDOvjJ7XuME1WAZBOCL7kiuDtPMcEj6Rgq_ShjVKSyIbhzvQul5V6M9dJ4izHIlEfv_yeSZ-d31WE_4lbuKIeUuKw92yxgLsQJc5UYWV6l7mGHAdJySX9PTV5yNCURhGfomUBGQSBQx55ZVYrpMk_FMU3uQNxzK_6UrF5OF4G5n1ZO68WsNEmQzM6BhPdwor-nqygNvqO72&cid=CAQSOwAvHhf_2kyPXCmO0fz-vdcL_iz5bBJCSNYLlDvJuRcEIG0U2pclXuEnyz95p-gwjY5OZeTVUfStbiePGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fculturaenegocios.com.br%2F&ds=l&xdt=1&iif=1&cor=2260530472186362400&adk=3690638928&idt=77&cac=0&dtd=7

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

403add44aad8f95e714cc1fec3c3b2e4639d09895186facff8cfc20dcfde109f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12248
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 5F69 39 KB
15 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 01:32:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11175
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 Jan 2025 01:32:37 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 40B8 41 KB
14 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cve5dkJ2eBANfK2nN10nKM-6TBZ9Ozak2Umg-Oy2hRAmGiTNBm8b_hchpMwLB-V4VeAtmxqFp97tzX90ELLXGEK5qNYuKCf355yZWzri34Olf84gvrCe-_XpnEiRCgX9A7m6RGYWYu6yUfO30Q7QtAVRzPovqZX6p4CGN9F05duNoUOvI&cry=1&dbm_d=AKAmf-DIi1yQqo_kA2oeQiutwFzQ_2u7mfyt1IcROfYKz2ZrSP7dC7luBJ9fdGj-BW4r9lr6vL2MyT9zZE_m1fZawzXcryMSPnKRjj0Md9JsrpSj1c5_yNBaJe2OBsarywRWk3Ue6oIMWcVm_zpq2CrL_z8tObna84MnN-dYX0WBfRWFamN0yTHvj_RCoNJuelxbhOQPBIsOqHXzau7EFzR8UPOuWYCrzDBI6GqaKYav4AG3wFZnIiLLnb4b1MUT0P71YQuhURRw_FARmzd0Z23CgFcu80nwwOUvROC8Tk0uLWQu6R7VZvN5meftf6nCf1aiNRclTmt-C129Zt0mLrnEUJDQ4ZJ1d82yfJiTbxoO_FKuo5H1Gmi1QhFWBD3tj1_9Zb5C53Qz61p7PbHqzBZle2_vUoWzgdBKHVuEMyWYjxR03vVlBesT-819L3nL3gA0Lpfvm2oG81uKgliBAObxETuWklGPTE_szCrO1LNUohCUBD8-Ww0PMFRefkqtDjSet12oYIZosgCuyn8bLL1sXgf6GjOZjx78J7XRmXvF1H4sKPuXziq90whdBVKK24DfnY3bsXZIsAQ9utPpOe7YsWv8R4Tj1FjPtFY9psKKq2zAsfVJ5P6akiAn4bu0HPami0Aa527DI9MIxN0BGDmkOyQ51h1F7726Jr52YcC5xUVw1yB9Q6C5e2tI00rupZYbI-oOaE7ID7ea-syKDFbPUAf3U_hpsFaSAlxpV80A6ADrC0Qew4ciuPmlqC8QKIoFYtp5c8BIk9hgx9UYs_ICz0DqquNWYRBNZS_PNY5Ab5Id_s2utZOUm0r1HLJH0tCKakeEtwYAwmxMd4gCLDRLvRE46uf6i8ntzZ5g0OHy8i6F_beogXxxf1HnXnY_jbug-hg39PeOhPQP1PUzgoJ6DOO8NEg7GwdlavSJ1n-8TumVC5vsMZOX-LyNFt4IkbtpkwuUX1YziKfr7CmCP42Xc7UdfvT_74c0ZNwEdKJVMB963g5Wfpu48l3QlDFQQ6zBY6SR9gKBo4vdzOfLEKoaoEYzdvPx9v6uaEjsJG6-3AR9m6IzrNNjpBPjuYCHwoy3M04H6bF3zIf85ztL9jZMsxrBZsk3-aP0XNaprxEyzvn8BO821tK9TLkIbE_Qpmnr9rU1PZNTXcS86k1gXmW7MyZGaA35x-5zYP53cXM5_jh2Z9yQiJ75d7ZhNC6H01Xlnf-4eBXmZc4UMsV18gKcMcn75KtBgMJuTSi2CL5PobmdXgB0PmG1sPGsRixkgEZecE7hJONtGUWuw19YDmxu-ROnIBR0z44gr6c0Yur4Ps-MckzzZ8PBIS1dRVhyYR-DyOefjwz4p6-YqVVXkC6YFej8zp4hFier3G1ARAENmtiW1TBg0EqhXBmZ0Vw4_OvcYZboM-FuGmqtgzzpB4Qr55pmqU5VeVfNGEhFomFwRMUkbjTIUVhAZSsiC2BAMQcJEWuiBSdELbOlxEtM8TDKr3IzIz4AHiD5MJYyFmLjN5XO5w2vBrMc9jQkDt1mfe3T6BU17L8Xahz8T9JPz4VnUxo-nIIUQnt-oGhLN1JA4d9EZWQqeDDxp9XHuzN4EHypaEEit3UHY_0nXEDJLmD8TjmpDMSDfhGjUOwnLjG4qs4TI8aQu_hEzi9EUEqqg_HZVi5roi8-S0HTYPDvo2ilrfkG-qQE9o80RFjlc3KT4HmwsLlU6gHYHE8topuZhyIqwQnntxxt1dWvNPwrco5mHBDg9mKac2xCDbuA2pEDe9-VAywfW8sNi-B78fRx8P92fXswGB_NepPVCfrt9-I3cgT28H-uCAmC0QHzHI0Aun00UUVvqZiugHKthv54Xm0va0vNczjE1UU6KX483ZFB50dTyGEU1QOYaPbqfcROkVm2R_hS0801fnhJuInhuOhUnu-V6rjvcTa1LCi5QBfyzkAlSfFEOmAYZyW94BSob4pnY4KNMff8Sauct9PBO4E4d9lL6gTRHfVckEFA5DvnMo5SCTwLWcF_w5e9VpnSMjSoUQTjOAEZz1a_0Uasu-yd7mRwsg3Tv3RM9al-1hd-EA_BuEtRrp9ghJ_XT18Jihkn_38B-KLWumYKN2cXVVeuSfWCueyJOCy-Hjm_SkILNzogPch3CadJY5PTvxAkCP4kq7igDKzgKTcmyN_ekdvly5inyp-VL2zMcYw8aajAdrRkdlFefCs3DHneRYtPO0WXAQpMeHTHTqp7O9d3XRaxU8P3qUm-Tu55M42h1HTBT1zQ-pO8IRlNA4nMqIcvwQxJkXF6k2Ei2ckuLssa41Z7ecizNp4RqPwCwMUwhnVwgJbDjZav-8yi2YBQWylFAbN5pgJ6rO0iG21_SjVEhVF7bKtr_sNJdUj1OmSb4giW3MBQWPX0qP0BguDQTtKfC5rrE1KJNOO0kOIWhFSt_Xvpqq974vm1nKxB2rrmT4kNV1Tj3iP8pwXowzpLt69kqJjz6dACjmxN-64XejZ5eW-H8dh_XK0YAJc_AyZuiFHSjoLtuT1DhmWCmyH9jfCuCX_nmQpnWswZaP6NHnq1wQjo7zxm4uILtnFTh1s5D-FA84gm0iqTVkDQUx-3i_l_HOwIyfdu7FzAC5hEJoPA0YmxxGp7qXdBroyM5mHSZwy-41Fi2WwD5IJQ82mD0cKp5MMcVxad00CE_SVIRLJL_N_7JcO-JNo4fo2uX9-Mj7m39AQjcbZBfzO1fSmeCDTNWIw08k_VrN1Q_SS3RcyOlDq9526A8LwLY2Urrtz2Yfwvgp-R9EHAw0w6kmal1AtDRQCQl54rR-yAvSTzDBO7pTKyNx0tfkAOlS3bUxcNxdCHkEoajSELH4F9sqlIFvziIst2HhdKqMbt5F8c0WwykdVcTyUf3H0m1lyvF1qMVoQaN7oBoN7wVU202vyp9DyVWU_6-5sUj96VrdM1xcTq4r3YgmoETtW5tb93eM8MlrgyFP-rz6r7KD4R5RekHpkmtDBoghXUtmWYwZY7m52T13pO8fPsmN-c6pyGF-tyW-MgOgAv0HstaLyow3S7iEsMIr0uXnsnTDRNDb4JOyC2euSghp1fhkupDNtatZi7X0YMf-VgGxs9CkT5xbjzC39xMNT_6LujcRTZZoCiczPdi5jfUPqUIO4KH4vPkcNCdCMAkVWv9U2po45H_SLkeu-sb4fd1AYl0gqo68NllzCxeiDOvjJ7XuME1WAZBOCL7kiuDtPMcEj6Rgq_ShjVKSyIbhzvQul5V6M9dJ4izHIlEfv_yeSZ-d31WE_4lbuKIeUuKw92yxgLsQJc5UYWV6l7mGHAdJySX9PTV5yNCURhGfomUBGQSBQx55ZVYrpMk_FMU3uQNxzK_6UrF5OF4G5n1ZO68WsNEmQzM6BhPdwor-nqygNvqO72&cid=CAQSOwAvHhf_2kyPXCmO0fz-vdcL_iz5bBJCSNYLlDvJuRcEIG0U2pclXuEnyz95p-gwjY5OZeTVUfStbiePGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fculturaenegocios.com.br%2F&ds=l&xdt=1&iif=1&cor=2260530472186362400&adk=3690638928&idt=77&cac=0&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 11:54:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60275
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Jan 2025 11:54:17 GMT

GET
H2

200

adj Show response
bid.g.doubleclick.net/xbbe/creative/ Frame D0E8
Redirect Chain

https://fw.adsafeprotected.com/rfw/bgd/1520146/76103085/xbbe/creative/adj?p=APEucNWduAWxxFE2yDnPDruzexwLuItWJNxjquzP5r69jxxWWxXDHhQ&d=CokBAKAmf-DWbp62DJM3WVoEXH3pBDlZOS6yR7Y2k5vpmmISeSriC2v1purRfau...
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWduAWxxFE2yDnPDruzexwLuItWJNxjquzP5r69jxxWWxXDHhQ&d=CokBAKAmf-DWbp62DJM3WVoEXH3pBDlZOS6yR7Y2k5vpmmISeSriC2v1purRfauPhiO1u78_4yKw1MqxiupLw4YU2...

65 KB
25 KB

117ms
58ms

Script
text/javascript

108.177.15.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWduAWxxFE2yDnPDruzexwLuItWJNxjquzP5r69jxxWWxXDHhQ&d=CokBAKAmf-DWbp62DJM3WVoEXH3pBDlZOS6yR7Y2k5vpmmISeSriC2v1purRfauPhiO1u78_4yKw1MqxiupLw4YU25kY4qTf6wHgPJ5k9hI82peIP2julREXDw72hOZVb7RcGXQCIoOCVSzIVezbt7ABrG2uV_Zn5XJgBL3XAxyjcf9uJNf6MaZU0IUSyRYAoCZ_4IFvrK7q-V-sfdNDv_jAMDYrbmgLTq-soxVEqlcn-DTYRfSaR-iPUofbQ6h-0iYp_6FvX8E6xLot4qO4ZRnbNTUG3QAMwYlBh5uxr4DuB-Y2SVwXPqmpOg9t5HTcH7PVkDFFA-zKB57w6XCR6aAQwd7a7ISuVL-1urd91AU_GgT7qLxUqrqHSWLKx3C48tDM3wSlNtxBuARVF1pGg_j_aevaiWlTPdl8adZVAFncVptWzG8ymb1xEryKdiAXwqxdW99lLQnY_E5OKFPBGt4LaYxzg7yimai7YSQJxiYcOC6BJv8ptjUh_UpRSKc6MDnyGBT9zOUVWjnp67Su0n_OiCkMfVECWwQ09tHUxj_BsDc7q3WcGT8XUbp5qMAaAXwo323jVO9zZZE2qAn9ak-KSSz3fEp69xsCi35U2d2SNqFn3D4IVY5-C2csvnpRZVNyVFxdnTfF70o8HC9igLRxn_NmjUt5WjuPiGbRdCwcO9X6AxCon8IyqaWCUmYe3CGkZeAug8fFoBEZElwPQsBR5ZSHe5h-kZtuDMdlNzqvmuuq1yftGl7wfL1gQlevvddvj4SHaNfj1NXad09g4DHjZOXHvtWCDSP3Jw439GQbAi4yw5MLDHvfDXpMjT2mt_H7nv2GlT6bBHINYTdSdibI3Hew1yyfqwn4NeKmd2Xo5gX58Ssg2S5hwU_8dXkmZ2yUJumR4Dp40gA7g47GitBN7im5gfC02BtlYCF08Y9XIJFdc6mDTmrQHAm5eSp9ZijIOHJVWROFcRp4Fi7PB-EnsRI9Gz1B7c1SofTKoDELklCt5j0LraL5bOjd9pJlsMLDb_AxZ5-taswLhvOaUMOETV3GoPwSvWQa17MUR4ZgiUvT8Kfi9r3-BZjAHk5NqYQF3Lt4dtzByNrkse-HotOHBV6xFl3b-v_KLErTNNK2tMtny77SEqjNRsGB1UnD6XzRjcy9CF8JkTkKNZgEeydLXJmbG00d9fELrQBfd0IXrRKVvIIn9e2rubcBPBKk3CVowsQhaC05os3oxGTXXIX4kSyH1kzcPcMJL8aR3thu9EZfIxmtjKlTmtwjacDRpxcxbYUfdYAvMj4kyo3pxYmSrLuJp1QFm4nCNQ6E_6xDPHhltb9e-vIcfgsH7d7mFzE8eSjNfdGKeU2edtsx_eYvuEPEenGPShAw2yK188dloyROe9ThumV0ukA0j1-Vgxf3Qu6etkAPCfC43zPLLaYMv5YxzC3WwviEyhrQrtVNfXbIMLiFGOT4X2Kh3tDBQXVG4pJ8T0qHzDWsYPCKaVmsrwlBNZ8O1UEzOZovTmVYUbsLIIPHFHvo0fVCu5OCOMtwCWhYRQ37Rr94ng3ppR3EeLq3R21Xq31NPBBEs6A37CyNqSSSd2ZcRFT6gE1RP4pu2LJHbObVN_SgPUtLMiJgdX5QcnFNa7SDbuEZwb3Ha9lIp2kpLaym90sCt8VGoujHG7IyXezh80vTF3sdoqWCUe9zYYm-LLPW8CDkQUCMaXeToZYTJa9tEMv-mS7wjJT15gUEpQQL-AiArasvV5dfAphIzVZA6npRqzxaw9YqqQuRzMhVGd1dh8RmfmxBorwPizuJO6fLGaS1gTWCT1EDJEOccVzWI2ObSIgzdUPxFupfKG6Piw38WyW0u2MUW7kUBnx9xD7kG2PaG7ET1jh7bcldAnjUeI55tw2t-6GKakZITbUYEwR0KlZhRHoWTssfoh3HyDp6OcD_OliySAyYwIkJPp-l9cjDI7fa9-jVu7RmFvwPpFqvGSuVdipPhfcVGoBM9lIv0VyZAclpXfjXkTkfGU95JcFecvdAfi0BV2z1sOISxn3rGuJDLlaXbnMPnjVUBVahrAzgq83Q8p8JebP7UhCz6G0vRqA59cDTWpLrXusU5ofCGitw3Muf8C0w3nTk0AxgxnlMSZimhuj3tZflucH5t77QTiqbYXR3k3IlTqh_8zGU_yA2Lo7iMB3XeL32GyFWr4vZCiHQS_-m8PvpEfWasX8VDhWx4O4Goq_plrY2Nrt74jZXB7JhxDTEogiKC-VakeBEVrimisfFrkWoEvy3fCUJ2lmu2-KRcq1Jh_9o_Bc630AAk425g0b9j2PHHxkz0uPpiKlkrYGGCd1afwIv_So4S-d7rEUVqL0q9SuhpjwIrYFbHWhkXu5-NSnoUpMMWXSYi0nLNY5B_mlUom2kScfrR_Hxk9Xzpj-UzE48vMg5iG1UDzsm7M48c-QUjcBd6Tj1yw6HckhwAJ9SdYvg_on5JrgQll-m-JLnBv99mV2fRndNEnw0atghH9MmJ4KeHB5jcXTxFn95qvJkiR0kumtqT9hL3Yf9ooOVO3SmoWp2UHv47fNbUiEIwDQYF0jjpft9__fngl84GhJ8_gRQbrv0gESNLmtEPXYh2mxXkYGyQ3RFaL9TpGnF_n0WHu-rAdBxvkBwao3hdT6cK9ptswcAGzp2J0VTy6RBnaqNCXLyB8ClPHktjCOSbJGuNpEVElIConSwSUUhzitDIGEwtBmQbH4e-wY7hDh-wSEvwfw_bVo8T2pwuzOelxJ5puh0d58G1jNX9cZ8SmRrv5ejr2LnzYd78g9ovFCobI_64EvPCWKQfnm6GnaiPLbDwKdzdXiMuUlxku6pMR90TZDHmcDeMrRIgihyNsCzmMiW6eO7z6sqSph-wYuxAqk0Zatwt2tAAdb28F7_yujougCksfAADfmXXQmku1bB_cAPhp8_l5S1a4q24cCdy0heXpBWn8fjL-NNn_i_Fs4BCkIg89VpSFD6TyoiRMB5RFBj4gL_updLzW2tmXwkcZi5ad7gYHCTGcZwtcNpyLGBwLxYpgXEcywg3AiRfC_uZlntjhijF4j0JY49YsZADEuVKQJrfoYp0pIJ8TkYdqri0j2s5QHB-J-vXj3k5Y_zBNGhuZGXyId8ZsdbmYuRb9_c5mN5Ojul5N_tz1HuK_zFKMjnkwo7-kUNNN1hADw4Hy-D0jn_-8Jj_TVHEn7QNKHa6VZ1MIe6mS5HqDvuOkNRu0UiKaiCzAa3PzHMZ96dgKmpHzuUZwUgx_bdojSV8_ZSaT20_hoVcQ2MV532CGNCzWodsisX4wahmsSlX_0p7kjyn0C3R-mjoHU6Li3U9TwYAZPY_gi_W8zeWgmFdjRZPHzg2t87fHfL4FtbYqVmpgyBnWYi4afLCmBW-ClqutBQOH9EEGlxlXkDon7__CEC_r6ee9_WoYu0udrOTT0g0ivCz_MyiVjPP5Cn_W_hGhmyF5Rh78iqyX_dRPqgOXNhXNfLt7TCCvdWEnjBhLDrMrohDL0BMEohhEPem2LAi45RKAVdbAwgteVwlk6OEsk7-N-bJo0lrUkaPMzLEkawvl_eC9nB9XvdkmeYoXYi7ac8_n7ZOqchg1kPzyW7lR9RMX5zArrsL6j_rsBJ0P3DBhrkRhZ7ks6l4yj7qTps_3DUo3XTWBDFJEzsa0YW_p6MzJGYoxrw7XPkNs8aKrQniXM61KYKeD3FAI27KIparekSUGqHGFbrBtukLMrINBgwzElsw-2WfAlu7X1pq-8v1mz69OxFgf8PkdrJiVpoVXGkFHF-CmvI5H6zDrxEHQjMmnEON0naQxZ13MmR6C19wvLXH3Xn8b7kGAJKQ02k_P6T1xzfagh-0QAoXmU_3cwmhCPQRs1QoPUa3DxrZ5QYAmDP36k26skPudeuFsZ_Q-FM_k3g0Dqa7kAxaBJxOcqJPR7Vfg1MfdqMv4mrJQCEZGl4L-RcqpOp_J4RO0zR6HXS6TUkHQJQR-pn2WowgL1OJ5o03UiB0AubczthPTWz7Ghx5IXwRD6YDAtnUDls6171MTQaQQgEEjsALx4X_zR5T6QETRLLbqnJMo0NEqSemEW2eTH9s_u_snNoUUJfUmyqX8uOvQCIAXwUJOTneG3pFPifdxgBYAE&ias_xappb=

Requested by

Host: fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com
URL: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

108.177.15.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wr-in-f154.1e100.net

Software

cafe /

Resource Hash

b197e74cfb1e03d721eee425ee02276a4a2d769d50bfe2a16b296ac400af9759

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25333
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:52 GMT
server: nginx
x-server-name: app01.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWduAWxxFE2yDnPDruzexwLuItWJNxjquzP5r69jxxWWxXDHhQ&d=CokBAKAmf-DWbp62DJM3WVoEXH3pBDlZOS6yR7Y2k5vpmmISeSriC2v1purRfauPhiO1u78_4yKw1MqxiupLw4YU25kY4qTf6wHgPJ5k9hI82peIP2julREXDw72hOZVb7RcGXQCIoOCVSzIVezbt7ABrG2uV_Zn5XJgBL3XAxyjcf9uJNf6MaZU0IUSyRYAoCZ_4IFvrK7q-V-sfdNDv_jAMDYrbmgLTq-soxVEqlcn-DTYRfSaR-iPUofbQ6h-0iYp_6FvX8E6xLot4qO4ZRnbNTUG3QAMwYlBh5uxr4DuB-Y2SVwXPqmpOg9t5HTcH7PVkDFFA-zKB57w6XCR6aAQwd7a7ISuVL-1urd91AU_GgT7qLxUqrqHSWLKx3C48tDM3wSlNtxBuARVF1pGg_j_aevaiWlTPdl8adZVAFncVptWzG8ymb1xEryKdiAXwqxdW99lLQnY_E5OKFPBGt4LaYxzg7yimai7YSQJxiYcOC6BJv8ptjUh_UpRSKc6MDnyGBT9zOUVWjnp67Su0n_OiCkMfVECWwQ09tHUxj_BsDc7q3WcGT8XUbp5qMAaAXwo323jVO9zZZE2qAn9ak-KSSz3fEp69xsCi35U2d2SNqFn3D4IVY5-C2csvnpRZVNyVFxdnTfF70o8HC9igLRxn_NmjUt5WjuPiGbRdCwcO9X6AxCon8IyqaWCUmYe3CGkZeAug8fFoBEZElwPQsBR5ZSHe5h-kZtuDMdlNzqvmuuq1yftGl7wfL1gQlevvddvj4SHaNfj1NXad09g4DHjZOXHvtWCDSP3Jw439GQbAi4yw5MLDHvfDXpMjT2mt_H7nv2GlT6bBHINYTdSdibI3Hew1yyfqwn4NeKmd2Xo5gX58Ssg2S5hwU_8dXkmZ2yUJumR4Dp40gA7g47GitBN7im5gfC02BtlYCF08Y9XIJFdc6mDTmrQHAm5eSp9ZijIOHJVWROFcRp4Fi7PB-EnsRI9Gz1B7c1SofTKoDELklCt5j0LraL5bOjd9pJlsMLDb_AxZ5-taswLhvOaUMOETV3GoPwSvWQa17MUR4ZgiUvT8Kfi9r3-BZjAHk5NqYQF3Lt4dtzByNrkse-HotOHBV6xFl3b-v_KLErTNNK2tMtny77SEqjNRsGB1UnD6XzRjcy9CF8JkTkKNZgEeydLXJmbG00d9fELrQBfd0IXrRKVvIIn9e2rubcBPBKk3CVowsQhaC05os3oxGTXXIX4kSyH1kzcPcMJL8aR3thu9EZfIxmtjKlTmtwjacDRpxcxbYUfdYAvMj4kyo3pxYmSrLuJp1QFm4nCNQ6E_6xDPHhltb9e-vIcfgsH7d7mFzE8eSjNfdGKeU2edtsx_eYvuEPEenGPShAw2yK188dloyROe9ThumV0ukA0j1-Vgxf3Qu6etkAPCfC43zPLLaYMv5YxzC3WwviEyhrQrtVNfXbIMLiFGOT4X2Kh3tDBQXVG4pJ8T0qHzDWsYPCKaVmsrwlBNZ8O1UEzOZovTmVYUbsLIIPHFHvo0fVCu5OCOMtwCWhYRQ37Rr94ng3ppR3EeLq3R21Xq31NPBBEs6A37CyNqSSSd2ZcRFT6gE1RP4pu2LJHbObVN_SgPUtLMiJgdX5QcnFNa7SDbuEZwb3Ha9lIp2kpLaym90sCt8VGoujHG7IyXezh80vTF3sdoqWCUe9zYYm-LLPW8CDkQUCMaXeToZYTJa9tEMv-mS7wjJT15gUEpQQL-AiArasvV5dfAphIzVZA6npRqzxaw9YqqQuRzMhVGd1dh8RmfmxBorwPizuJO6fLGaS1gTWCT1EDJEOccVzWI2ObSIgzdUPxFupfKG6Piw38WyW0u2MUW7kUBnx9xD7kG2PaG7ET1jh7bcldAnjUeI55tw2t-6GKakZITbUYEwR0KlZhRHoWTssfoh3HyDp6OcD_OliySAyYwIkJPp-l9cjDI7fa9-jVu7RmFvwPpFqvGSuVdipPhfcVGoBM9lIv0VyZAclpXfjXkTkfGU95JcFecvdAfi0BV2z1sOISxn3rGuJDLlaXbnMPnjVUBVahrAzgq83Q8p8JebP7UhCz6G0vRqA59cDTWpLrXusU5ofCGitw3Muf8C0w3nTk0AxgxnlMSZimhuj3tZflucH5t77QTiqbYXR3k3IlTqh_8zGU_yA2Lo7iMB3XeL32GyFWr4vZCiHQS_-m8PvpEfWasX8VDhWx4O4Goq_plrY2Nrt74jZXB7JhxDTEogiKC-VakeBEVrimisfFrkWoEvy3fCUJ2lmu2-KRcq1Jh_9o_Bc630AAk425g0b9j2PHHxkz0uPpiKlkrYGGCd1afwIv_So4S-d7rEUVqL0q9SuhpjwIrYFbHWhkXu5-NSnoUpMMWXSYi0nLNY5B_mlUom2kScfrR_Hxk9Xzpj-UzE48vMg5iG1UDzsm7M48c-QUjcBd6Tj1yw6HckhwAJ9SdYvg_on5JrgQll-m-JLnBv99mV2fRndNEnw0atghH9MmJ4KeHB5jcXTxFn95qvJkiR0kumtqT9hL3Yf9ooOVO3SmoWp2UHv47fNbUiEIwDQYF0jjpft9__fngl84GhJ8_gRQbrv0gESNLmtEPXYh2mxXkYGyQ3RFaL9TpGnF_n0WHu-rAdBxvkBwao3hdT6cK9ptswcAGzp2J0VTy6RBnaqNCXLyB8ClPHktjCOSbJGuNpEVElIConSwSUUhzitDIGEwtBmQbH4e-wY7hDh-wSEvwfw_bVo8T2pwuzOelxJ5puh0d58G1jNX9cZ8SmRrv5ejr2LnzYd78g9ovFCobI_64EvPCWKQfnm6GnaiPLbDwKdzdXiMuUlxku6pMR90TZDHmcDeMrRIgihyNsCzmMiW6eO7z6sqSph-wYuxAqk0Zatwt2tAAdb28F7_yujougCksfAADfmXXQmku1bB_cAPhp8_l5S1a4q24cCdy0heXpBWn8fjL-NNn_i_Fs4BCkIg89VpSFD6TyoiRMB5RFBj4gL_updLzW2tmXwkcZi5ad7gYHCTGcZwtcNpyLGBwLxYpgXEcywg3AiRfC_uZlntjhijF4j0JY49YsZADEuVKQJrfoYp0pIJ8TkYdqri0j2s5QHB-J-vXj3k5Y_zBNGhuZGXyId8ZsdbmYuRb9_c5mN5Ojul5N_tz1HuK_zFKMjnkwo7-kUNNN1hADw4Hy-D0jn_-8Jj_TVHEn7QNKHa6VZ1MIe6mS5HqDvuOkNRu0UiKaiCzAa3PzHMZ96dgKmpHzuUZwUgx_bdojSV8_ZSaT20_hoVcQ2MV532CGNCzWodsisX4wahmsSlX_0p7kjyn0C3R-mjoHU6Li3U9TwYAZPY_gi_W8zeWgmFdjRZPHzg2t87fHfL4FtbYqVmpgyBnWYi4afLCmBW-ClqutBQOH9EEGlxlXkDon7__CEC_r6ee9_WoYu0udrOTT0g0ivCz_MyiVjPP5Cn_W_hGhmyF5Rh78iqyX_dRPqgOXNhXNfLt7TCCvdWEnjBhLDrMrohDL0BMEohhEPem2LAi45RKAVdbAwgteVwlk6OEsk7-N-bJo0lrUkaPMzLEkawvl_eC9nB9XvdkmeYoXYi7ac8_n7ZOqchg1kPzyW7lR9RMX5zArrsL6j_rsBJ0P3DBhrkRhZ7ks6l4yj7qTps_3DUo3XTWBDFJEzsa0YW_p6MzJGYoxrw7XPkNs8aKrQniXM61KYKeD3FAI27KIparekSUGqHGFbrBtukLMrINBgwzElsw-2WfAlu7X1pq-8v1mz69OxFgf8PkdrJiVpoVXGkFHF-CmvI5H6zDrxEHQjMmnEON0naQxZ13MmR6C19wvLXH3Xn8b7kGAJKQ02k_P6T1xzfagh-0QAoXmU_3cwmhCPQRs1QoPUa3DxrZ5QYAmDP36k26skPudeuFsZ_Q-FM_k3g0Dqa7kAxaBJxOcqJPR7Vfg1MfdqMv4mrJQCEZGl4L-RcqpOp_J4RO0zR6HXS6TUkHQJQR-pn2WowgL1OJ5o03UiB0AubczthPTWz7Ghx5IXwRD6YDAtnUDls6171MTQaQQgEEjsALx4X_zR5T6QETRLLbqnJMo0NEqSemEW2eTH9s_u_snNoUUJfUmyqX8uOvQCIAXwUJOTneG3pFPifdxgBYAE&ias_xappb=
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame A4E0 91 KB
23 KB 72ms
23ms Script
application/javascript 2600:9000:223f:6a00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com
URL: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:6a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 10988982
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: lJ2gkV7vYiBdZR2vlgnRwMnf5DikHBE4YOwhX_-uy89SM6WnY3fkHA==

GET
H2

200

adj Show response
bid.g.doubleclick.net/xbbe/creative/ Frame 40B8
Redirect Chain

https://fw.adsafeprotected.com/rfw/bgd/1520146/76103085/xbbe/creative/adj?p=APEucNWduAWxxFE2yDnPDruzexwLuItWJNxjquzP5r69jxxWWxXDHhQ&d=CokBAKAmf-CdaaK0vBI9GHnXsoGR6415zPXAXKeniT1x-5Zz5rgjByD_xHaopoy...
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWduAWxxFE2yDnPDruzexwLuItWJNxjquzP5r69jxxWWxXDHhQ&d=CokBAKAmf-CdaaK0vBI9GHnXsoGR6415zPXAXKeniT1x-5Zz5rgjByD_xHaopoyyUiXEt5bvY1scMPMkriRIxt_zK...

74 KB
26 KB

112ms
83ms

Script
text/javascript

108.177.15.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWduAWxxFE2yDnPDruzexwLuItWJNxjquzP5r69jxxWWxXDHhQ&d=CokBAKAmf-CdaaK0vBI9GHnXsoGR6415zPXAXKeniT1x-5Zz5rgjByD_xHaopoyyUiXEt5bvY1scMPMkriRIxt_zKuqjTYYFYljI1oisnMlbDi-TM53nJmM9GUB9K9Xq4FF5RIPLearso7x9VKestBHq6MgOUJpdkOYtCm-Qw7jS-cE2eVKcgDsQf3oS6RYAoCZ_4AsVaKDHTgHE3tFUPDOizhTGTkXm-x4sncriFcDWds5a_O1w6VVthv1vKjbJVNIlNDx7jNdvbY4rZamq2-Rp12OQlqWB94E9AVdvpvHfGo4IjLf8v90c8JtPqXwuqIWLTK5tylmiKbFaTz3NzV_divl0YuJMdRD-7OirnNO30t4R8TQqBgmN0h3kuyJoFXil9tiI99pUdYOoJgT1GvaIs851JHH7xI3orLs8YCU23kHFmPCJMW5Cz6xw6qQVHtB5z4p0DRhmUR47zQLF6DzYGDvFWBwX6X33zomayZ__EdeuckESZlUFOzmggM-ALwutuK3kHmCoA1id8ams7a2LfFo7wg3O4alSooKN6eOD4B-MSsciGQ3DjpxY9vhv0L6HYh8_yXaWeEhLu78pWNuVsK_bq0DyIU9YWuK_OtODDdjL2StTBADOy2dafBLc-Pkhrw62g7-5QDfAfkkd4ycO2r1WTNXN97A42Jj7q7EvwadvnXqYeR0cIisVyGRUH87pWPnfeurDHXfojV1LFw0bngF_Hc6prRmTNoCPdvcFvNk7Q15u5bBT_BxVoxBgJZa2EROygVxJ5Xnbl9NZubqEWulAad-l-HePfEWEGUPlm2nBL5o6NtM9Hn0qJpdIOX3JXRWp1eZLQhnR70P8qZKdne898YFmMfymg5cuLvEhnJJqnf5iu5Or0WV91887W-NGTLMTm-dYe76HfssOTFfSgIJxfiFtcpjwc5JZduFDteQKx54JZLrnESI15IA3InHbfQu6T9veiKON9LxDQKDNx9eZakhPGMkelRDYizd4KE2ad2mMrtSwMkU40KMr8qHwpsbPX7KbjoB9Re4l7Z_TQT12W5ygm_8rJWlbfs4tyntXJ9D8IG6o98V7F1rCQ0nngwhif1P8vVjOLXzkAXMnmm2IKdMTCNk0eEBU5mW95nLznB-K8YZ_Iv1Iqgf7Jnqcl-RpkLz8A_nrJzsjI-nLmvrnYla-5KHwE79EjtU92q1iQo3nIkrSpYBurQxlOeMUPnfbwCe5jm5aFXQK90hHgcuzCPCKqdtWXLUhDGOUBsoBOdxdYtNrj2oJ2d-3WQXfjgw-lH28bu-du22BGflalESxXfXiOdHhA3ek6EEqlDUEZ8z373vsu1G5u92VvM7rV-wZnzioYjIYH77CrpScChkXMVp0f61cdpkGhHVnWBEsQER-BybyKWeWsg9sKD9QEZpsWgL0nBEV4tX_XKA8CpM2_Oy0Hb1Hpdghb5fLxt3upUuLT9Gyy-vMdGmKvoNNcHij1Mgo7548s4UHJjO22EjbjBz_plkSmp3OlcGq1QxDYbOBBnAyuZsnEgPh7MrXCVyXa8AHIw5DHOerzIyYDY0uy4yoDWcuvYes3blf27UgDMPjrjbEsotOkPG6UafLFy4Ba8lzmaThwCMpaD34HWS_Mo8upSGKFfkpXXx5Af6bI63Nk0d26p6NxEaxRmaNPWLiTN6EicDU6sYt7nG5qg0sjBiK_CXyT4Ta4UtdpUWyDK07Z0J0H12ocOxzbqbDcCZnEF7P-JSmhQmmKxxZ3TjxzKOEmfwjsiyTrDnxLIGVxy7Z47NkGVvKTd2MpMHsnp7EQaaXV52DuxckhRhDCbPkIRP8t4oWAsFJry1InSo-Bxutr3Sm9ArIfW08lZmGXZ1yK4LYWXVw3TJcZOId6y45ABulgT44Lj5c62o0WJGXr6rCMVgFdvxnBwDDlTqGHS6AZld5dooIH49WrPt_Abvo1flUYl2OaioQfm0ThN28nJFihJNFuFMizz5Qs15-6Bfegq4qio0j9_igw_YsIXGBRpflmJhKzRnmgwHUwNisUSxgPKLDXHPwgdgsrR0Atryrb1_NOK4NOqIKV3ptp0EYL17NdO13ZeU95gnFFCT6-00bfmWPpHYXaM7zLnmuDwQo95fzlOHHQw-svyVi7Ert9B9hjBx97MNEIJILATQ2K6ZYne3BYJ1XiGtLG_LBVKuhuiNv1mMKXpD36uQhZpTINWHip_A5nAAKiPRNu6umiMZyZ9Szu1khxxYl3DREaGBGCOiIqrtZLpmNafAqhUAHSobqilDDF4A-16fLvJQ48iSPnFaBY1VgZFOnFYUkWezrrjLJYUzOaR9MiFx1JWXG-G7UDq4TYdmLnF1YoUB6bKmmQJ3u7WAVABpE563HZFNnxQyQXJCpUAq-uPUAnhH_tCEw_hd10BYrU-dPdTuoloZjJGpjwmjzpTXhJKX3ph5ub89DkAFQaZwmoI-A-7zC86P0MVkJdFXZ78IKRClouZZfy8VFiKTcXoNPDhy3USjmmhWHezU2F68HFux20mbGB1uC_JZkh_QHT5dHO_AVWuCd0iHMp_hYEXcSG7WGWTpzRRFKkXGxbXYk36ZB5nhq58si6SLGO8QeYvnFrroPhLTlMz1zrpUlHopTt7FLrS1LGUxXJnMg_wVpaa6hvmgZlIn_YO11gCMELH1d5sLf8BNWQdp7_bFzEls7MIf35XGmj9l9ldrHyd68b2L2rACGJpGdR9ECoSHn0w5SS_VC3DA2FCFwsTOtcJRLaRjoAPMn4uWtGT33mz2cY_9F_aE5FLMC9Zff7R7UbLTtxpT9guyWj-MnVojp57DXKCpzMgZWfitGm-Qd7ilQcMQ72dO459OexQ-FaDJF9My5VZd6I1XMKbZuG_V3Q6XVNz3P7BMlvMOzLdaEsDcr7lNlNGX_f2cdJt-XMIsu4N91OQ6EtDa4GYdbMysSMFVY_KLUg511Ew1MItLkE0v_dNdrlz0IWud-zKOB7amytDQl2m8zzIY6vAUMyXWNUPGDnk3ZGYXSGGtZJPpBKiSb0R7vNWvKbnXhsp2jy79kXMgo1L0J01o-3SrVcrqjWOsBDIg6dx1Lv08wgT2haFj51PaW4y1uWEEd9QnIuaVVQ7CZt33kk7JeuJaAOt5Yd73Un_36KylSdgiD7oMxmgbOREXihtvPcGkHmBE3jMQG-0yz9_CAx8248fAt0v1qeu_e6v2V5OGO1e5uwQuBeG3MgxHtEvhMmHQkvgne3w25jYeh3ZI7qdLS4iidluYXx_bV51SQTG1lc5QBSiGToQ78KozXVKOmXKJ06Mm3MIPo-6H8ZBeJ5fLdg5e2EOUDd7x7q00gZAwbcxxnXR6Q8dIyWYDK1qnrTti2hyPqjEUavOLewNP4Mg-31bh6X_LO5FnFq8Y1JkePdaWBh7hTswyD1iX_6h9p1gGGge2WhKU3k0KhH7Nj7HhLRqyAOrAo_Ftfsi42Vurt-kccZUS3HTo621r9ezEJRNTpcjiDjZmqbcEqWl6TauC2-ovrHQwjWSKwAwVFmyF77ddpH7yfjXaKi8Yi0f81j6WFyOtqssCOfJ97oju114fbqfB_UV0AtUzH9ck5gJEwqDENJmMeDIRYm_ODY4h4gHay4vox6ypxjFYbc7JBxVbSJc-T_9h407r3wTy6fIJIsNwFinnNL8_n6U4H6inbFi-CAoCGSuzh_kUuQe9ZIyL67LM3hcnuXtV40YQD8sDroztjZc2MkyIM2AVwEeS-iFRxRkjuh-8wXtj4YRwRtcn9-UsTPp4f4ymY0IRbpor544Msbih21IK235fCWHTObaLbsZ47UmfnWkWctUFaSp1OLIedGVTum199Y3ufzVPKksSU9G-NSNPkjgyNvUG9K2GTM5mOyyfRc9JZQXV75w32XulRJjSNkkJTZVZq_s6RMfkMWEmtd7P0D-aYZPOLdbK4WP8_So4r_n4Udessq_8fZNK9vBdCP5XBN6X-2a6NDs2AphY7aKQsvxu0ABthd_OrIh1DOAQZRusykBM0Qnx8cF6ZOtXP7MkvuAvqO9i_gDragxNnnejl9MkZZVl4lFBQsn9SiP78wvPw-K7KzexuUBpBCAQSOwAvHhf_2kyPXCmO0fz-vdcL_iz5bBJCSNYLlDvJuRcEIG0U2pclXuEnyz95p-gwjY5OZeTVUfStbiePGAFgAQ&ias_xappb=

Requested by

Host: fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com
URL: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

108.177.15.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wr-in-f154.1e100.net

Software

cafe /

Resource Hash

151a123606a98de6b46940ad3abdcdc23834cc9616bb922719a38f2087df6e66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26223
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:52 GMT
server: nginx
x-server-name: app09.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWduAWxxFE2yDnPDruzexwLuItWJNxjquzP5r69jxxWWxXDHhQ&d=CokBAKAmf-CdaaK0vBI9GHnXsoGR6415zPXAXKeniT1x-5Zz5rgjByD_xHaopoyyUiXEt5bvY1scMPMkriRIxt_zKuqjTYYFYljI1oisnMlbDi-TM53nJmM9GUB9K9Xq4FF5RIPLearso7x9VKestBHq6MgOUJpdkOYtCm-Qw7jS-cE2eVKcgDsQf3oS6RYAoCZ_4AsVaKDHTgHE3tFUPDOizhTGTkXm-x4sncriFcDWds5a_O1w6VVthv1vKjbJVNIlNDx7jNdvbY4rZamq2-Rp12OQlqWB94E9AVdvpvHfGo4IjLf8v90c8JtPqXwuqIWLTK5tylmiKbFaTz3NzV_divl0YuJMdRD-7OirnNO30t4R8TQqBgmN0h3kuyJoFXil9tiI99pUdYOoJgT1GvaIs851JHH7xI3orLs8YCU23kHFmPCJMW5Cz6xw6qQVHtB5z4p0DRhmUR47zQLF6DzYGDvFWBwX6X33zomayZ__EdeuckESZlUFOzmggM-ALwutuK3kHmCoA1id8ams7a2LfFo7wg3O4alSooKN6eOD4B-MSsciGQ3DjpxY9vhv0L6HYh8_yXaWeEhLu78pWNuVsK_bq0DyIU9YWuK_OtODDdjL2StTBADOy2dafBLc-Pkhrw62g7-5QDfAfkkd4ycO2r1WTNXN97A42Jj7q7EvwadvnXqYeR0cIisVyGRUH87pWPnfeurDHXfojV1LFw0bngF_Hc6prRmTNoCPdvcFvNk7Q15u5bBT_BxVoxBgJZa2EROygVxJ5Xnbl9NZubqEWulAad-l-HePfEWEGUPlm2nBL5o6NtM9Hn0qJpdIOX3JXRWp1eZLQhnR70P8qZKdne898YFmMfymg5cuLvEhnJJqnf5iu5Or0WV91887W-NGTLMTm-dYe76HfssOTFfSgIJxfiFtcpjwc5JZduFDteQKx54JZLrnESI15IA3InHbfQu6T9veiKON9LxDQKDNx9eZakhPGMkelRDYizd4KE2ad2mMrtSwMkU40KMr8qHwpsbPX7KbjoB9Re4l7Z_TQT12W5ygm_8rJWlbfs4tyntXJ9D8IG6o98V7F1rCQ0nngwhif1P8vVjOLXzkAXMnmm2IKdMTCNk0eEBU5mW95nLznB-K8YZ_Iv1Iqgf7Jnqcl-RpkLz8A_nrJzsjI-nLmvrnYla-5KHwE79EjtU92q1iQo3nIkrSpYBurQxlOeMUPnfbwCe5jm5aFXQK90hHgcuzCPCKqdtWXLUhDGOUBsoBOdxdYtNrj2oJ2d-3WQXfjgw-lH28bu-du22BGflalESxXfXiOdHhA3ek6EEqlDUEZ8z373vsu1G5u92VvM7rV-wZnzioYjIYH77CrpScChkXMVp0f61cdpkGhHVnWBEsQER-BybyKWeWsg9sKD9QEZpsWgL0nBEV4tX_XKA8CpM2_Oy0Hb1Hpdghb5fLxt3upUuLT9Gyy-vMdGmKvoNNcHij1Mgo7548s4UHJjO22EjbjBz_plkSmp3OlcGq1QxDYbOBBnAyuZsnEgPh7MrXCVyXa8AHIw5DHOerzIyYDY0uy4yoDWcuvYes3blf27UgDMPjrjbEsotOkPG6UafLFy4Ba8lzmaThwCMpaD34HWS_Mo8upSGKFfkpXXx5Af6bI63Nk0d26p6NxEaxRmaNPWLiTN6EicDU6sYt7nG5qg0sjBiK_CXyT4Ta4UtdpUWyDK07Z0J0H12ocOxzbqbDcCZnEF7P-JSmhQmmKxxZ3TjxzKOEmfwjsiyTrDnxLIGVxy7Z47NkGVvKTd2MpMHsnp7EQaaXV52DuxckhRhDCbPkIRP8t4oWAsFJry1InSo-Bxutr3Sm9ArIfW08lZmGXZ1yK4LYWXVw3TJcZOId6y45ABulgT44Lj5c62o0WJGXr6rCMVgFdvxnBwDDlTqGHS6AZld5dooIH49WrPt_Abvo1flUYl2OaioQfm0ThN28nJFihJNFuFMizz5Qs15-6Bfegq4qio0j9_igw_YsIXGBRpflmJhKzRnmgwHUwNisUSxgPKLDXHPwgdgsrR0Atryrb1_NOK4NOqIKV3ptp0EYL17NdO13ZeU95gnFFCT6-00bfmWPpHYXaM7zLnmuDwQo95fzlOHHQw-svyVi7Ert9B9hjBx97MNEIJILATQ2K6ZYne3BYJ1XiGtLG_LBVKuhuiNv1mMKXpD36uQhZpTINWHip_A5nAAKiPRNu6umiMZyZ9Szu1khxxYl3DREaGBGCOiIqrtZLpmNafAqhUAHSobqilDDF4A-16fLvJQ48iSPnFaBY1VgZFOnFYUkWezrrjLJYUzOaR9MiFx1JWXG-G7UDq4TYdmLnF1YoUB6bKmmQJ3u7WAVABpE563HZFNnxQyQXJCpUAq-uPUAnhH_tCEw_hd10BYrU-dPdTuoloZjJGpjwmjzpTXhJKX3ph5ub89DkAFQaZwmoI-A-7zC86P0MVkJdFXZ78IKRClouZZfy8VFiKTcXoNPDhy3USjmmhWHezU2F68HFux20mbGB1uC_JZkh_QHT5dHO_AVWuCd0iHMp_hYEXcSG7WGWTpzRRFKkXGxbXYk36ZB5nhq58si6SLGO8QeYvnFrroPhLTlMz1zrpUlHopTt7FLrS1LGUxXJnMg_wVpaa6hvmgZlIn_YO11gCMELH1d5sLf8BNWQdp7_bFzEls7MIf35XGmj9l9ldrHyd68b2L2rACGJpGdR9ECoSHn0w5SS_VC3DA2FCFwsTOtcJRLaRjoAPMn4uWtGT33mz2cY_9F_aE5FLMC9Zff7R7UbLTtxpT9guyWj-MnVojp57DXKCpzMgZWfitGm-Qd7ilQcMQ72dO459OexQ-FaDJF9My5VZd6I1XMKbZuG_V3Q6XVNz3P7BMlvMOzLdaEsDcr7lNlNGX_f2cdJt-XMIsu4N91OQ6EtDa4GYdbMysSMFVY_KLUg511Ew1MItLkE0v_dNdrlz0IWud-zKOB7amytDQl2m8zzIY6vAUMyXWNUPGDnk3ZGYXSGGtZJPpBKiSb0R7vNWvKbnXhsp2jy79kXMgo1L0J01o-3SrVcrqjWOsBDIg6dx1Lv08wgT2haFj51PaW4y1uWEEd9QnIuaVVQ7CZt33kk7JeuJaAOt5Yd73Un_36KylSdgiD7oMxmgbOREXihtvPcGkHmBE3jMQG-0yz9_CAx8248fAt0v1qeu_e6v2V5OGO1e5uwQuBeG3MgxHtEvhMmHQkvgne3w25jYeh3ZI7qdLS4iidluYXx_bV51SQTG1lc5QBSiGToQ78KozXVKOmXKJ06Mm3MIPo-6H8ZBeJ5fLdg5e2EOUDd7x7q00gZAwbcxxnXR6Q8dIyWYDK1qnrTti2hyPqjEUavOLewNP4Mg-31bh6X_LO5FnFq8Y1JkePdaWBh7hTswyD1iX_6h9p1gGGge2WhKU3k0KhH7Nj7HhLRqyAOrAo_Ftfsi42Vurt-kccZUS3HTo621r9ezEJRNTpcjiDjZmqbcEqWl6TauC2-ovrHQwjWSKwAwVFmyF77ddpH7yfjXaKi8Yi0f81j6WFyOtqssCOfJ97oju114fbqfB_UV0AtUzH9ck5gJEwqDENJmMeDIRYm_ODY4h4gHay4vox6ypxjFYbc7JBxVbSJc-T_9h407r3wTy6fIJIsNwFinnNL8_n6U4H6inbFi-CAoCGSuzh_kUuQe9ZIyL67LM3hcnuXtV40YQD8sDroztjZc2MkyIM2AVwEeS-iFRxRkjuh-8wXtj4YRwRtcn9-UsTPp4f4ymY0IRbpor544Msbih21IK235fCWHTObaLbsZ47UmfnWkWctUFaSp1OLIedGVTum199Y3ufzVPKksSU9G-NSNPkjgyNvUG9K2GTM5mOyyfRc9JZQXV75w32XulRJjSNkkJTZVZq_s6RMfkMWEmtd7P0D-aYZPOLdbK4WP8_So4r_n4Udessq_8fZNK9vBdCP5XBN6X-2a6NDs2AphY7aKQsvxu0ABthd_OrIh1DOAQZRusykBM0Qnx8cF6ZOtXP7MkvuAvqO9i_gDragxNnnejl9MkZZVl4lFBQsn9SiP78wvPw-K7KzexuUBpBCAQSOwAvHhf_2kyPXCmO0fz-vdcL_iz5bBJCSNYLlDvJuRcEIG0U2pclXuEnyz95p-gwjY5OZeTVUfStbiePGAFgAQ&ias_xappb=
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 5C4F 91 KB
23 KB 53ms
39ms Script
application/javascript 2600:9000:223f:6a00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com
URL: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:6a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 10988982
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: 068evmN3KRl7A71be6ksotimKPb7pA1MLxAlunpsFS_yHtzVhZ5FZA==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame D0E8 43 B
215 B 723ms
350ms Image
image/gif 2600:1f13:800:7780:bad:39fb:3054:9ae2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1520146&asId=5fcedbde-3d1c-5b2d-a71f-9581212919ff&tv=%7Bc:2nysaO,pingTime:-3,time:68,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:0,h:0,t:15%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:69,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B64~0%5D,as:%5B64~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u2rnEPU+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b*.1520146-76103085%7C1b1%7C1b21%7C1c1,idMap:1b*,rmeas:1,rend:0,renddet:IMG.us,siq:16%7D&br=c
Requested by: Host: fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com
URL: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:bad:39fb:3054:9ae2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:53 GMT
server: nginx
x-server-name: dt02.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame D0E8 43 B
216 B 548ms
178ms Image
image/gif 2600:1f13:800:7780:bad:39fb:3054:9ae2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1520146&asId=5fcedbde-3d1c-5b2d-a71f-9581212919ff&tv=%7Bc:2nysaR,pingTime:-6,time:71,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:71,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B66~0%5D,as:%5B66~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u2rnEPU+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b*.1520146-76103085%7C1b1%7C1b21%7C1c1,idMap:1b*,rmeas:1,rend:0,renddet:IMG.us,siq:16%7D&tpiLookup=ao:culturaenegocios.com.br*&br=c
Requested by: Host: fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com
URL: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:bad:39fb:3054:9ae2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:53 GMT
server: nginx
x-server-name: dt14.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 40B8 43 B
215 B 544ms
178ms Image
image/gif 2600:1f13:800:7780:bad:39fb:3054:9ae2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1520146&asId=f2d82ac4-604f-3d8c-8c94-b232f8412f45&tv=%7Bc:2nysaW,pingTime:-3,time:39,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:90,t:12%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:39,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:12,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B35~0%5D,as:%5B35~970.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u2rnEPU+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b.1520146-76103085%7C1b1%7C1b21%7C1b3%7C1c*.1520146-76103085%7C1c1,idMap:1c*,rmeas:1,rend:0,renddet:IMG.us,siq:13%7D&br=c
Requested by: Host: fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com
URL: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:bad:39fb:3054:9ae2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:53 GMT
server: nginx
x-server-name: dt04.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 40B8 43 B
215 B 544ms
180ms Image
image/gif 2600:1f13:800:7780:bad:39fb:3054:9ae2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1520146&asId=f2d82ac4-604f-3d8c-8c94-b232f8412f45&tv=%7Bc:2nysaX,pingTime:-6,time:40,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:40,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:12,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B35~0%5D,as:%5B35~970.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u2rnEPU+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b.1520146-76103085%7C1b1%7C1b21%7C1b3%7C1c*.1520146-76103085%7C1c1,idMap:1c*,rmeas:1,rend:0,renddet:IMG.us,siq:13%7D&tpiLookup=ao:culturaenegocios.com.br*&br=c
Requested by: Host: fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com
URL: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:bad:39fb:3054:9ae2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:53 GMT
server: nginx
x-server-name: dt08.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame D0E8 43 B
215 B 714ms
350ms Image
image/gif 2600:1f13:800:7780:bad:39fb:3054:9ae2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1520146&asId=5fcedbde-3d1c-5b2d-a71f-9581212919ff&tv=%7Bc:2nysb0,pingTime:-2,time:80,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:325,beZ:326,mfA:328,cmA:329,inA:329,inZ:334,prA:334,prZ:337,si:340,poA:341,poZ:355,cmZ:355,mfZ:355,loA:396,loZ:397,ltA:404,ltZ:404%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:0,h:0,t:15%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:80,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B75~0%5D,as:%5B75~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u2rnEPU+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b*.1520146-76103085%7C1b1%7C1b21%7C1c.1520146-76103085%7C1c1,idMap:1b*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:IMG.us,siq:16,sinceFw:63,readyFired:false%7D&br=c
Requested by: Host: fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com
URL: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:bad:39fb:3054:9ae2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:53 GMT
server: nginx
x-server-name: dt05.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H2 200 cs Show response
as.cazamba.com/ Frame 5F8D 0
206 B 121ms
121ms XHR
text/html 52.87.124.31
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://as.cazamba.com/cs
Requested by: Host: as.cazamba.com
URL: https://as.cazamba.com/cs?publisher_id=2157&g=1706243929
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.87.124.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-87-124-31.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://as.cazamba.com/cs?publisher_id=2157&g=1706243929
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 26 Jan 2024 04:38:52 GMT
content-encoding: gzip
server: nginx
content-type: text/html; charset=UTF-8

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 863B 38 KB
13 KB 21ms
21ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 60275
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 25 Jan 2024 11:54:17 GMT
expires: Fri, 24 Jan 2025 11:54:17 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 40B8 43 B
215 B 711ms
351ms Image
image/gif 2600:1f13:800:7780:bad:39fb:3054:9ae2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1520146&asId=f2d82ac4-604f-3d8c-8c94-b232f8412f45&tv=%7Bc:2nysb3,pingTime:-2,time:46,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:314,beZ:315,mfA:317,cmA:318,inA:318,inZ:320,prA:320,prZ:323,si:327,poA:328,poZ:343,cmZ:343,mfZ:343,loA:354,loZ:356,ltA:360,ltZ:360%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:90,t:12%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:46,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:12,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B41~0%5D,as:%5B41~970.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u2rnEPU+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b.1520146-76103085%7C1b1%7C1b21%7C1b3%7C1c*.1520146-76103085%7C1c1,idMap:1c*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:IMG.us,siq:13,sinceFw:33,readyFired:false%7D&br=c
Requested by: Host: fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com
URL: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:bad:39fb:3054:9ae2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:53 GMT
server: nginx
x-server-name: dt09.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5F69 0
20 B 51ms
51ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BViEVXDezZeTKJuXLjuwPjqmesA0AAAAAOAHgBAI&bg=!QEOlQwzNAAa8BdJLnAU7ADQBe5WfOGF6z9Tmhgakd8wpIkZyo9e2SKDFv0cssETwRHSg5eYBsUBWdtCu7La5qZVThCeMAgAAAIBSAAAAAWgBBwoAPj4F1_TlIHWasgYCLL7aSSEdol5OAvqa6C3XwQKSWTop6PXuPdUA19aY7HbnNy_2Y8oqr6KXNOH7g8dLn7O2mQMHNRhYbM4jgU7TPaBgLN6Zze08waowyyNXqlgvN0H_cOPydxhDTBBFE3E2ubDVmONZG6aH9RDfz7A1GzUB5uJwjR0V7DgRqhiBb0q6nxzoWuXCqfIny8IjMN2yKlBB5-ZRBM96s_pX8eOe5CU0FYFSIqS4sw7-oVuBAjz9bMMX4s0Bm2ob2VWPIOelM5NZagkKytixWmfMhLKPCv1QXuRGO2SNf8DiXjtrI3iNSDfgGD-de8EFLvVNQzv_HTsJRKGgrjiPJLnIxXOa5rEaMmi4PuS9LwmXH7fvWQ_Lqo1z1pvBFb2hVlwPZ1uaW2vu_tPm1v5F02RzF70KEUAL6V_36BFQmvC1r-InH6upyU1OKUuQ3RXaUq4JfYbHX0UsLP-dOVdJzdMHIDHtZR3WWwUw6uVwM_7iQ_s1b2IE0qUTBD93q2VdQzMN04k0VtPvnBM3yMwmkD4QxXe7nTqpekabTZIQHuxKLlTYw7FJEJy4cIzmoEpd2MBTiJerLnNPh0hTxeuFl1EaldU1NqE3o8r-ubtGfUfiNx2S3js2v7ZGPsOXUWTFsVWVZLxdtlwh1VCOglCxV5bnym27LAZkiuZkPYOFuuyYFX2QtTQVwXzo1iH6O8CYz7T_gvIfeHCsGR3UK12LC0BzwYel_fE7XnjTX72HyGNafo0CBuwaOmjKVmyiXHVLIf5OdE1IoD-mRzNUiJQyI7a-K1YWNcCw20K4i5zayZNncIjZAMJVn1Rw6F2b1dAmJqNvWejZe7sm1xpItAvNKLVDbUjITbM_vJi4i7TFvAOBjk4I9W36qMUDV125iQvDgin3LWUtTte0SzHPXXyxBy4apBwJ9tJfC5hMyDTeW_BZq-R9VYG4OzOPHCe5tOidZJMXy5RVld0xkfC8XZ5awmmHB5iM2ewodE8bLcfLASDxW40ndLcdpcYkal3AOmJJVEdUGk5TtKLkedpjdpou9swJoyTtlgU8FykkbZmcLPfGw-ydReLOPjSk7g7VSYmQ7iEboL1K92SDQyyte2-eu-ypOw

Requested by

Host: fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com
URL: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 863B 39 KB
15 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 01:32:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11175
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 Jan 2025 01:32:37 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 863B 0
20 B 52ms
51ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B4MFaXDezZb_ALKj41PIPkfSU8AsAAAAAOAHgBAI&bg=!lpWlldrNAAa8BdJLnAU7ADQBe5WfOP47MZpzkkkGq5lQpq9xjc8Ip2SicY1HfW0p5t9dqEy7OSe1JtSrWVsWnmrvingjAgAAAEBSAAAAAWgBB5kDBQueYUCAdinHT1oaqkbGMi2XlvikxvBhq6jjXqZQXDQBXxV-DAk7j-oxG4LRu80GDlFy8WFqLTYjmJyhhkck1R_KI9affHmKrgQNQMX4ffeu3vFgyPihMrUQw8Doe9Hl1s2APof0p-wka0FllOCb3lBGD2ydIv8lOthovsP1yDV_o7svPmCx6vOcxMazVWUmJrZA9Gvg2l8OKAA2wbwnn4P7tBnjDMogXw6c3kqsOS3U_nesTX0IWh4K-H9LS15CxyTqsawYTEv2K3MpONfLsKXNeL19Bo-KfIW93LZMevi7SL9b___4801FgErMF1Bh3cV3F1XT2cXc979EBHWNRYFLAb2CbChivYpipis1Qi8dy71CxV_MGRcJQ9TxYvYhwi5dwBBjCBb_NquTxWbltxZRiTnpdpCbjIZd_gXrGuL9LQIqH5slkyCq8ig0hACedK_ykULUc51qjIenyjVVymjEuizWfZNcP3D1Hdd12wquYFHQuwLot5I34ddAnPgun8ZYtYGRSVepmghKqk-oq8cMfdFe3pxFkD8R8uerU_WLFGvhnJ-tyVszdx-8-8H-5X4zyx32l2w5FinLdNN9y6eZWhr-HO7rrSpockntV9q6Qnf5hqtN4SiYZbtFmoan_2f15rmrfWhPjI_GqBl9fQKc8nukOmbHv8WzItmxF2hoNhfgGTTXeHxOggw-U-ww7mgFM58uHqUnpN_DHVG1IomW368r-c0YxRWIOmA6D9POdIlyU_D3zcMhMD4e6OkoPDdak7Tefxs1Jkkj27gsJikwROWxuF4Clf3KDs5xq-udIEjxnr9xmU3tyNSch-vjhet-eVe7AZohBZKJ-kFObStbg0egqxtwtCB75gTGogm8ngnPAAtyS_JoRV1MRuGspIN9JzsuyuVAGVNR0G-cnUtJrGu4d8Mv1WL97VniK3rX7rXeMKQBBee9dba-nbKq-K6WQq_QXCYlyT6sqeh-3cy1z1p8-53jRM2ovDkegCRgijsMf6-tuNg2yQnhcdXU3SA4DZMB

Requested by

Host: fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com
URL: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame D0E8 31 KB
12 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite.js

Requested by

Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1520146/76103085/xbbe/creative/adj?p=APEucNWduAWxxFE2yDnPDruzexwLuItWJNxjquzP5r69jxxWWxXDHhQ&d=CokBAKAmf-DWbp62DJM3WVoEXH3pBDlZOS6yR7Y2k5vpmmISeSriC2v1purRfauPhiO1u78_4yKw1MqxiupLw4YU25kY4qTf6wHgPJ5k9hI82peIP2julREXDw72hOZVb7RcGXQCIoOCVSzIVezbt7ABrG2uV_Zn5XJgBL3XAxyjcf9uJNf6MaZU0IUSyRYAoCZ_4IFvrK7q-V-sfdNDv_jAMDYrbmgLTq-soxVEqlcn-DTYRfSaR-iPUofbQ6h-0iYp_6FvX8E6xLot4qO4ZRnbNTUG3QAMwYlBh5uxr4DuB-Y2SVwXPqmpOg9t5HTcH7PVkDFFA-zKB57w6XCR6aAQwd7a7ISuVL-1urd91AU_GgT7qLxUqrqHSWLKx3C48tDM3wSlNtxBuARVF1pGg_j_aevaiWlTPdl8adZVAFncVptWzG8ymb1xEryKdiAXwqxdW99lLQnY_E5OKFPBGt4LaYxzg7yimai7YSQJxiYcOC6BJv8ptjUh_UpRSKc6MDnyGBT9zOUVWjnp67Su0n_OiCkMfVECWwQ09tHUxj_BsDc7q3WcGT8XUbp5qMAaAXwo323jVO9zZZE2qAn9ak-KSSz3fEp69xsCi35U2d2SNqFn3D4IVY5-C2csvnpRZVNyVFxdnTfF70o8HC9igLRxn_NmjUt5WjuPiGbRdCwcO9X6AxCon8IyqaWCUmYe3CGkZeAug8fFoBEZElwPQsBR5ZSHe5h-kZtuDMdlNzqvmuuq1yftGl7wfL1gQlevvddvj4SHaNfj1NXad09g4DHjZOXHvtWCDSP3Jw439GQbAi4yw5MLDHvfDXpMjT2mt_H7nv2GlT6bBHINYTdSdibI3Hew1yyfqwn4NeKmd2Xo5gX58Ssg2S5hwU_8dXkmZ2yUJumR4Dp40gA7g47GitBN7im5gfC02BtlYCF08Y9XIJFdc6mDTmrQHAm5eSp9ZijIOHJVWROFcRp4Fi7PB-EnsRI9Gz1B7c1SofTKoDELklCt5j0LraL5bOjd9pJlsMLDb_AxZ5-taswLhvOaUMOETV3GoPwSvWQa17MUR4ZgiUvT8Kfi9r3-BZjAHk5NqYQF3Lt4dtzByNrkse-HotOHBV6xFl3b-v_KLErTNNK2tMtny77SEqjNRsGB1UnD6XzRjcy9CF8JkTkKNZgEeydLXJmbG00d9fELrQBfd0IXrRKVvIIn9e2rubcBPBKk3CVowsQhaC05os3oxGTXXIX4kSyH1kzcPcMJL8aR3thu9EZfIxmtjKlTmtwjacDRpxcxbYUfdYAvMj4kyo3pxYmSrLuJp1QFm4nCNQ6E_6xDPHhltb9e-vIcfgsH7d7mFzE8eSjNfdGKeU2edtsx_eYvuEPEenGPShAw2yK188dloyROe9ThumV0ukA0j1-Vgxf3Qu6etkAPCfC43zPLLaYMv5YxzC3WwviEyhrQrtVNfXbIMLiFGOT4X2Kh3tDBQXVG4pJ8T0qHzDWsYPCKaVmsrwlBNZ8O1UEzOZovTmVYUbsLIIPHFHvo0fVCu5OCOMtwCWhYRQ37Rr94ng3ppR3EeLq3R21Xq31NPBBEs6A37CyNqSSSd2ZcRFT6gE1RP4pu2LJHbObVN_SgPUtLMiJgdX5QcnFNa7SDbuEZwb3Ha9lIp2kpLaym90sCt8VGoujHG7IyXezh80vTF3sdoqWCUe9zYYm-LLPW8CDkQUCMaXeToZYTJa9tEMv-mS7wjJT15gUEpQQL-AiArasvV5dfAphIzVZA6npRqzxaw9YqqQuRzMhVGd1dh8RmfmxBorwPizuJO6fLGaS1gTWCT1EDJEOccVzWI2ObSIgzdUPxFupfKG6Piw38WyW0u2MUW7kUBnx9xD7kG2PaG7ET1jh7bcldAnjUeI55tw2t-6GKakZITbUYEwR0KlZhRHoWTssfoh3HyDp6OcD_OliySAyYwIkJPp-l9cjDI7fa9-jVu7RmFvwPpFqvGSuVdipPhfcVGoBM9lIv0VyZAclpXfjXkTkfGU95JcFecvdAfi0BV2z1sOISxn3rGuJDLlaXbnMPnjVUBVahrAzgq83Q8p8JebP7UhCz6G0vRqA59cDTWpLrXusU5ofCGitw3Muf8C0w3nTk0AxgxnlMSZimhuj3tZflucH5t77QTiqbYXR3k3IlTqh_8zGU_yA2Lo7iMB3XeL32GyFWr4vZCiHQS_-m8PvpEfWasX8VDhWx4O4Goq_plrY2Nrt74jZXB7JhxDTEogiKC-VakeBEVrimisfFrkWoEvy3fCUJ2lmu2-KRcq1Jh_9o_Bc630AAk425g0b9j2PHHxkz0uPpiKlkrYGGCd1afwIv_So4S-d7rEUVqL0q9SuhpjwIrYFbHWhkXu5-NSnoUpMMWXSYi0nLNY5B_mlUom2kScfrR_Hxk9Xzpj-UzE48vMg5iG1UDzsm7M48c-QUjcBd6Tj1yw6HckhwAJ9SdYvg_on5JrgQll-m-JLnBv99mV2fRndNEnw0atghH9MmJ4KeHB5jcXTxFn95qvJkiR0kumtqT9hL3Yf9ooOVO3SmoWp2UHv47fNbUiEIwDQYF0jjpft9__fngl84GhJ8_gRQbrv0gESNLmtEPXYh2mxXkYGyQ3RFaL9TpGnF_n0WHu-rAdBxvkBwao3hdT6cK9ptswcAGzp2J0VTy6RBnaqNCXLyB8ClPHktjCOSbJGuNpEVElIConSwSUUhzitDIGEwtBmQbH4e-wY7hDh-wSEvwfw_bVo8T2pwuzOelxJ5puh0d58G1jNX9cZ8SmRrv5ejr2LnzYd78g9ovFCobI_64EvPCWKQfnm6GnaiPLbDwKdzdXiMuUlxku6pMR90TZDHmcDeMrRIgihyNsCzmMiW6eO7z6sqSph-wYuxAqk0Zatwt2tAAdb28F7_yujougCksfAADfmXXQmku1bB_cAPhp8_l5S1a4q24cCdy0heXpBWn8fjL-NNn_i_Fs4BCkIg89VpSFD6TyoiRMB5RFBj4gL_updLzW2tmXwkcZi5ad7gYHCTGcZwtcNpyLGBwLxYpgXEcywg3AiRfC_uZlntjhijF4j0JY49YsZADEuVKQJrfoYp0pIJ8TkYdqri0j2s5QHB-J-vXj3k5Y_zBNGhuZGXyId8ZsdbmYuRb9_c5mN5Ojul5N_tz1HuK_zFKMjnkwo7-kUNNN1hADw4Hy-D0jn_-8Jj_TVHEn7QNKHa6VZ1MIe6mS5HqDvuOkNRu0UiKaiCzAa3PzHMZ96dgKmpHzuUZwUgx_bdojSV8_ZSaT20_hoVcQ2MV532CGNCzWodsisX4wahmsSlX_0p7kjyn0C3R-mjoHU6Li3U9TwYAZPY_gi_W8zeWgmFdjRZPHzg2t87fHfL4FtbYqVmpgyBnWYi4afLCmBW-ClqutBQOH9EEGlxlXkDon7__CEC_r6ee9_WoYu0udrOTT0g0ivCz_MyiVjPP5Cn_W_hGhmyF5Rh78iqyX_dRPqgOXNhXNfLt7TCCvdWEnjBhLDrMrohDL0BMEohhEPem2LAi45RKAVdbAwgteVwlk6OEsk7-N-bJo0lrUkaPMzLEkawvl_eC9nB9XvdkmeYoXYi7ac8_n7ZOqchg1kPzyW7lR9RMX5zArrsL6j_rsBJ0P3DBhrkRhZ7ks6l4yj7qTps_3DUo3XTWBDFJEzsa0YW_p6MzJGYoxrw7XPkNs8aKrQniXM61KYKeD3FAI27KIparekSUGqHGFbrBtukLMrINBgwzElsw-2WfAlu7X1pq-8v1mz69OxFgf8PkdrJiVpoVXGkFHF-CmvI5H6zDrxEHQjMmnEON0naQxZ13MmR6C19wvLXH3Xn8b7kGAJKQ02k_P6T1xzfagh-0QAoXmU_3cwmhCPQRs1QoPUa3DxrZ5QYAmDP36k26skPudeuFsZ_Q-FM_k3g0Dqa7kAxaBJxOcqJPR7Vfg1MfdqMv4mrJQCEZGl4L-RcqpOp_J4RO0zR6HXS6TUkHQJQR-pn2WowgL1OJ5o03UiB0AubczthPTWz7Ghx5IXwRD6YDAtnUDls6171MTQaQQgEEjsALx4X_zR5T6QETRLLbqnJMo0NEqSemEW2eTH9s_u_snNoUUJfUmyqX8uOvQCIAXwUJOTneG3pFPifdxgBYAE&bundleId=&ias_dspID=3&ias_campId=1013172746&ias_pubId=pub-9153399113741741&ias_chanId=1&ias_placementId=20409788283&bidurl=https://culturaenegocios.com.br/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0jzzbXNSsc0FqidM4cMYuLi&adsafe_url=https%3A%2F%2Fculturaenegocios.com.br&adsafe_type=y&adsafe_url=https%3A%2F%2Fculturaenegocios.com.br%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Ffe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Ffe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:5fcedbde-3d1c-5b2d-a71f-9581212919ff,c:2nys9X,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-74b57f8799-mcnkn,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:3,mot:0,app:0,maw:0,fm:u2rnEPU+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b*.1520146-76103085%7C1b1%7C1b21%7C1c1,idMap:1b*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:15,oid:ce8bbfbc-bc04-11ee-8388-5a01310b5892,v:19.8.476,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5fa42c1d96f1d20bb0a5c0f1468aba661ad4c3584dd51646a3bfb996e869b8dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 03:29:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4160
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11931
x-xss-protection: 0
server: cafe
etag: 11828260617052087593
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Feb 2024 03:29:33 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/ Frame D0E8 12 KB
4 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 03:29:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4160
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4383
x-xss-protection: 0
server: cafe
etag: 1583492410672046836
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Feb 2024 03:29:33 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame D0E8 0
0 107ms
54ms Fetch
image/gif 142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjstYWmvgrBz-Ncqnp3cspyZVSlY1nQ-xUFuGWJnaLakOH9C0Rs7clfYmUX7TId1QZjlsvHZi_EFVCgzIaBUAO3pNo5wzplaoWSpOxpCgpXGMoF6yVp7pnA_QTL2i0OcIPf86C0iKQ6XQZqxXnjIzoJI9yUPVtw0aItAT7VzCX2su9RTY2VHOQoOuNysetHn5zPMk0l2aHT6WFjl7zHflLoZZ9tEsbDQ6l8_JB1ji6YnKdZEojqoFp-9-&sai=AMfl-YRqNUQ0PXHyRsYBI6qybUALOzXQ3e0vuJVAn1J-mCZ6TxxpOQG7wGNen8Ky33Uo3cfB1TzzgRlfPgW_aC_0vrbswl1DhwZMtiTg52yYqYHX_n87MnZ9e5GsBrcQZHOwvIytoKxBNOWUwvO5YYFm-8eyUQ&sig=Cg0ArKJSzAuByXuIGP_xEAE&uach_m=%5BUACH%5D&cry=1&crd=aHR0cHM6Ly9jaXNjby5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20240122.59815&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 2234931379007698196
s0.2mdn.net/simgad/ Frame D0E8 78 KB
78 KB 70ms
18ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/2234931379007698196

Requested by

Host: fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com
URL: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7ee0c8f222d06fb1c267b6b4bbaac08a7664e90c34768322e78a87060706ad9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 23 Jan 2025 04:10:21 GMT
date: Wed, 24 Jan 2024 04:10:21 GMT
x-content-type-options: nosniff
age: 174512
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79613
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 14:15:58 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1F65 1 KB
643 B 18ms
18ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com
URL: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 69923
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 25 Jan 2024 09:13:30 GMT
etag: 48472445140208031
expires: Fri, 26 Jan 2024 09:13:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 40B8 111 KB
39 KB 62ms
18ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/
Origin: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 19:25:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33191
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 26 Jan 2024 19:25:42 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/ Frame 40B8 12 KB
4 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/omrhp.js

Requested by

Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1520146/76103085/xbbe/creative/adj?p=APEucNWduAWxxFE2yDnPDruzexwLuItWJNxjquzP5r69jxxWWxXDHhQ&d=CokBAKAmf-CdaaK0vBI9GHnXsoGR6415zPXAXKeniT1x-5Zz5rgjByD_xHaopoyyUiXEt5bvY1scMPMkriRIxt_zKuqjTYYFYljI1oisnMlbDi-TM53nJmM9GUB9K9Xq4FF5RIPLearso7x9VKestBHq6MgOUJpdkOYtCm-Qw7jS-cE2eVKcgDsQf3oS6RYAoCZ_4AsVaKDHTgHE3tFUPDOizhTGTkXm-x4sncriFcDWds5a_O1w6VVthv1vKjbJVNIlNDx7jNdvbY4rZamq2-Rp12OQlqWB94E9AVdvpvHfGo4IjLf8v90c8JtPqXwuqIWLTK5tylmiKbFaTz3NzV_divl0YuJMdRD-7OirnNO30t4R8TQqBgmN0h3kuyJoFXil9tiI99pUdYOoJgT1GvaIs851JHH7xI3orLs8YCU23kHFmPCJMW5Cz6xw6qQVHtB5z4p0DRhmUR47zQLF6DzYGDvFWBwX6X33zomayZ__EdeuckESZlUFOzmggM-ALwutuK3kHmCoA1id8ams7a2LfFo7wg3O4alSooKN6eOD4B-MSsciGQ3DjpxY9vhv0L6HYh8_yXaWeEhLu78pWNuVsK_bq0DyIU9YWuK_OtODDdjL2StTBADOy2dafBLc-Pkhrw62g7-5QDfAfkkd4ycO2r1WTNXN97A42Jj7q7EvwadvnXqYeR0cIisVyGRUH87pWPnfeurDHXfojV1LFw0bngF_Hc6prRmTNoCPdvcFvNk7Q15u5bBT_BxVoxBgJZa2EROygVxJ5Xnbl9NZubqEWulAad-l-HePfEWEGUPlm2nBL5o6NtM9Hn0qJpdIOX3JXRWp1eZLQhnR70P8qZKdne898YFmMfymg5cuLvEhnJJqnf5iu5Or0WV91887W-NGTLMTm-dYe76HfssOTFfSgIJxfiFtcpjwc5JZduFDteQKx54JZLrnESI15IA3InHbfQu6T9veiKON9LxDQKDNx9eZakhPGMkelRDYizd4KE2ad2mMrtSwMkU40KMr8qHwpsbPX7KbjoB9Re4l7Z_TQT12W5ygm_8rJWlbfs4tyntXJ9D8IG6o98V7F1rCQ0nngwhif1P8vVjOLXzkAXMnmm2IKdMTCNk0eEBU5mW95nLznB-K8YZ_Iv1Iqgf7Jnqcl-RpkLz8A_nrJzsjI-nLmvrnYla-5KHwE79EjtU92q1iQo3nIkrSpYBurQxlOeMUPnfbwCe5jm5aFXQK90hHgcuzCPCKqdtWXLUhDGOUBsoBOdxdYtNrj2oJ2d-3WQXfjgw-lH28bu-du22BGflalESxXfXiOdHhA3ek6EEqlDUEZ8z373vsu1G5u92VvM7rV-wZnzioYjIYH77CrpScChkXMVp0f61cdpkGhHVnWBEsQER-BybyKWeWsg9sKD9QEZpsWgL0nBEV4tX_XKA8CpM2_Oy0Hb1Hpdghb5fLxt3upUuLT9Gyy-vMdGmKvoNNcHij1Mgo7548s4UHJjO22EjbjBz_plkSmp3OlcGq1QxDYbOBBnAyuZsnEgPh7MrXCVyXa8AHIw5DHOerzIyYDY0uy4yoDWcuvYes3blf27UgDMPjrjbEsotOkPG6UafLFy4Ba8lzmaThwCMpaD34HWS_Mo8upSGKFfkpXXx5Af6bI63Nk0d26p6NxEaxRmaNPWLiTN6EicDU6sYt7nG5qg0sjBiK_CXyT4Ta4UtdpUWyDK07Z0J0H12ocOxzbqbDcCZnEF7P-JSmhQmmKxxZ3TjxzKOEmfwjsiyTrDnxLIGVxy7Z47NkGVvKTd2MpMHsnp7EQaaXV52DuxckhRhDCbPkIRP8t4oWAsFJry1InSo-Bxutr3Sm9ArIfW08lZmGXZ1yK4LYWXVw3TJcZOId6y45ABulgT44Lj5c62o0WJGXr6rCMVgFdvxnBwDDlTqGHS6AZld5dooIH49WrPt_Abvo1flUYl2OaioQfm0ThN28nJFihJNFuFMizz5Qs15-6Bfegq4qio0j9_igw_YsIXGBRpflmJhKzRnmgwHUwNisUSxgPKLDXHPwgdgsrR0Atryrb1_NOK4NOqIKV3ptp0EYL17NdO13ZeU95gnFFCT6-00bfmWPpHYXaM7zLnmuDwQo95fzlOHHQw-svyVi7Ert9B9hjBx97MNEIJILATQ2K6ZYne3BYJ1XiGtLG_LBVKuhuiNv1mMKXpD36uQhZpTINWHip_A5nAAKiPRNu6umiMZyZ9Szu1khxxYl3DREaGBGCOiIqrtZLpmNafAqhUAHSobqilDDF4A-16fLvJQ48iSPnFaBY1VgZFOnFYUkWezrrjLJYUzOaR9MiFx1JWXG-G7UDq4TYdmLnF1YoUB6bKmmQJ3u7WAVABpE563HZFNnxQyQXJCpUAq-uPUAnhH_tCEw_hd10BYrU-dPdTuoloZjJGpjwmjzpTXhJKX3ph5ub89DkAFQaZwmoI-A-7zC86P0MVkJdFXZ78IKRClouZZfy8VFiKTcXoNPDhy3USjmmhWHezU2F68HFux20mbGB1uC_JZkh_QHT5dHO_AVWuCd0iHMp_hYEXcSG7WGWTpzRRFKkXGxbXYk36ZB5nhq58si6SLGO8QeYvnFrroPhLTlMz1zrpUlHopTt7FLrS1LGUxXJnMg_wVpaa6hvmgZlIn_YO11gCMELH1d5sLf8BNWQdp7_bFzEls7MIf35XGmj9l9ldrHyd68b2L2rACGJpGdR9ECoSHn0w5SS_VC3DA2FCFwsTOtcJRLaRjoAPMn4uWtGT33mz2cY_9F_aE5FLMC9Zff7R7UbLTtxpT9guyWj-MnVojp57DXKCpzMgZWfitGm-Qd7ilQcMQ72dO459OexQ-FaDJF9My5VZd6I1XMKbZuG_V3Q6XVNz3P7BMlvMOzLdaEsDcr7lNlNGX_f2cdJt-XMIsu4N91OQ6EtDa4GYdbMysSMFVY_KLUg511Ew1MItLkE0v_dNdrlz0IWud-zKOB7amytDQl2m8zzIY6vAUMyXWNUPGDnk3ZGYXSGGtZJPpBKiSb0R7vNWvKbnXhsp2jy79kXMgo1L0J01o-3SrVcrqjWOsBDIg6dx1Lv08wgT2haFj51PaW4y1uWEEd9QnIuaVVQ7CZt33kk7JeuJaAOt5Yd73Un_36KylSdgiD7oMxmgbOREXihtvPcGkHmBE3jMQG-0yz9_CAx8248fAt0v1qeu_e6v2V5OGO1e5uwQuBeG3MgxHtEvhMmHQkvgne3w25jYeh3ZI7qdLS4iidluYXx_bV51SQTG1lc5QBSiGToQ78KozXVKOmXKJ06Mm3MIPo-6H8ZBeJ5fLdg5e2EOUDd7x7q00gZAwbcxxnXR6Q8dIyWYDK1qnrTti2hyPqjEUavOLewNP4Mg-31bh6X_LO5FnFq8Y1JkePdaWBh7hTswyD1iX_6h9p1gGGge2WhKU3k0KhH7Nj7HhLRqyAOrAo_Ftfsi42Vurt-kccZUS3HTo621r9ezEJRNTpcjiDjZmqbcEqWl6TauC2-ovrHQwjWSKwAwVFmyF77ddpH7yfjXaKi8Yi0f81j6WFyOtqssCOfJ97oju114fbqfB_UV0AtUzH9ck5gJEwqDENJmMeDIRYm_ODY4h4gHay4vox6ypxjFYbc7JBxVbSJc-T_9h407r3wTy6fIJIsNwFinnNL8_n6U4H6inbFi-CAoCGSuzh_kUuQe9ZIyL67LM3hcnuXtV40YQD8sDroztjZc2MkyIM2AVwEeS-iFRxRkjuh-8wXtj4YRwRtcn9-UsTPp4f4ymY0IRbpor544Msbih21IK235fCWHTObaLbsZ47UmfnWkWctUFaSp1OLIedGVTum199Y3ufzVPKksSU9G-NSNPkjgyNvUG9K2GTM5mOyyfRc9JZQXV75w32XulRJjSNkkJTZVZq_s6RMfkMWEmtd7P0D-aYZPOLdbK4WP8_So4r_n4Udessq_8fZNK9vBdCP5XBN6X-2a6NDs2AphY7aKQsvxu0ABthd_OrIh1DOAQZRusykBM0Qnx8cF6ZOtXP7MkvuAvqO9i_gDragxNnnejl9MkZZVl4lFBQsn9SiP78wvPw-K7KzexuUBpBCAQSOwAvHhf_2kyPXCmO0fz-vdcL_iz5bBJCSNYLlDvJuRcEIG0U2pclXuEnyz95p-gwjY5OZeTVUfStbiePGAFgAQ&bundleId=&ias_dspID=3&ias_campId=1013172746&ias_pubId=pub-9153399113741741&ias_chanId=1&ias_placementId=20409788283&bidurl=https://culturaenegocios.com.br/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0jL_G-lsoEtPT3wvcEunjqR&adsafe_url=https%3A%2F%2Fculturaenegocios.com.br&adsafe_type=y&adsafe_url=https%3A%2F%2Fculturaenegocios.com.br%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Ffe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Ffe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:f2d82ac4-604f-3d8c-8c94-b232f8412f45,c:2nysav,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-74b57f8799-978xh,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:2,mot:0,app:0,maw:0,fm:u2rnEQv+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b1%7C1b21%7C1b3%7C1c*.1520146-76103085%7C1c1,idMap:1c*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:12,oid:ce8fddb2-bc04-11ee-82d4-86d168e5e0b7,v:19.8.476,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 03:29:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4160
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4383
x-xss-protection: 0
server: cafe
etag: 1583492410672046836
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Feb 2024 03:29:33 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame 40B8 31 KB
12 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite.js

Requested by

Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1520146/76103085/xbbe/creative/adj?p=APEucNWduAWxxFE2yDnPDruzexwLuItWJNxjquzP5r69jxxWWxXDHhQ&d=CokBAKAmf-CdaaK0vBI9GHnXsoGR6415zPXAXKeniT1x-5Zz5rgjByD_xHaopoyyUiXEt5bvY1scMPMkriRIxt_zKuqjTYYFYljI1oisnMlbDi-TM53nJmM9GUB9K9Xq4FF5RIPLearso7x9VKestBHq6MgOUJpdkOYtCm-Qw7jS-cE2eVKcgDsQf3oS6RYAoCZ_4AsVaKDHTgHE3tFUPDOizhTGTkXm-x4sncriFcDWds5a_O1w6VVthv1vKjbJVNIlNDx7jNdvbY4rZamq2-Rp12OQlqWB94E9AVdvpvHfGo4IjLf8v90c8JtPqXwuqIWLTK5tylmiKbFaTz3NzV_divl0YuJMdRD-7OirnNO30t4R8TQqBgmN0h3kuyJoFXil9tiI99pUdYOoJgT1GvaIs851JHH7xI3orLs8YCU23kHFmPCJMW5Cz6xw6qQVHtB5z4p0DRhmUR47zQLF6DzYGDvFWBwX6X33zomayZ__EdeuckESZlUFOzmggM-ALwutuK3kHmCoA1id8ams7a2LfFo7wg3O4alSooKN6eOD4B-MSsciGQ3DjpxY9vhv0L6HYh8_yXaWeEhLu78pWNuVsK_bq0DyIU9YWuK_OtODDdjL2StTBADOy2dafBLc-Pkhrw62g7-5QDfAfkkd4ycO2r1WTNXN97A42Jj7q7EvwadvnXqYeR0cIisVyGRUH87pWPnfeurDHXfojV1LFw0bngF_Hc6prRmTNoCPdvcFvNk7Q15u5bBT_BxVoxBgJZa2EROygVxJ5Xnbl9NZubqEWulAad-l-HePfEWEGUPlm2nBL5o6NtM9Hn0qJpdIOX3JXRWp1eZLQhnR70P8qZKdne898YFmMfymg5cuLvEhnJJqnf5iu5Or0WV91887W-NGTLMTm-dYe76HfssOTFfSgIJxfiFtcpjwc5JZduFDteQKx54JZLrnESI15IA3InHbfQu6T9veiKON9LxDQKDNx9eZakhPGMkelRDYizd4KE2ad2mMrtSwMkU40KMr8qHwpsbPX7KbjoB9Re4l7Z_TQT12W5ygm_8rJWlbfs4tyntXJ9D8IG6o98V7F1rCQ0nngwhif1P8vVjOLXzkAXMnmm2IKdMTCNk0eEBU5mW95nLznB-K8YZ_Iv1Iqgf7Jnqcl-RpkLz8A_nrJzsjI-nLmvrnYla-5KHwE79EjtU92q1iQo3nIkrSpYBurQxlOeMUPnfbwCe5jm5aFXQK90hHgcuzCPCKqdtWXLUhDGOUBsoBOdxdYtNrj2oJ2d-3WQXfjgw-lH28bu-du22BGflalESxXfXiOdHhA3ek6EEqlDUEZ8z373vsu1G5u92VvM7rV-wZnzioYjIYH77CrpScChkXMVp0f61cdpkGhHVnWBEsQER-BybyKWeWsg9sKD9QEZpsWgL0nBEV4tX_XKA8CpM2_Oy0Hb1Hpdghb5fLxt3upUuLT9Gyy-vMdGmKvoNNcHij1Mgo7548s4UHJjO22EjbjBz_plkSmp3OlcGq1QxDYbOBBnAyuZsnEgPh7MrXCVyXa8AHIw5DHOerzIyYDY0uy4yoDWcuvYes3blf27UgDMPjrjbEsotOkPG6UafLFy4Ba8lzmaThwCMpaD34HWS_Mo8upSGKFfkpXXx5Af6bI63Nk0d26p6NxEaxRmaNPWLiTN6EicDU6sYt7nG5qg0sjBiK_CXyT4Ta4UtdpUWyDK07Z0J0H12ocOxzbqbDcCZnEF7P-JSmhQmmKxxZ3TjxzKOEmfwjsiyTrDnxLIGVxy7Z47NkGVvKTd2MpMHsnp7EQaaXV52DuxckhRhDCbPkIRP8t4oWAsFJry1InSo-Bxutr3Sm9ArIfW08lZmGXZ1yK4LYWXVw3TJcZOId6y45ABulgT44Lj5c62o0WJGXr6rCMVgFdvxnBwDDlTqGHS6AZld5dooIH49WrPt_Abvo1flUYl2OaioQfm0ThN28nJFihJNFuFMizz5Qs15-6Bfegq4qio0j9_igw_YsIXGBRpflmJhKzRnmgwHUwNisUSxgPKLDXHPwgdgsrR0Atryrb1_NOK4NOqIKV3ptp0EYL17NdO13ZeU95gnFFCT6-00bfmWPpHYXaM7zLnmuDwQo95fzlOHHQw-svyVi7Ert9B9hjBx97MNEIJILATQ2K6ZYne3BYJ1XiGtLG_LBVKuhuiNv1mMKXpD36uQhZpTINWHip_A5nAAKiPRNu6umiMZyZ9Szu1khxxYl3DREaGBGCOiIqrtZLpmNafAqhUAHSobqilDDF4A-16fLvJQ48iSPnFaBY1VgZFOnFYUkWezrrjLJYUzOaR9MiFx1JWXG-G7UDq4TYdmLnF1YoUB6bKmmQJ3u7WAVABpE563HZFNnxQyQXJCpUAq-uPUAnhH_tCEw_hd10BYrU-dPdTuoloZjJGpjwmjzpTXhJKX3ph5ub89DkAFQaZwmoI-A-7zC86P0MVkJdFXZ78IKRClouZZfy8VFiKTcXoNPDhy3USjmmhWHezU2F68HFux20mbGB1uC_JZkh_QHT5dHO_AVWuCd0iHMp_hYEXcSG7WGWTpzRRFKkXGxbXYk36ZB5nhq58si6SLGO8QeYvnFrroPhLTlMz1zrpUlHopTt7FLrS1LGUxXJnMg_wVpaa6hvmgZlIn_YO11gCMELH1d5sLf8BNWQdp7_bFzEls7MIf35XGmj9l9ldrHyd68b2L2rACGJpGdR9ECoSHn0w5SS_VC3DA2FCFwsTOtcJRLaRjoAPMn4uWtGT33mz2cY_9F_aE5FLMC9Zff7R7UbLTtxpT9guyWj-MnVojp57DXKCpzMgZWfitGm-Qd7ilQcMQ72dO459OexQ-FaDJF9My5VZd6I1XMKbZuG_V3Q6XVNz3P7BMlvMOzLdaEsDcr7lNlNGX_f2cdJt-XMIsu4N91OQ6EtDa4GYdbMysSMFVY_KLUg511Ew1MItLkE0v_dNdrlz0IWud-zKOB7amytDQl2m8zzIY6vAUMyXWNUPGDnk3ZGYXSGGtZJPpBKiSb0R7vNWvKbnXhsp2jy79kXMgo1L0J01o-3SrVcrqjWOsBDIg6dx1Lv08wgT2haFj51PaW4y1uWEEd9QnIuaVVQ7CZt33kk7JeuJaAOt5Yd73Un_36KylSdgiD7oMxmgbOREXihtvPcGkHmBE3jMQG-0yz9_CAx8248fAt0v1qeu_e6v2V5OGO1e5uwQuBeG3MgxHtEvhMmHQkvgne3w25jYeh3ZI7qdLS4iidluYXx_bV51SQTG1lc5QBSiGToQ78KozXVKOmXKJ06Mm3MIPo-6H8ZBeJ5fLdg5e2EOUDd7x7q00gZAwbcxxnXR6Q8dIyWYDK1qnrTti2hyPqjEUavOLewNP4Mg-31bh6X_LO5FnFq8Y1JkePdaWBh7hTswyD1iX_6h9p1gGGge2WhKU3k0KhH7Nj7HhLRqyAOrAo_Ftfsi42Vurt-kccZUS3HTo621r9ezEJRNTpcjiDjZmqbcEqWl6TauC2-ovrHQwjWSKwAwVFmyF77ddpH7yfjXaKi8Yi0f81j6WFyOtqssCOfJ97oju114fbqfB_UV0AtUzH9ck5gJEwqDENJmMeDIRYm_ODY4h4gHay4vox6ypxjFYbc7JBxVbSJc-T_9h407r3wTy6fIJIsNwFinnNL8_n6U4H6inbFi-CAoCGSuzh_kUuQe9ZIyL67LM3hcnuXtV40YQD8sDroztjZc2MkyIM2AVwEeS-iFRxRkjuh-8wXtj4YRwRtcn9-UsTPp4f4ymY0IRbpor544Msbih21IK235fCWHTObaLbsZ47UmfnWkWctUFaSp1OLIedGVTum199Y3ufzVPKksSU9G-NSNPkjgyNvUG9K2GTM5mOyyfRc9JZQXV75w32XulRJjSNkkJTZVZq_s6RMfkMWEmtd7P0D-aYZPOLdbK4WP8_So4r_n4Udessq_8fZNK9vBdCP5XBN6X-2a6NDs2AphY7aKQsvxu0ABthd_OrIh1DOAQZRusykBM0Qnx8cF6ZOtXP7MkvuAvqO9i_gDragxNnnejl9MkZZVl4lFBQsn9SiP78wvPw-K7KzexuUBpBCAQSOwAvHhf_2kyPXCmO0fz-vdcL_iz5bBJCSNYLlDvJuRcEIG0U2pclXuEnyz95p-gwjY5OZeTVUfStbiePGAFgAQ&bundleId=&ias_dspID=3&ias_campId=1013172746&ias_pubId=pub-9153399113741741&ias_chanId=1&ias_placementId=20409788283&bidurl=https://culturaenegocios.com.br/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0jL_G-lsoEtPT3wvcEunjqR&adsafe_url=https%3A%2F%2Fculturaenegocios.com.br&adsafe_type=y&adsafe_url=https%3A%2F%2Fculturaenegocios.com.br%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Ffe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Ffe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:f2d82ac4-604f-3d8c-8c94-b232f8412f45,c:2nysav,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-74b57f8799-978xh,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:2,mot:0,app:0,maw:0,fm:u2rnEQv+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b1%7C1b21%7C1b3%7C1c*.1520146-76103085%7C1c1,idMap:1c*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:12,oid:ce8fddb2-bc04-11ee-82d4-86d168e5e0b7,v:19.8.476,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5fa42c1d96f1d20bb0a5c0f1468aba661ad4c3584dd51646a3bfb996e869b8dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 03:29:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4160
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11931
x-xss-protection: 0
server: cafe
etag: 11828260617052087593
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Feb 2024 03:29:33 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 93EF 1 KB
643 B 18ms
18ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com
URL: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 69923
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 25 Jan 2024 09:13:30 GMT
etag: 48472445140208031
expires: Fri, 26 Jan 2024 09:13:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 40B8 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1000dd0118b44f24faed60a90f63063520b63c17ece41a7292ce9a8309190a5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1F65
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEOGYErHNkOIhrdgysZm0Y9M&google_cver=1&google_push=AXcoOmRijvuGoilZqjFiZdZrQjLuUOc1si7JUtzpXVIkMIqFfXTCAjeg090fyzAYcdhWRVa_MjTbsdcBnt4...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRijvuGoilZqjFiZdZrQjLuUOc1si7JUtzpXVIkMIqFfXTCAjeg090fyzAYcdhWRVa_MjTbsdcBnt4OtnMDrsqK5HEsUO_NrA&google_hm=aDHJ_541T8mph8kBYg...

170 B
188 B

30ms
29ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRijvuGoilZqjFiZdZrQjLuUOc1si7JUtzpXVIkMIqFfXTCAjeg090fyzAYcdhWRVa_MjTbsdcBnt4OtnMDrsqK5HEsUO_NrA&google_hm=aDHJ_541T8mph8kBYgE0shQ

Requested by

Host: fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com
URL: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:52 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRijvuGoilZqjFiZdZrQjLuUOc1si7JUtzpXVIkMIqFfXTCAjeg090fyzAYcdhWRVa_MjTbsdcBnt4OtnMDrsqK5HEsUO_NrA&google_hm=aDHJ_541T8mph8kBYgE0shQ
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1F65
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEGHQGNS8_JeKx9oWEMX6mzU&google_cver=1&google_push=AXcoOmSnZH094W1lBqn_k_i-ROGD3krHmt7uxt8Kpl9DijVU5CwLwuaMdzfr3zOzJ6CodIib7j7LlsQDX5mkpT...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMyODI2MTg4Njk0NjkwMDEyMg%3D%3D&google_push=AXcoOmSnZH094W1lBqn_k_i-ROGD3krHmt7uxt8Kpl9DijVU5CwLwuaMdzfr3zOzJ6CodIib7j7LlsQDX5mkpT1L3R...

170 B
188 B

45ms
45ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMyODI2MTg4Njk0NjkwMDEyMg%3D%3D&google_push=AXcoOmSnZH094W1lBqn_k_i-ROGD3krHmt7uxt8Kpl9DijVU5CwLwuaMdzfr3zOzJ6CodIib7j7LlsQDX5mkpT1L3Rq3o5VWLuUzoQ

Requested by

Host: fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com
URL: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMyODI2MTg4Njk0NjkwMDEyMg%3D%3D&google_push=AXcoOmSnZH094W1lBqn_k_i-ROGD3krHmt7uxt8Kpl9DijVU5CwLwuaMdzfr3zOzJ6CodIib7j7LlsQDX5mkpT1L3Rq3o5VWLuUzoQ
Date: Fri, 26 Jan 2024 04:38:53 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1F65
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESENFwReEUquXdePKnHsqZqEE&google_cver=1&google_push=AXcoOmTlXO3b1XdD5PToxREvfE1aOHIQSOAT4GAu9xGQER1MdV07Dgp-I6fUqwcAbLs1cGtRkPbr5AJLL49NFG9c...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=2soAxqqZTRMae6F7SOcvCg&google_push=AXcoOmTlXO3b1XdD5PToxREvfE1aOHIQSOAT4GAu9xGQER1MdV07Dgp-I6fUqwcAbLs1cGtRkPbr5AJLL49NFG9cghIWWF001hcUvQ

170 B
188 B

29ms
29ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=2soAxqqZTRMae6F7SOcvCg&google_push=AXcoOmTlXO3b1XdD5PToxREvfE1aOHIQSOAT4GAu9xGQER1MdV07Dgp-I6fUqwcAbLs1cGtRkPbr5AJLL49NFG9cghIWWF001hcUvQ

Requested by

Host: fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com
URL: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 26 Jan 2024 04:38:53 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=2soAxqqZTRMae6F7SOcvCg&google_push=AXcoOmTlXO3b1XdD5PToxREvfE1aOHIQSOAT4GAu9xGQER1MdV07Dgp-I6fUqwcAbLs1cGtRkPbr5AJLL49NFG9cghIWWF001hcUvQ
x-host: tde-deliveryengine-production-84477bf6c-b9kzb
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1F65
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEAvbEXHpWklOZSp67_f7OhM&google_cver=1&google_push=AXcoOmQb3MbK30bqo36FlLb_9pceIG457shwOVAQ-OFzp2Y3WfgIuLLBDH-vHG2_xv3R75KKQBjkqB8KCj_txyZ1pX7W2tV...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQb3MbK30bqo36FlLb_9pceIG457shwOVAQ-OFzp2Y3WfgIuLLBDH-vHG2_xv3R75KKQBjkqB8KCj_txyZ1pX7W2tVVG5OLYQ&google_hm=eS1CTWsxelFwRTJwSFd6...

170 B
188 B

30ms
30ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQb3MbK30bqo36FlLb_9pceIG457shwOVAQ-OFzp2Y3WfgIuLLBDH-vHG2_xv3R75KKQBjkqB8KCj_txyZ1pX7W2tVVG5OLYQ&google_hm=eS1CTWsxelFwRTJwSFd6MHZ3dzFpUEpxcE1TVG1GUWpCVH5B

Requested by

Host: fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com
URL: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 26 Jan 2024 04:38:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQb3MbK30bqo36FlLb_9pceIG457shwOVAQ-OFzp2Y3WfgIuLLBDH-vHG2_xv3R75KKQBjkqB8KCj_txyZ1pX7W2tVVG5OLYQ&google_hm=eS1CTWsxelFwRTJwSFd6MHZ3dzFpUEpxcE1TVG1GUWpCVH5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1F65
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSLGI...
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-gfyvvGPcreimI4gIs5E7sawMtNjQHtBZzQmXig&google_push=AXcoOmSLGIUr1mwuc-GYsdTJd0OjQjqDBWiRzB8rck_NikAQmWogRzmObVmyfzTBu8SqWQSuLBQVx54QdXOp...

170 B
188 B

31ms
31ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-gfyvvGPcreimI4gIs5E7sawMtNjQHtBZzQmXig&google_push=AXcoOmSLGIUr1mwuc-GYsdTJd0OjQjqDBWiRzB8rck_NikAQmWogRzmObVmyfzTBu8SqWQSuLBQVx54QdXOpxGW9-jh10-UUPb46QA

Requested by

Host: fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com
URL: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:53 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-gfyvvGPcreimI4gIs5E7sawMtNjQHtBZzQmXig&google_push=AXcoOmSLGIUr1mwuc-GYsdTJd0OjQjqDBWiRzB8rck_NikAQmWogRzmObVmyfzTBu8SqWQSuLBQVx54QdXOpxGW9-jh10-UUPb46QA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 716231
content-length: 0
expires: Fri, 26 Jan 2024 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1F65
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKXLNwGE-nof-AicCjMiJwM&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKXLNwGE-nof-AicCjMiJwM&google_hm=ZbM3XHAZ1pIAoZnlm7D6UAAADG0AAAAB&google_nid=index&google_push=AXcoOmS4dHKZqr6FoRFXlt5ALDjohdE9k0e0B...

170 B
188 B

30ms
30ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKXLNwGE-nof-AicCjMiJwM&google_hm=ZbM3XHAZ1pIAoZnlm7D6UAAADG0AAAAB&google_nid=index&google_push=AXcoOmS4dHKZqr6FoRFXlt5ALDjohdE9k0e0BTmH8qW7FDE0QT0Bxm-kIiJod9LSdcQks8pR0CVdUInsZfUfJaYPkUBkr1AzsMli

Requested by

Host: fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com
URL: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U70f5sFE9zHuhZHLoC3wEwWbeq3LVDDxCOR22qBvg9IY5gX3bcOK0K4X1yKSt471Rvh69Qc5SzZsdMolhqeoV4IxJwgOICV4Hto5nl9gSuZu1WmDxovI61mHN6KYE81xs1lvdejItkJloQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKXLNwGE-nof-AicCjMiJwM&google_hm=ZbM3XHAZ1pIAoZnlm7D6UAAADG0AAAAB&google_nid=index&google_push=AXcoOmS4dHKZqr6FoRFXlt5ALDjohdE9k0e0BTmH8qW7FDE0QT0Bxm-kIiJod9LSdcQks8pR0CVdUInsZfUfJaYPkUBkr1AzsMli
cache-control: no-cache
cf-ray: 84b611a5bbf46a73-TXL
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1F65
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIKD7pCrhHnYn3G2tKja0U8&google_cver=1&google_push=AXcoOmTs-9ziV1Hen3ZjItj9NwjJrJhXueDTJ4qiauafTR7CSxQ9jbCQE3sicVi_nH1lnKhB_fs-5ico5jj6txVtA...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIKD7pCrhHnYn3G2tKja0U8&google_cver=1&google_push=AXcoOmTs-9ziV1Hen3ZjItj9NwjJrJhXueDTJ4qiauafTR7CSxQ9jbCQE3sicVi_nH1lnKhB_fs-5ico5jj6txVtA...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTs-9ziV1Hen3ZjItj9NwjJrJhXueDTJ4qiauafTR7CSxQ9jbCQE3sicVi_nH1lnKhB_fs-5ico5jj6txVtAUlkx5Co4B5m&google_hm=IDdWAGZHrYX5u5RITIa1BCFb

170 B
188 B

30ms
30ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTs-9ziV1Hen3ZjItj9NwjJrJhXueDTJ4qiauafTR7CSxQ9jbCQE3sicVi_nH1lnKhB_fs-5ico5jj6txVtAUlkx5Co4B5m&google_hm=IDdWAGZHrYX5u5RITIa1BCFb

Requested by

Host: fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com
URL: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTs-9ziV1Hen3ZjItj9NwjJrJhXueDTJ4qiauafTR7CSxQ9jbCQE3sicVi_nH1lnKhB_fs-5ico5jj6txVtAUlkx5Co4B5m&google_hm=IDdWAGZHrYX5u5RITIa1BCFb
access-control-allow-origin: *
date: Fri, 26 Jan 2024 04:38:53 GMT
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 0
access-control-allow-methods: GET, POST, DELETE, PUT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 1F65 0
12 B 29ms
28ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ISZr5ePGzm1fTjnkLm-jym0U7Nfq8vP0ebQsbfYmNxGeddsQTINdhzsyKz9JHik6mz45va

Requested by

Host: fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com
URL: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:53 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 93EF 0
104 B 231ms
115ms Image
text/plain 2a02:fa8:8806:21::1690
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEDj2BGYnJaj7wdq4-PGQbAg&google_cver=1&google_push=AXcoOmRXGMGvDU1nMwWeyOOYmTx9l3JomZo0Tc0Ry_y6d2SfmdsjI-t6JXnbmeGnAmPAdGE6FqE_-Zz6-fYtidS4v31STWEJi_I
Requested by: Host: fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com
URL: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:21::1690 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:53 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 93EF
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEJILvo26gFn6QT9BksbgQXQ&google_cver=1&google_push=AXcoOmQJ9DVbCXAKkKBfnMshfYRkrfASdLQEgAySFqTGdcus1x9i_g5tQL89H6yb5NG4fzMdVSDBdaBYFT8oH0WABPejZy2rKPNA&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJILvo26gFn6QT9BksbgQXQ&google_cver=1&google_push=AXcoOmQJ9DVbCXAKkKBfnMshfYRkrfASdLQEgAySFqTGdcus1x9i_g5tQL89H6yb5NG4fzMdVSDBdaBYFT8oH0WABPejZy2rKPN...

43 B
416 B

186ms
175ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJILvo26gFn6QT9BksbgQXQ&google_cver=1&google_push=AXcoOmQJ9DVbCXAKkKBfnMshfYRkrfASdLQEgAySFqTGdcus1x9i_g5tQL89H6yb5NG4fzMdVSDBdaBYFT8oH0WABPejZy2rKPNA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQJ9DVbCXAKkKBfnMshfYRkrfASdLQEgAySFqTGdcus1x9i_g5tQL89H6yb5NG4fzMdVSDBdaBYFT8oH0WABPejZy2rKPNA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com
URL: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:53 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 84b611a78b61365b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:53 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 703
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJILvo26gFn6QT9BksbgQXQ&google_cver=1&google_push=AXcoOmQJ9DVbCXAKkKBfnMshfYRkrfASdLQEgAySFqTGdcus1x9i_g5tQL89H6yb5NG4fzMdVSDBdaBYFT8oH0WABPejZy2rKPNA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQJ9DVbCXAKkKBfnMshfYRkrfASdLQEgAySFqTGdcus1x9i_g5tQL89H6yb5NG4fzMdVSDBdaBYFT8oH0WABPejZy2rKPNA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 84b611a66ad7365b-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 93EF
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEMAFarIQ6UNshljUdZZUMQU&google_cver=1&google_push=AXcoOmRWyhm25AEGZn2EJM7GsHqEWv0_LIys-dPxp4lYQ5J5dA1fHksN6JBTaktViRuGiRXPbhlK7TaxNXzc-Sr3...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=1lFCSriiRqYqbszJ9GJLgg&google_push=AXcoOmRWyhm25AEGZn2EJM7GsHqEWv0_LIys-dPxp4lYQ5J5dA1fHksN6JBTaktViRuGiRXPbhlK7TaxNXzc-Sr3c3rJGdw6Es7r

170 B
188 B

30ms
30ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=1lFCSriiRqYqbszJ9GJLgg&google_push=AXcoOmRWyhm25AEGZn2EJM7GsHqEWv0_LIys-dPxp4lYQ5J5dA1fHksN6JBTaktViRuGiRXPbhlK7TaxNXzc-Sr3c3rJGdw6Es7r

Requested by

Host: fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com
URL: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 26 Jan 2024 04:38:53 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=1lFCSriiRqYqbszJ9GJLgg&google_push=AXcoOmRWyhm25AEGZn2EJM7GsHqEWv0_LIys-dPxp4lYQ5J5dA1fHksN6JBTaktViRuGiRXPbhlK7TaxNXzc-Sr3c3rJGdw6Es7r
x-host: tde-deliveryengine-production-84477bf6c-x8f42
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 93EF
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPPBFB1ZaOiLXPdK48J2Yd0&google_cver=1&google_push=AXcoOmR_NsCiw05ze5sNZAr3Ma3MkvJhseL_Wjbx5dZHzbdMFbDQP0rZ6D3pig6Fj36l6hMt337lMGEP...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEPPBFB1ZaOiLXPdK48J2Yd0&google_cver=1&google_push=AXcoOmR_NsCiw05ze5sNZAr3Ma3MkvJhseL_Wjbx5dZHzbdMFbDQP0rZ6D3pig6Fj36l6hMt337...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjEzMTE0NzE3NjMxMzIxNDA3Mw&google_push=AXcoOmR_NsCiw05ze5sNZAr3Ma3MkvJhseL_Wjbx5dZHzbdMFbDQP0rZ6D3pig6Fj36l6hMt337lMG...

170 B
188 B

31ms
31ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjEzMTE0NzE3NjMxMzIxNDA3Mw&google_push=AXcoOmR_NsCiw05ze5sNZAr3Ma3MkvJhseL_Wjbx5dZHzbdMFbDQP0rZ6D3pig6Fj36l6hMt337lMGEP-f_EJ1a_wPqGsrjhrjNX

Requested by

Host: fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com
URL: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjEzMTE0NzE3NjMxMzIxNDA3Mw&google_push=AXcoOmR_NsCiw05ze5sNZAr3Ma3MkvJhseL_Wjbx5dZHzbdMFbDQP0rZ6D3pig6Fj36l6hMt337lMGEP-f_EJ1a_wPqGsrjhrjNX
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 204 -
s.ad.smaato.net/c/n/// Frame 93EF 0
237 B 133ms
30ms Image
text/plain 2600:9000:211e:7000:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEGqHuXmvC_to2oN2NqSnCOM&google_cver=1&google_push=AXcoOmRxzn7UMUHuzXTdJAVVU18FLnzvx1ooRLOHsWL2ErsDXBiWYx-IbdHvmbCWt-yoCpc0Vf8P9OfM2juvVipLCenlvAca3b4
Requested by: Host: fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com
URL: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:7000:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:53 GMT
cache-control: no-cache, must-revalidate
via: 1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: _lqq6N4sh3W3qaAiYuUmiRjDNz_vhoIq8PfvZ3JRlgsK-ywXTOD32g==
x-cache: Miss from cloudfront

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 93EF
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEG...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmSjMnnyVQudraKE2ZUsL43AJwsrwVD8JIM4uUZOPT5_GS9gKLzR966Yc-ZY1U3rk2A9JkiewK7EFKlpYZRL3riemqDeJXio&redir=https%3A%2F%2Fcm.g.doubl...
https://sync.targeting.unrulymedia.com/csync/RX-c25a787d-5ea4-45a3-8e2b-3f35154baa10-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmSjMnnyVQudraKE2ZUsL...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmSjMnnyVQudraKE2ZUsL43AJwsrwVD8JIM4uUZOPT5_GS9gKLzR966Yc-ZY1U3rk2A9JkiewK7EFKlpYZRL3riemqDeJXio&google_hm=A8JaeH1epEWjjis_NRVLqhA

170 B
188 B

30ms
30ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmSjMnnyVQudraKE2ZUsL43AJwsrwVD8JIM4uUZOPT5_GS9gKLzR966Yc-ZY1U3rk2A9JkiewK7EFKlpYZRL3riemqDeJXio&google_hm=A8JaeH1epEWjjis_NRVLqhA

Requested by

Host: fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com
URL: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmSjMnnyVQudraKE2ZUsL43AJwsrwVD8JIM4uUZOPT5_GS9gKLzR966Yc-ZY1U3rk2A9JkiewK7EFKlpYZRL3riemqDeJXio&google_hm=A8JaeH1epEWjjis_NRVLqhA
date: Fri, 26 Jan 2024 04:38:53 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXc25a787d5ea445a38e2b3f35154baa10003
content-type: text/html

GET
H/1.1 200
OK https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25
x.bidswitch.net/check_uuid/ Frame 93EF 43 B
235 B 36ms
36ms Image
image/gif 35.214.149.91
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEKPSMIRIw4aLXAuiAhO1N5Y&google_cver=1&google_push=AXcoOmT0xrgXcbJ8N8nHViGG3l-KU6Zz3fM5ES-gPBDN3ghFfuonWgIiLw6XuJVCy-qUzR-U2btMcmOI3K6pNqXaSuFAWBBV1THKzQ
Requested by: Host: fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com
URL: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 91.149.214.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 26 Jan 2024 04:38:53 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 93EF 0
12 B 27ms
27ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KDWHgV0S-MaLgmqypemwcdtE9Mh0ONeQJKWUVZO30fmnrSz6_jVJ33LjgF5poF--Q0EugRog

Requested by

Host: fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com
URL: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:53 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame D0E8 0
0 54ms
53ms Fetch
image/gif 142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjstYWmvgrBz-Ncqnp3cspyZVSlY1nQ-xUFuGWJnaLakOH9C0Rs7clfYmUX7TId1QZjlsvHZi_EFVCgzIaBUAO3pNo5wzplaoWSpOxpCgpXGMoF6yVp7pnA_QTL2i0OcIPf86C0iKQ6XQZqxXnjIzoJI9yUPVtw0aItAT7VzCX2su9RTY2VHOQoOuNysetHn5zPMk0l2aHT6WFjl7zHflLoZZ9tEsbDQ6l8_JB1ji6YnKdZEojqoFp-9-&sai=AMfl-YRqNUQ0PXHyRsYBI6qybUALOzXQ3e0vuJVAn1J-mCZ6TxxpOQG7wGNen8Ky33Uo3cfB1TzzgRlfPgW_aC_0vrbswl1DhwZMtiTg52yYqYHX_n87MnZ9e5GsBrcQZHOwvIytoKxBNOWUwvO5YYFm-8eyUQ&sig=Cg0ArKJSzAuByXuIGP_xEAE&uach_m=%5BUACH%5D&cry=1&crd=aHR0cHM6Ly9jaXNjby5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=109&vt=11&dtpt=108&dett=2&cstd=0&cisv=r20240122.59815&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/15555671415660452180/UK-ENG_XA-07_0_970x90_BAN-A_HTML5_TOFU-no-B2P-RAeBook-ALL_0_105/ Frame 0F91 88 KB
31 KB 20ms
19ms Document
text/html 142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15555671415660452180/UK-ENG_XA-07_0_970x90_BAN-A_HTML5_TOFU-no-B2P-RAeBook-ALL_0_105/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

sffe /

Resource Hash

74b9bda0e1307617afb30ff3a77e6c86fa7bd02b2132c327953e45080ceeec02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 174106
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 31271
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 24 Jan 2024 04:17:07 GMT
expires: Thu, 23 Jan 2025 04:17:07 GMT
last-modified: Wed, 21 Jun 2023 11:27:11 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 40B8 0
0 53ms
53ms Fetch
image/gif 142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsuHL3lK3BmoegsW72J9Tuer1zK3NcOU7XwfQlFOD680ZNa5mrYAO4EA4vwW2Foa50n91xKIpm1o2QfkMShgGpXvpEctEyTX-znbZrm1pyamEKw4Cb-JmLcQC2NG6wiCq9R16GrEtAx3Ayg8_9QqeQrMPflao89tqbz7_BJYs6J9AF2VyDXofx4d5uL9mdlGlDj19omHCQzt74ce05Zpwe7SW-m_r0cmv41sAV2Si9qf3wB7fdibjg_5&sai=AMfl-YSrWCZle02oUCPvHZsp1f1TWdhEDkhyRhjYLDqjCq_z6a5awqd0r74UuJGMOT5FXMphSZ6pS_d60kNy6eFkqBcM6ENy7o_haF9727datawqp3smxTIBCa3tSs-VDd8DM29-sD6fJxSS807R8eyr93P1ug&sig=Cg0ArKJSzFVMiWZTiePYEAE&uach_m=%5BUACH%5D&cry=1&crd=aHR0cHM6Ly9jaXNjby5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=92&cbvp=1&cstd=90&cisv=r20240122.74873&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame D0E8 43 B
215 B 235ms
179ms Image
image/gif 2600:1f13:800:7780:bad:39fb:3054:9ae2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1520146&asId=5fcedbde-3d1c-5b2d-a71f-9581212919ff&tv=%7Bc:2nysfU,pingTime:-10,time:384,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjIyNCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1706243933161%7C%7C71c87b839be6cb16e99cbdeafd6ceea2%7C%7C09dd4f7e094d0daae996260c074cbdea%7C%7Cbb4d7ceb4a736072e065644f73b56a4b%7C%7C6bbac6c7c41960779306959ed0ed9854%7C%7C40671475bb96345fe18750295ad03a09%7C%7Cdc98011fad2d173fcad5f9cd17e8e4ad%7C%7C0a62eb81da90850c2db25a1c0214ab68%7C%7C1663701684%7D
Requested by: Host: fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com
URL: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:bad:39fb:3054:9ae2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:53 GMT
server: nginx
x-server-name: dt18.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 Cisco_cyan.svg.js Show response
s0.2mdn.net/sadbundle/15555671415660452180/UK-ENG_XA-07_0_970x90_BAN-A_HTML5_TOFU-no-B2P-RAeBook-ALL_0_105/ Frame 0F91 3 KB
1 KB 19ms
19ms Script
application/x-javascript 142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15555671415660452180/UK-ENG_XA-07_0_970x90_BAN-A_HTML5_TOFU-no-B2P-RAeBook-ALL_0_105/Cisco_cyan.svg.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15555671415660452180/UK-ENG_XA-07_0_970x90_BAN-A_HTML5_TOFU-no-B2P-RAeBook-ALL_0_105/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

sffe /

Resource Hash

c70489f5c3c113d624b62a73bdfd5fad67e9ab85f6a7f548d91d4bdb96654adc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15555671415660452180/UK-ENG_XA-07_0_970x90_BAN-A_HTML5_TOFU-no-B2P-RAeBook-ALL_0_105/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sat, 25 Jan 2025 04:00:04 GMT
date: Fri, 26 Jan 2024 04:00:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2329
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1011
x-xss-protection: 0
last-modified: Wed, 21 Jun 2023 11:27:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 0F91 10 KB
10 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 669a7d976f875b9e0f7aca66be35f39ac91de8d4feb8f859d44281210e4ecdec

Request headers

Referer
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: font/woff;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 0F91 7 KB
7 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: df599e71678acc546ca43d19081e5b912b3fafcae8d5aff568320da06a1c0b46

Request headers

Referer
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: font/woff;charset=utf-8

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame 40B8 0
0 52ms
52ms Fetch
image/gif 142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsuHL3lK3BmoegsW72J9Tuer1zK3NcOU7XwfQlFOD680ZNa5mrYAO4EA4vwW2Foa50n91xKIpm1o2QfkMShgGpXvpEctEyTX-znbZrm1pyamEKw4Cb-JmLcQC2NG6wiCq9R16GrEtAx3Ayg8_9QqeQrMPflao89tqbz7_BJYs6J9AF2VyDXofx4d5uL9mdlGlDj19omHCQzt74ce05Zpwe7SW-m_r0cmv41sAV2Si9qf3wB7fdibjg_5&sai=AMfl-YSrWCZle02oUCPvHZsp1f1TWdhEDkhyRhjYLDqjCq_z6a5awqd0r74UuJGMOT5FXMphSZ6pS_d60kNy6eFkqBcM6ENy7o_haF9727datawqp3smxTIBCa3tSs-VDd8DM29-sD6fJxSS807R8eyr93P1ug&sig=Cg0ArKJSzFVMiWZTiePYEAE&uach_m=%5BUACH%5D&cry=1&crd=aHR0cHM6Ly9jaXNjby5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=193&vt=11&dtpt=101&dett=3&cstd=90&cisv=r20240122.74873&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 04:38:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 26 Jan 2024 04:38:53 GMT

GET
H3 200 ART_CISCO_Q3Social_RA_Campaign_eBook_PaidMedia_300x250_v1.jpg
s0.2mdn.net/sadbundle/15555671415660452180/UK-ENG_XA-07_0_970x90_BAN-A_HTML5_TOFU-no-B2P-RAeBook-ALL_0_105/ Frame 0F91 18 KB
18 KB 18ms
18ms Image
image/jpeg 142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15555671415660452180/UK-ENG_XA-07_0_970x90_BAN-A_HTML5_TOFU-no-B2P-RAeBook-ALL_0_105/ART_CISCO_Q3Social_RA_Campaign_eBook_PaidMedia_300x250_v1.jpg?

Requested by

Host: fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com
URL: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

sffe /

Resource Hash

edcf2dd4d866dc95db5d4df44a6093adc112cea6ccb9d59f08c3922274d008e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15555671415660452180/UK-ENG_XA-07_0_970x90_BAN-A_HTML5_TOFU-no-B2P-RAeBook-ALL_0_105/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Wed, 22 Jan 2025 19:12:17 GMT
date: Tue, 23 Jan 2024 19:12:17 GMT
x-content-type-options: nosniff
age: 206796
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18752
x-xss-protection: 0
last-modified: Wed, 21 Jun 2023 11:27:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15555671415660452180/UK-ENG_XA-07_0_970x90_BAN-A_HTML5_TOFU-no-B2P-RAeBook-ALL_0_105/ART_CISCO_Q3Social_RA_Campaign_eBook_PaidMedia_300x250_v1.jpg?

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15555671415660452180/UK-ENG_XA-07_0_970x90_BAN-A_HTML5_TOFU-no-B2P-RAeBook-ALL_0_105/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

sffe /

Resource Hash

edcf2dd4d866dc95db5d4df44a6093adc112cea6ccb9d59f08c3922274d008e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15555671415660452180/UK-ENG_XA-07_0_970x90_BAN-A_HTML5_TOFU-no-B2P-RAeBook-ALL_0_105/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Wed, 22 Jan 2025 19:12:17 GMT
date: Tue, 23 Jan 2024 19:12:17 GMT
x-content-type-options: nosniff
age: 206796
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18752
x-xss-protection: 0
last-modified: Wed, 21 Jun 2023 11:27:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 40B8 43 B
215 B 213ms
213ms Image
image/gif 2600:1f13:800:7780:bad:39fb:3054:9ae2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1520146&asId=f2d82ac4-604f-3d8c-8c94-b232f8412f45&tv=%7Bc:2nysj6,time:545,type:e,im:%7Bpci:%7Btdr:507%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:545,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:12,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B540~0%5D,as:%5B540~970.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u2rnEPU+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b.1520146-76103085%7C1b1%7C1b21%7C1b3%7C1c*.1520146-76103085%7C1c1,idMap:1c*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:13,sis:223%7D&br=c
Requested by: Host: fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com
URL: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:bad:39fb:3054:9ae2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:53 GMT
server: nginx
x-server-name: dt17.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
DATA 200
OK truncated
/ Frame D0E8 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 29642a044c3a732e9530ddf10e5b24afee08430986520ae19e0c8fe5d792dbbf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dt
dt.adsafeprotected.com/ Frame D0E8 43 B
215 B 177ms
176ms Image
image/gif 2600:1f13:800:7780:bad:39fb:3054:9ae2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1520146&asId=5fcedbde-3d1c-5b2d-a71f-9581212919ff&tv=%7Bc:2nysqG,time:1052,type:e,im:%7Bpci:%7Btdr:1007%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:1052,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:15,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1047~0%5D,as:%5B796~0.0,251~970.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:715,fm:u2rnEPU+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b*.1520146-76103085%7C1b1%7C1b21%7C1c.1520146-76103085%7C1c1,idMap:1b*,rmeas:1,rend:1,renddet:IMG.qs,siq:16,sis:234%7D&br=c
Requested by: Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:bad:39fb:3054:9ae2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:53 GMT
server: nginx
x-server-name: dt02.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 40B8 43 B
215 B 177ms
177ms Image
image/gif 2600:1f13:800:7780:bad:39fb:3054:9ae2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1520146&asId=f2d82ac4-604f-3d8c-8c94-b232f8412f45&tv=%7Bc:2nysrA,pingTime:-10,time:1071,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjIyNCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1706243933161%7C%7C71c87b839be6cb16e99cbdeafd6ceea2%7C%7C09dd4f7e094d0daae996260c074cbdea%7C%7Cbb4d7ceb4a736072e065644f73b56a4b%7C%7C6bbac6c7c41960779306959ed0ed9854%7C%7C40671475bb96345fe18750295ad03a09%7C%7Cdc98011fad2d173fcad5f9cd17e8e4ad%7C%7C0a62eb81da90850c2db25a1c0214ab68%7C%7C1663701684,sca:%7Bspg:5fcedbde-3d1c-5b2d-a71f-9581212919ff%7D%7D
Requested by: Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:bad:39fb:3054:9ae2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:53 GMT
server: nginx
x-server-name: dt07.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 40B8 42 B
174 B 58ms
58ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv4tggJ2NWaq-C3_QZQ8DbaXHmUu86p2_czdjJ5MHB4kFXO3A7nsXQ9mkvzisQR-YrzhgHe1hC9W_cK_PIFxHfUyoL7M9x-3tPh90QwcorZSEeHcLGRqRRi-0I7f3yR-lIu_b2OFn9DnGnTQIpmddh-otG6&sai=AMfl-YSmMfqHA_Roe6lKCvDjEr10Po0mbiSc3ifqAxFij3kI-9QhzvCUvre1epm7IIUuTMPyaYVEcCKBodDqhhnHKxQBCB4K_Ck_Dmy8Q1Pj92WCqlqZGNntoLeEwMs&sig=Cg0ArKJSzFCABQOC4qwUEAE&cid=CAQSOwAvHhf_2kyPXCmO0fz-vdcL_iz5bBJCSNYLlDvJuRcEIG0U2pclXuEnyz95p-gwjY5OZeTVUfStbiePGAE&id=lidar2&mcvt=1002&p=133,315,223,1285&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20240124&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2852280210&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=170624393300&rst=1706243932501&rpt=551&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D0E8 0
20 B 49ms
48ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3130736280687&version=m202309260101&ct=76&x=1&cor=3660099279167028700

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D0E8 42 B
64 B 61ms
61ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsshssvyUqJBpHdD-U99TwsXEI7WmIzMWj225s4Ylhe0RzRA5XMF3Qf01TPiFefU3mxiOSYIAJqt4Hc2RjX-h37gE8nTtOSesRJtil5G3vV9XLk2n9tHiqEfpbq3z5UJ5rt-3qhlk80ex1e8dLvKDc4sAnYU&sai=AMfl-YRtLjCzKQxAKnA-MruOY0q7CusnwzJh-v09y6zpckZx5qgz5dyFgjxvYHv--pW5cZKWh9UImlL5wB_-E_awc4ibzyjyiUeckRqBB9cJLbgd83VB14c_gEKXERk&sig=Cg0ArKJSzASolsp_kzMiEAE&cid=CAQSOwAvHhf_NHlPpARNEstuqckyjQ0SpJ6YRbZ5Mf2z-7-yc2hRQl9SbKpfy469AIgBfBQk5Od4bekU-J93GAE&id=lidar2&mcvt=1030&p=0,0,90,970&mtos=1030,1030,1030,1030,1030&tos=1030,0,0,0,0&v=20240124&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1403396578&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=170624393300&rst=1706243932453&rpt=666&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 40B8 0
20 B 49ms
49ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4995969478793&version=m202309260101&ct=76&x=1&cor=2260530472186362400

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 40B8 43 B
215 B 180ms
180ms Image
image/gif 2600:1f13:800:7780:bad:39fb:3054:9ae2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1520146&asId=f2d82ac4-604f-3d8c-8c94-b232f8412f45&tv=%7Bc:2nysMm,pingTime:1,time:2359,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:90,t:12%7D,%7Bpiv:100,vs:i,r:,t:1355%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1004,o:1355,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:12,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1351~0,0~100%5D,as:%5B1351~970.90%5D%7D%7D,%7Bsl:i,t:1355,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1003~100%5D,as:%5B1003~970.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:179,fm:u2rnEPU+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b.1520146-76103085%7C1b1%7C1b21%7C1b3%7C1c*.1520146-76103085%7C1c1,idMap:1c*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:13,sis:223%7D&br=c
Requested by: Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:bad:39fb:3054:9ae2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:55 GMT
server: nginx
x-server-name: dt10.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 40B8 43 B
215 B 178ms
178ms Image
image/gif 2600:1f13:800:7780:bad:39fb:3054:9ae2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1520146&asId=f2d82ac4-604f-3d8c-8c94-b232f8412f45&tv=%7Bc:2nysMm,pingTime:1,time:2359,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:90,t:12%7D,%7Bpiv:100,vs:i,r:,t:1355%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1004,o:1355,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:12,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1351~0,0~100%5D,as:%5B1351~970.90%5D%7D%7D,%7Bsl:i,t:1355,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1004~100%5D,as:%5B1004~970.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:179,fm:u2rnEPU+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b.1520146-76103085%7C1b1%7C1b21%7C1b3%7C1c*.1520146-76103085%7C1c1,idMap:1c*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:13,sis:223%7D&br=c
Requested by: Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:bad:39fb:3054:9ae2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:55 GMT
server: nginx
x-server-name: dt15.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame D0E8 43 B
215 B 177ms
176ms Image
image/gif 2600:1f13:800:7780:bad:39fb:3054:9ae2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1520146&asId=5fcedbde-3d1c-5b2d-a71f-9581212919ff&tv=%7Bc:2nysU9,pingTime:1,time:2879,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:0,h:0,t:15%7D,%7Bw:970,h:90,t:801%7D,%7Bpiv:100,vs:i,r:,t:1878%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1001,o:1878,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:15,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1873~0,0~100%5D,as:%5B796~0.0,1077~970.90%5D%7D%7D,%7Bsl:i,t:1878,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~970.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:179,fm:u2rnEPU+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b*.1520146-76103085%7C1b1%7C1b21%7C1c.1520146-76103085%7C1c1,idMap:1b*,rmeas:1,rend:1,renddet:IMG.qs,siq:16,sis:234%7D&br=c
Requested by: Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:bad:39fb:3054:9ae2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:55 GMT
server: nginx
x-server-name: dt08.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame D0E8 43 B
215 B 178ms
177ms Image
image/gif 2600:1f13:800:7780:bad:39fb:3054:9ae2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1520146&asId=5fcedbde-3d1c-5b2d-a71f-9581212919ff&tv=%7Bc:2nysU9,pingTime:1,time:2879,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:0,h:0,t:15%7D,%7Bw:970,h:90,t:801%7D,%7Bpiv:100,vs:i,r:,t:1878%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1001,o:1878,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:15,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1873~0,0~100%5D,as:%5B796~0.0,1077~970.90%5D%7D%7D,%7Bsl:i,t:1878,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~970.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:179,fm:u2rnEPU+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b*.1520146-76103085%7C1b1%7C1b21%7C1c.1520146-76103085%7C1c1,idMap:1b*,rmeas:1,rend:1,renddet:IMG.qs,siq:16,sis:234%7D&br=c
Requested by: Host: culturaenegocios.com.br
URL: https://culturaenegocios.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:bad:39fb:3054:9ae2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 04:38:55 GMT
server: nginx
x-server-name: dt18.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: prg.smartadserver.com
URL: https://prg.smartadserver.com/prebid/v1

Domain: sync.tidaltv.com
URL: https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a02225b6-7fcb-49c9-40ba-68a47d4b4720&reqId=0c4c8c35-54fb-4c99-4916-4c4ea17d9eb7&zdid=1361

Domain: bn01.er.bemail.it
URL: https://bn01.er.bemail.it/zeotap.php?_bid=a02225b6-7fcb-49c9-40ba-68a47d4b4720&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a02225b6-7fcb-49c9-40ba-68a47d4b4720&reqId=0c4c8c35-54fb-4c99-4916-4c4ea17d9eb7&zdid=1361

Verdicts & Comments Add Verdict or Comment

460 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

69 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 22:16:35	Name: _GRECAPTCHA Value: 09AJuq1xLoXsX8Kcd1QbZDeCXMoP4SXpEMwKyACU8DCD7ylR3BaaoYfdsC9Zt73JCxDOw1Yprl1R4aVAJiiGpQHOI
.onesignal.com/	1970-01-20 17:57:25	Name: __cf_bm Value: phJu8xh.TsmlwRyAy13Um45X2zFKUhy5L6o1xvMGeQw-1706243927-1-AQSokZwZ3xBTZJMvPKDJcCsDqQ9PU4l61VXEwLRdWEkWyHcmS2UWH2p9JDw4vixTs3FLR/T6VIKz2x1y7yNGd00=
.culturaenegocios.com.br/	1970-01-21 03:33:23	Name: _ga_PGDPR62NJV Value: GS1.1.1706243927.1.0.1706243927.60.0.0
.culturaenegocios.com.br/	1970-01-21 03:33:23	Name: _ga Value: GA1.3.37574242.1706243928
.culturaenegocios.com.br/	1970-01-20 17:58:50	Name: _gid Value: GA1.3.477644641.1706243928
.culturaenegocios.com.br/	1970-01-20 17:57:23	Name: _gat_czmb Value: 1
culturaenegocios.com.br/	1970-01-20 18:40:35	Name: clever-last-tracker-55018 Value: 0
culturaenegocios.com.br/	1970-01-20 19:23:47	Name: RBUUID Value: 0q9010e
pbjs.e-planning.net/	1969-12-31 23:59:59	Name: CT Value: 1
.culturaenegocios.com.br/	1970-01-20 17:57:23	Name: lotame_domain_check Value: culturaenegocios.com.br
.rubiconproject.com/	1970-01-21 02:42:59	Name: khaos Value: LRU5KXBA-2-25E6
.rubiconproject.com/	1970-01-21 02:42:59	Name: audit Value: 1\|hLZGFuTafB0ts2zhAS4JTbU1ZxogGjlwOA+xFj1I9scmP1H4Ec1c+9letu7l/ioAmvxGIWk75JDSpva79O49dMecYRMNRU7i4HEYI5ehIrV8EH8Atu/as77FQD2yB//hvsVAPbIH/+E=
.e-planning.net/	1970-01-21 03:33:23	Name: E Value: AEDoEsgpF4eLHR-K
.cazamba.com/	1970-01-20 19:23:47	Name: uid Value: 65b33758626b8
.cazamba.com/	1970-01-20 18:42:02	Name: visits:1704067200:2157 Value: 1
.cazamba.com/	1970-01-20 18:42:02	Name: _czu_1_1704067200 Value: 1
.cazamba.com/	1970-01-20 18:42:02	Name: _czu_2157_1704067200 Value: 1
.cazamba.com/	1970-01-20 18:42:02	Name: lastPub Value: 2157
.cazamba.com/	1970-01-20 17:57:27	Name: synced Value: 1
.openx.net/	1970-01-21 02:42:59	Name: i Value: 10a54459-8d6b-43fc-b615-19c57a3f726b\|1706243928
.criteo.com/	1970-01-21 03:18:59	Name: receive-cookie-deprecation Value: 1
.criteo.com/	1970-01-21 03:18:59	Name: uid Value: 683f67e0-e128-45b9-a9d5-f8d19ee1ea5f
.zeotap.com/	1970-01-21 02:42:59	Name: zc Value: a02225b6-7fcb-49c9-40ba-68a47d4b4720
.zeotap.com/	1970-01-20 17:58:50	Name: zsc Value: %24%3D%A0%ABH%F0%C6%98kmr%B7d%B6%F4%E5%B6%EC%07%0A%C9%80L%8C%E1%E1%F0%9FD%88%F5%00%23%05%21H%B08%08%1F%B1m%25XH%1D%2FYc%AFB%12%0F%A6%BF%DEj%CD%B6%C2_%0Fg%8A%97%CE%60%B0%1C%EBN%99j%EB%12%B4%A6%17%A2%95%95%FAc%EC%AD%5B%23%B2%E3%15P%60%8A%18%26%2C%FC%3FSF.%E4%B6%BE%F55%9E%8B%5D%93%99j%24%BA%BA%98%F6a4e%2CP%EA%9DN%B8%C4%9APG%90%F8%A7%B4%BF%96%AF%E0%E9%F1%BC%2AC%B7%8A%05%E74%DD%2B%A6%BFTt-%2B%CCQ%10X%1D%8E%94%F0%FA%E6T%2BK%7B%D3%AB
.culturaenegocios.com.br/	1970-01-21 03:18:59	Name: cto_bundle Value: ZsD0rF9HQ3RmRjlmNEpaYVEyeW5ic210TnZmS2pUSTBrbmpMZk42WERPSm9FSU9rMW9UaEwzQ3UwJTJGYnJmayUyRlhEVlpHTVZGazdiUkt0ZDR1UEhPY2J5dnA5bVBQU3hpMDBURHk1c25BJTJCb1FKN1JXbEtucFBnT29kSjk2N1NiMk12d0o1bndyN3JKNGV0NldvWEtlblZ2ZVdZZU04Uk5yTjlMZmZLUm1ZQjJmUmoza0ElM0Q
.doubleclick.net/	1970-01-21 03:18:59	Name: IDE Value: AHWqTUkUBtvVZPbQHkPLC67nVh82hLxpvOZ22ZD4jGOakRiqd49GKMAcQMKyMAa29fk
.culturaenegocios.com.br/	1970-01-21 03:18:59	Name: __gads Value: ID=382ae9e66152ebb3:T=1706243932:RT=1706243932:S=ALNI_MaiI6YcEa6pR0b0ZJjhWA4DlkdALA
.culturaenegocios.com.br/	1970-01-21 03:18:59	Name: __gpi Value: UID=00000d49ba2a0de5:T=1706243932:RT=1706243932:S=ALNI_Mb_iAZf3v9X1isPy54WgihRNgqHiw
.navdmp.com/	1970-01-21 02:43:20	Name: ac3 Value: 1
.tapad.com/	1970-01-20 19:23:47	Name: TapAd_3WAY_SYNCS Value:
.tapad.com/	1970-01-20 19:23:47	Name: TapAd_TS Value: 1706243932502
.tapad.com/	1970-01-20 19:23:47	Name: TapAd_DID Value: d8263f39-01f4-4263-a926-f6cebaa17a64
.yahoo.com/	1970-01-21 02:43:21	Name: A3 Value: d=AQABBFw3s2UCEMBFXJCtof9J2dUXzqetxqUFEgEBAQGItGW9ZeANyiMA_eMAAA&S=AQAAAqJyBsZE-qgP-EQM7-VducQ
.adfarm1.adition.com/	1970-01-20 20:06:59	Name: UserID1 Value: 7328261886946900122
.adnxs.com/	1970-01-20 20:06:59	Name: XANDR_PANID Value: sb7SEBNqKcIh5S49_U8p_9mfNYRmLeBAxK3ggS1_Cdv0Qa8qCcEsMq_Se7rxyxkMauNUnaFfz4kBB8SzFY0iIQ6SY9_KJSpPOU78wde17Yw.
.adnxs.com/	1970-01-21 03:33:23	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 20:06:59	Name: uuid2 Value: 4364897052789322410
.weborama.fr/	1970-01-21 03:23:19	Name: AFFICHE_W Value: AWcQbA7HDJwB78
.demdex.net/	1970-01-20 22:16:35	Name: demdex Value: 47622039860759293112579590827818019451
.adnxs.com/	1970-01-20 20:06:59	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVJrefIN!]tbPl1M>e)ZlrFUfJ+tGXxp:L.au?F:/L$PPo?HBI]gd`Y6IUX^V.FFDfD`3If)y3KL9D3I?+:U84yR
.doubleclick.net/	1970-01-20 22:16:35	Name: APC Value: AfxxVi6Ht6UDi9mRnA7e6YTpoQ79njhV88JRNjhYmr_GtFT1JbZfIA
.navdmp.com/	1970-01-21 03:33:23	Name: nid Value: 1408335b8e9a314dc7781251fe10\|1\|56
.casalemedia.com/	1970-01-20 20:06:59	Name: CMPS Value: 3181
.dpm.demdex.net/	1970-01-20 22:16:35	Name: dpm Value: 47622039860759293112579590827818019451
.analytics.yahoo.com/	1970-01-21 02:42:59	Name: IDSYNC Value: 19ah~2ge4
.vidoomy.com/	1970-01-20 20:06:59	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJvcGVueCI6eyJ1aWQiOiJmYWQ3ZjRjZi05ZDczLTRmZTItODc0Zi0xMTM4OWY0MzgzMWIiLCJleHBpcmVzIjoiMjAyNC0wMi0wOVQwNDozODo1Mi43MDAwODI5MzdaIn19LCJiZGF5IjoiMjAyNC0wMS0yNlQwNDozODo1Mi43MDAwNjY0MDRaIn0=
.casalemedia.com/	1970-01-21 02:42:59	Name: CMID Value: ZbM3XHAZ1pIAoZnlm7D6UAAA
.casalemedia.com/	1970-01-20 20:06:59	Name: CMPRO Value: 3181
.agkn.com/	1970-01-21 02:42:59	Name: ab Value: 0001%3AhPzb3Sn9ENzSJjUzSHpj8uXp3MtJ52OV
.krxd.net/	1970-01-20 22:16:35	Name: _kuid_ Value: QDuF37MH
.bidswitch.net/	1970-01-21 02:42:59	Name: tuuid Value: 72803c21-3cf3-4caa-adca-1d3b22576b0d
.bidswitch.net/	1970-01-21 02:42:59	Name: c Value: 1706243932
.bidswitch.net/	1970-01-21 02:42:59	Name: tuuid_lu Value: 1706243932
.fwmrm.net/	1970-01-20 22:16:35	Name: _uid Value: ume4b65_7329397140739004592
.everesttech.net/	1970-01-21 02:42:59	Name: everest_g_v2 Value: g_surferid~ZbM3XAAAAM5pQQBK
.mathtag.com/	1970-01-21 03:23:19	Name: uuid Value: 89bb65b3-375c-4200-99e0-b2ddb0059654
.quantserve.com/	1970-01-20 20:06:59	Name: d Value: EFsBDQH_KuvLswA
.quantserve.com/	1970-01-21 03:27:38	Name: mc Value: 65b3375c-d66a5-45b43-76cd5
.cazamba.com/	1970-01-20 18:42:02	Name: ttdata Value: _2_1706243932_1
.adform.net/	1970-01-20 18:42:02	Name: C Value: 1
.adform.net/	1970-01-20 19:23:47	Name: uid Value: 6131147176313214073
.ctnsnet.com/	1970-01-21 02:42:59	Name: cid_6831c9ff9e354fc9a987c901620134b2 Value: 1
.ctnsnet.com/	1970-01-21 02:42:59	Name: gid_CAESEOGYErHNkOIhrdgysZm0Y9M Value: 1
.travelaudience.com/	1970-01-21 03:29:04	Name: _tracker Value: %7B%22UUID%22%3A%22DACA00C6-AA99-4D13-1A7B-A17B48E72F0A%22%7D
.1rx.io/	1970-01-21 02:42:59	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-c25a787d-5ea4-45a3-8e2b-3f35154baa10-003%22%7D
.lijit.com/	1970-01-21 02:42:59	Name: ljt_reader Value: IDdWAGZHrYX5u5RITIa1BCFb
.doubleclick.net/	1970-01-20 22:16:35	Name: receive-cookie-deprecation Value: 1
.targeting.unrulymedia.com/	1970-01-21 02:42:59	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-c25a787d-5ea4-45a3-8e2b-3f35154baa10-003%22%7D
.tribalfusion.com/	1970-01-20 20:06:59	Name: ANON_ID Value: avntuJtMPmFUTgUpySVotw20ls92iBKuNQPbd5U5t7BM5ik3YqjWlfREPcHnSBM5OGv2bmBIQo3ELjjEs35S7QBl

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js'%20async='async Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://fonts.googleapis.com/css2?family=Oxygen:ital,wght@0,0,4000,700;0,400;0,700;1,400;1,700&family=Encode+Sans+Condensed:ital,wght@0,0,4000,5000,6000,7000,8000,1001,1000,2001,2000,3001,3000,4001,4000,5001,5000,6001,6000,7001,7000,8001,8000,9001,900&family=Roboto:ital,wght@0,0,1001,1000,2001,2000,3001,3000,4001,4000,5001,5000,6001,6000,7001,7000,8001,8000,9001,900&family=Roboto+Slab:ital,wght@0,0,1001,1000,2001,2000,3001,3000,4001,4000,5001,5000,6001,6000,7001,7000,8001,8000,9001,900;0,400;0,700;1,400;1,700&family=Abril+FatFace:ital,wght@0,400;0,700;1,400;1,700&family=Alegreya:ital,wght@0,400;0,700;1,400;1,700&family=Alegreya+Sans:ital,wght@0,400;0,700;1,400;1,700&family=Amatic+SC:ital,wght@0,400;0,700;1,400;1,700&family=Anonymous+Pro:ital,wght@0,400;0,700;1,400;1,700&family=Architects+Daughter:ital,wght@0,400;0,700;1,400;1,700&family=Archivo:ital,wght@0,400;0,700;1,400;1,700&family=Archivo+Narrow:ital,wght@0,400;0,700;1,400;1,700&family=Asap:ital,wght@0,400;0,700;1,400;1,700&family=Barlow:ital,wght@0,400;0,700;1,400;1,700&family=BioRhyme:ital,wght@0,400;0,700;1,400;1,700&family=Bonbon:ital,wght@0,400;0,700;1,400;1,700&family=Cabin:ital,wght@0,400;0,700;1,400;1,700&family=Cairo:ital,wght@0,400;0,700;1,400;1,700&family=Cardo:ital,wght@0,400;0,700;1,400;1,700&family=Chivo:ital,wght@0,400;0,700;1,400;1,700&family=Concert+One:ital,wght@0,400;0,700;1,400;1,700&family=Cormorant:ital,wght@0,400;0,700;1,400;1,700&family=Crimson+Text:ital,wght@0,400;0,700;1,400;1,700&family=Eczar:ital,wght@0,400;0,700;1,400;1,700&family=Exo+2:ital,wght@0,400;0,700;1,400;1,700&family=Fira+Sans:ital,wght@0,400;0,700;1,400;1,700&family=Fjalla+One:ital,wght@0,400;0,700;1,400;1,700&family=Frank+Ruhl+Libre:ital,wght@0,400;0,700;1,400;1,700&family=Great+Vibes:ital,wght@0,400;0,700;1,400;1,700&family=Heebo:ital,wght@0,400;0,700;1,400;1,700&family=IBM+Plex:ital,wght@0,400;0,700;1,400;1,700&family=Inconsolata:ital,wght@0,400;0,700;1,400;1,700&family=Indie+Flower:ital,wght@0,400;0,700;1,400;1,700&family=Inknut+Antiqua:ital,wght@0,400;0,700;1,400;1,700&family=Inter:ital,wght@0,400;0,700;1,400;1,700&family=Karla:ital,wght@0,400;0,700;1,400;1,700&family=Libre+Baskerville:ital,wght@0,400;0,700;1,400;1,700&family=Libre+Franklin:ital,wght@0,400;0,700;1,400;1,700&family=Montserrat:ital,wght@0,400;0,700;1,400;1,700&family=Neuton:ital,wght@0,400;0,700;1,400;1,700&family=Notable:ital,wght@0,400;0,700;1,400;1,700&family=Nothing+You+Could+Do:ital,wght@0,400;0,700;1,400;1,700&family=Noto+Sans:ital,wght@0,400;0,700;1,400;1,700&family=Nunito:ital,wght@0,400;0,700;1,400;1,700&family=Old+Standard+TT:ital,wght@0,400;0,700;1,400;1,700&family=Pacifico:ital,wght@0,400;0,700;1,400;1,700&family=Poppins:ital,wght@0,400;0,700;1,400;1,700&family=Proza+Libre:ital,wght@0,400;0,700;1,400;1,700&family=PT+Sans:ital,wght@0,400;0,700;1,400;1,700&family=PT+Serif:ital,wght@0,400;0,700;1,400;1,700&family=Rakkas:ital,wght@0,400;0,700;1,400;1,700&family=Reenie+Beanie:ital,wght@0,400;0,700;1,400;1,700&family=Ropa+Sans:ital,wght@0,400;0,700;1,400;1,700&family=Rubik:ital,wght@0,400;0,700;1,400;1,700&family=Shadows+Into+Light:ital,wght@0,400;0,700;1,400;1,700&family=Space+Mono:ital,wght@0,400;0,700;1,400;1,700&family=Spectral:ital,wght@0,400;0,700;1,400;1,700&family=Sue+Ellen+Francisco:ital,wght@0,400;0,700;1,400;1,700&family=Titillium+Web:ital,wght@0,400;0,700;1,400;1,700&family=Ubuntu:ital,wght@0,400;0,700;1,400;1,700&family=Varela:ital,wght@0,400;0,700;1,400;1,700&family=Vollkorn:ital,wght@0,400;0,700;1,400;1,700&family=Work+Sans:ital,wght@0,400;0,700;1,400;1,700&family=Yatra+One:ital,wght@0,400;0,700;1,400;1,700&display=swap Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a02225b6-7fcb-49c9-40ba-68a47d4b4720&reqId=0c4c8c35-54fb-4c99-4916-4c4ea17d9eb7&zdid=1361 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security	error	URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map Message: Refused to execute script from 'https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a02225b6-7fcb-49c9-40ba-68a47d4b4720&reqId=0c4c8c35-54fb-4c99-4916-4c4ea17d9eb7&zdid=1361' because its MIME type ('text/plain') is not executable, and strict MIME type checking is enabled.
network	error	URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a02225b6-7fcb-49c9-40ba-68a47d4b4720&reqId=0c4c8c35-54fb-4c99-4916-4c4ea17d9eb7&zdid=1361 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a02225b6-7fcb-49c9-40ba-68a47d4b4720&reqId=0c4c8c35-54fb-4c99-4916-4c4ea17d9eb7&zdid=1361 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=a02225b6-7fcb-49c9-40ba-68a47d4b4720&axd_pid=175 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://tags.bluekai.com/site/87734?id=a02225b6-7fcb-49c9-40ba-68a47d4b4720&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a02225b6-7fcb-49c9-40ba-68a47d4b4720&reqId=0c4c8c35-54fb-4c99-4916-4c4ea17d9eb7&zdid=1361 Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a-prebid.vidoomy.com
a.tribalfusion.com
aa.agkn.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
ad.doubleclick.net
ads.travelaudience.com
ajax.googleapis.com
ap.lijit.com
api.cazamba.com
as.cazamba.com
bcp.crwdcntrl.net
beacon.krxd.net
bid.g.doubleclick.net
bn01.er.bemail.it
c.amazon-adsystem.com
c1.adform.net
call.cleverwebserver.com
cdn-ima.33across.com
cdn.cazamba.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.navdmp.com
cdn.onesignal.com
cdn.taboola.com
cdnjs.cloudflare.com
cm.adform.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
config.aps.amazon-adsystem.com
culturaenegocios.com.br
d.t.tailtarget.com
d.tailtarget.com
d.vidoomy.com
dclk-match.dotomi.com
dis.criteo.com
dmp.adform.net
dmp.theadex.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fe505980033d26626822036df5f8ad9a.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
gcm.ctnsnet.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
idsync.frontend.weborama.fr
image6.pubmatic.com
imasdk.googleapis.com
invstatic101.creativecdn.com
lb.eu-1-id5-sync.com
loadeu.exelator.com
match.adsrvr.org
mp.4dex.io
mwzeom.zeotap.com
oa.openxcdn.net
oajs.openx.net
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
odr.mookie1.com
pagead2.googlesyndication.com
pbjs.e-planning.net
pixel-sync.sitescout.com
pixel.mathtag.com
pixel.rubiconproject.com
pixel.tapad.com
pm-widget.taboola.com
pr-bh.ybp.yahoo.com
prg.smartadserver.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
region1.analytics.google.com
rtb.openx.net
s.ad.smaato.net
s.seedtag.com
s.tribalfusion.com
s0.2mdn.net
sb.scorecardresearch.com
script.4dex.io
scripts.cleverwebserver.com
securepubads.g.doubleclick.net
spl.zeotap.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.navdmp.com
sync.richaudience.com
sync.targeting.unrulymedia.com
sync.tidaltv.com
sync2.navdmp.com
tag.navdmp.com
tagmanager.alright.network
tags.bluekai.com
tags.crwdcntrl.net
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
ui.cleverwebserver.com
ups.analytics.yahoo.com
usermatch.krxd.net
usr.navdmp.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
bn01.er.bemail.it
prg.smartadserver.com
sync.tidaltv.com
104.79.89.214
108.128.229.209
108.128.8.111
108.138.6.136
108.177.15.154
13.32.27.44
142.250.184.230
142.250.185.194
15.197.193.217
151.101.1.44
151.101.129.91
151.101.194.49
151.101.65.44
162.19.138.119
168.119.146.39
172.64.151.101
172.64.152.89
178.250.1.11
178.250.1.9
178.32.210.227
18.239.83.98
18.245.47.29
185.15.245.81
185.64.190.78
185.89.210.180
193.3.178.4
2001:4860:4802:32::36
205.234.175.175
212.36.83.245
212.36.83.246
2600:1f13:800:7780:bad:39fb:3054:9ae2
2600:1f18:6593:f602:82a0:df8e:67ea:6e72
2600:9000:211e:7000:1b:5138:8a40:93a1
2600:9000:223f:6a00:8:48e:53c0:93a1
2602:803:c004:200::140
2606:4700:10::6816:3262
2606:4700:10::6816:3556
2606:4700:20::681a:9a9
2606:4700:4400::ac40:919c
2606:4700:4400::ac40:994e
2606:4700::6810:5814
2606:4700::6810:ff3
2606:4700::6811:190e
2606:4700::6812:18ad
2606:4700::6812:d63b
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:808::2002
2a00:1450:4001:809::200a
2a00:1450:4001:80b::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:812::200a
2a00:1450:4001:81c::2003
2a00:1450:4001:827::2001
2a00:1450:4001:827::2003
2a00:1450:4001:828::2008
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2006
2a00:1450:400c:c0c::9a
2a02:2638:3::3
2a02:4780:13:990:0:71e:fb98:2
2a02:fa8:8806:21::1690
2a05:d018:d29:3602:5ae9:3b9c:4769:a477
3.75.62.37
34.102.146.192
34.102.185.99
34.111.113.62
34.111.131.239
34.120.135.53
34.149.50.64
34.160.236.64
34.241.159.104
34.96.70.87
34.98.64.218
35.186.193.173
35.190.0.66
35.201.123.184
35.214.149.91
35.227.252.103
37.157.2.229
37.157.4.29
44.209.190.13
46.228.174.117
52.19.82.212
52.212.121.130
52.51.137.146
52.73.37.218
52.87.124.31
54.220.173.30
54.78.254.47
65.9.66.97
67.220.226.234
69.173.144.138
69.173.144.139
72.246.169.24
85.114.159.118
98.98.134.241
99.86.4.128
001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343
0035ea54756f3d0680a0f9776c34da4fe9510cf3a6e191a95c93c6288ea39764
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
02219c6ac20dcccb47f367b6376828b8b1910e734d2bcb991a876ed1a526db4b
04bc269ca65c325114dfb91d780a63874a6f47cc21dba133c57e965769099c98
05101233996976df686804f7c0c0160df612874b7ee3936e4497bfd0430da3c6
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08243f694315efb6dc2fbf26e18f1f5dbc7ce85a3a435af204b2d1ff620feadb
08b6cc864796c90b20503b424f80a27db97cfcfa3654b918cef00cda8bc48041
08c455d224daaac85bafbf640908485eea2a018433cb88e284fb01db0927ada2
0ab9751491176afacd6960432874ccc3fad5056fcff3debad433783b746a55de
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d182aed3bae0ef58fe3f925ddcb190fe23ba30df7076183b6d0bedbd3648ed8
0e00fc50fa3aa8468d95c215e39cc722e9e70fbdb8565c7b98c38633e51bdf7b
11ea1a93d916ef7f4023e821c6b9b9c31fa92ca91c885753a3e014386fa654c4
151a123606a98de6b46940ad3abdcdc23834cc9616bb922719a38f2087df6e66
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1b16fdaf9e09eff3adb17a84bc7193f0fe02415e99015ce86b8a5b4bbd3dc853
1ba0eab72cdfab953b2aaffe16bc974d136023358e58d6c0bebb050872ff9810
1cc53f6ffc90f3b6b51a34bf9feb6e4e164cd53ffd4c97d494dcd8d766b2c0e9
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
21e2cc1be6bb33e75287ef99dd7ba094e114326e221a1550b9f9e21de7a1b51c
232e680dfd4b632013ac2648194e3a59c90dbcb13ae369f9fb04d5f0818068ff
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d
29642a044c3a732e9530ddf10e5b24afee08430986520ae19e0c8fe5d792dbbf
2a9c8c1325096f3efd38f7e471f4f85fd0c212fa91ceb9591b037bc959dbcd54
2ab20a8e22e5716e2dec84a9aa405a020218b14b14f6fb0062aa768aa071de42
2c123f88fc69b6e13163d65176c8b2499db472d0b5c310ac04b5a7be06fe6e07
2c73129368d96b6fb2b36aa69a719fa856adb477da604ec895121f64a1705537
2e2dc7ab6253fd1ef2505ec37816c747e33539dcdc57f41e37736207f93c71ab
2f618ec59c68ef72aa7edef132178fa070cc28c8e8c27ebca9568f3169636303
2ff6f729a6a68de8245d283387175ad848f5f49eaf1b8b80a4abefa5ef90ade9
301df82c6133337ceef6f8ca86a6df57f7a57fc44963a2cd93c7ad881a7f2273
304785f2b2e77f4c3c3a9eb8701862eb4b3a8eb3b74991d54ef8476e3b907541
30721b6d96e3c05620327641edf74ab2766ecdda06f1133004e37dbde8df93e0
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3208917346cc451fbe5b42a75986b24bf806bc0a3ec89b3051a6e66e86eb7f28
320d8033b4dc2535005db35ed05a86cb63b0df0526f9f6dfa259abc071211c2f
32b282b1c91c890ad3490bf86e5a6b4a297184916c1537b54ebc33c66ba71a3b
332130fba45236182c20ef4e7955f2a79a6abc776f579e6c03c433315987ee61
3409c1dfa8da857c546c778335d7a9637d37651c91fb161ba7d1e7c4f1d6e88a
3787a3f925b5a58461468104b9606e1b9f0bb63837408a47d98a09b41c7ebc87
382cb50f70c1645f5346e2e00cbbf8621d9540322e14d358b9d95762cc8a9b1f
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
39511c4e8ab4f29242e08ce365761949e1682d84cef1e8af762949fef28be382
3acf801d7e025affdc1c3bb87dd001f915cd7be288b620136ee23d5b01ead2ab
3dba62d760768a577980a6abea886219a68630f3903bb43828ab1190245d83e9
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
403add44aad8f95e714cc1fec3c3b2e4639d09895186facff8cfc20dcfde109f
40ec67160f47fe555e57ffd595700b621c74d19c75c18e5299b3f7b7e3fbf154
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
45f3e73f5b5d8f1accdba00c41a0ac3c0a6fdeee2f7e7d7f517296e8161188bc
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4b1c290d91511a25fb038a2ea4eaa79e9bac4eff430aa0df5fc4544e6536787c
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e01bb5e958edd676c80c2ad11b169838972248d6f18f3e3b50b195e572f43e3
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
51bb5e9c9ab236d913b1e569c57bf5244ba676060aed4878cb7a3cf322da4d2b
5262b331c58e8e222309f0cdccacf815cece838ba18d388f80a9ffc9091526a8
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
589e51094967f8ad69a80d493f549c8b79edc1f97e16bcaef4c376dc392da335
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5e337f522f574d3ec6ee384f7ab408119b1049bec62762991cec82a7197735ea
5e68860efb29ffa305b4789519e67284beac186540c24cb1f94c148e6abbadfb
5fa42c1d96f1d20bb0a5c0f1468aba661ad4c3584dd51646a3bfb996e869b8dd
60b619c8e420a3f9c0bcdbcf46dca8f4e92c310270168f6833a9e411d33fbb00
60dda3ddd37349ab42872b830eeffca018645eb078f83fabb006e9c52c92b27d
61b60b9d1a9a29547d3f6d027176b5f44ab97c612f12ddfbba60d5d87505b7d9
660aab0721aa4d37fa76de97797ae0bd009b5161c8189f938c6772c43371c166
669a7d976f875b9e0f7aca66be35f39ac91de8d4feb8f859d44281210e4ecdec
68de2363a8937470cb35f5506e47b36bf67d35d8c7dbead836021fe5ed331587
69212075b1d37228d4784482d0604cc6c9d957042c7fac32a4d3441ea848315e
69a53ae8e402a25abc88acf3fba1840ae7e371df38eee6dc6fc319462f7c2a88
69ba4a9ebe9e974e2d9ecfeb68ce23e8590c08a34317c033889327f7700e9c28
711dc4cf38c714f3f9c8bfc94911ac6bb9b7800be18671cfe48d20eb71e0b4fa
732b75262f6c9b6d5a61da968e653880646b58cc1b25387b32badbe03881dfe1
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74b9bda0e1307617afb30ff3a77e6c86fa7bd02b2132c327953e45080ceeec02
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7c57b9fef16df201c36dd9a0d23c665f90b35139cf1f036df3b88118bb4289f2
7f7246e174f919bd7db2e2f9ec15a58b3022bf3320ff39f1fb4dffde15a17d63
7fe6a0c5d89bf3468665c1f8505dd240b2a206fb017c6307050fb5d06bae554e
805ecc2a0f1749aded0df1f468564fc28540c7687f8a78a84d53cb5626828466
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
82000b14473393ec1ec4fabe4761d63136347422ca73e1f29f2a5844d8775d80
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
86003362db4e09b0055c7ef03d973a61b24be57373ce5373293ced08edcabff3
86036cbe1dd82dc84489e713501e2fb7e5e18d2f41b3668006f5657e3deb512a
885cb38c43b35c7ff9befe60f6c96f653d15befa0770f5f2ea0ea5cbc5d03a68
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
904a9fb41a8def7934e36f12709f58182802250aaeec2d39b80e285941d47093
90e1d346c6640ad53d7c73d0b349531101ac3a1502cd4303eaf059cb8e677071
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
94409b25f60e402ccdd7da8fae9ef7b4cfa2172a143c34d7156d1bcacfb70d88
9931954d716dbb95fb23bd8be91a6fc69b9d5b9a8870399917ab71a0b5007826
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a12adfc035f23cfec61c88624ca8424536a91bbfcd5d160ced04c98eb231a5e
9a332bbf7f14b823d7c93ac65129a70996084d5a735a576d84271f04516cd8c1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b96d4ce3e664745d660ea7e4b8c16b03479b28c144a0ddaecac33c732932403
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9be16cdb6ee566ed7d213e0c5ecafe1a44d4d8f3094e6d7df27d5f945e2e8415
9c2f193af05df649aaf978b25b6cfc313eb2d527b4a6032bbad2087424a5ae69
9e1728a836098740c93e33c980cbad16eafdca91c3cc4e94d6de2390fd344b1e
9f4bde535e56f8a8beeb217e1110522f24eaeac7fbfba1ce3f344985ddb3c730
9f59d625efa6fe837a639187ed0500b8ed57e7a2a2ca58e4ab782c374ddbb36e
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1802a4b2216fe6c8b785985958abce268da73b80d9e07976d1c589782699ed2
a29481410bd31e306a8ba02c79725b22e6333160a93ad089c7a4c608f6a17a65
a665adbe3c3106124401f33260554ace0c34e173e76e1155dbde0dab3def34ff
a728f2b8fc5449a2dbce48f9090fa4600eabd540dae4da882f369a27601d5d8e
a7d1d7049b8e155b75fef6ce97dbdca51a2852feccb09615dbb10e180920c570
a7ee0c8f222d06fb1c267b6b4bbaac08a7664e90c34768322e78a87060706ad9
a9705dfc47c0763380d851ab1801be6f76019f6b67e40e9b873f8b4a0603f7a9
a9fa8fd3249847facca86a2268daac86e0d8d55cc14836405fd4075adf709231
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ab5fb8b9aa6dc60c0864f23e97317536426886009cf1692d216cca2a3bd70e96
ac1ccdef191ae6ed850944e58cedbdf3523e9e35719d1a4d48d4bde64ea35cc1
acbb8643d26f69f027556078933972caecf4a582b637b52c76cacbb28e48cc94
af53d67309b2851978e9737bef211932cb672ddc2b752accc20fd60bab0a3c54
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b1000dd0118b44f24faed60a90f63063520b63c17ece41a7292ce9a8309190a5
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b197e74cfb1e03d721eee425ee02276a4a2d769d50bfe2a16b296ac400af9759
b1e61d7061d6f054ace39c480436a348ab293b49a37e272a4c8cf8583c78ab3b
b3b8c509c3ac5a899a4741d6c98f3fe4a15d83e268dedd00ff39bb492c7891e8
b5adc8e9ecc6cfdc2638cfcefe10069ef234758f2bebcf1170b48022b84696ab
b5de679f41d5e07318bf721f4877d6320d3e351d6cfd58a00471854e2503d48c
b68164dddf0c657aa05822fddf6d9f7dd9480d3ac18a18c7cdc5b047751e9516
b734b1f3db0cd4d342fce3f78b5cdd2e1e5a3c7ac403b27a196b2e1b80c6121f
b85261e84d2e780e6eeaf5f7f0f73408690ff578d71196890fe2a218f93e673e
b993c87cc8baa0ecebb84eed2a741b7f1bf5a63c28ea8aa34dcb56e279d88503
badb52a9ac49e10e3bb7a611e3d3917285f038f0c01f40eab6b33b07f4db3fa2
bb2ea09d4eb9409ddeb36a93a6fdc584f71f274e4a925281f2715ab4580f296a
bf066e8437c1d58df4ca3f6128d7e4628650e07f5d103c3f756d1fd112b2777a
bfd73f7e504110ae16bceb8df4ba8caa4853de4be186dcd36dc27d2b52cd7ec2
c1a6b5d22efce43a0187b02393475a7e177a959631af637b1de77227c9ae8d63
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3bc00d3394f0c49f168c55e0f9ad71e0d630f64b9f6115720507dbca9a709bc
c70489f5c3c113d624b62a73bdfd5fad67e9ab85f6a7f548d91d4bdb96654adc
c7f7495df9a3d4a70ee398722db2472f82f73655effc924aa31421109936e9fb
c866fec44b475b3944fd8aef2d2830affefc34aaf191f67e3deb5d3956632c1c
c9e20984b9640c71e718448e62006c94124cfd1dfc4aa60e14f65de4062f0a28
ca4b38d09d1c0d4b0ee2ccb0d9fa68480d130d1abeaba1b357ce12997dff22e2
cdfb561f539e86f53b729e02c12846d6b18970351e48b5305539697e16a9a184
ce1ca297a4aa1309ebb8c299d850f937f2be53afe7f530701d2977145c200509
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
d191094291904cb0410cf3a475ea46eee6573c0922cc204759445e326d6d9233
d351ad9e0491a3bb72ba3995d0dfe67f6af54bbf7d97e18f43ff203ffc5efe1f
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d654f528122cc5c85307d7138e0b6bce88bc97a4e9f79e12beb615c22a9c5b56
d878e25a6833544b1b4d3a654d3269a6484efbe859d52ebc15ecf9a97ebfb7bb
da2e43ba9a49cd09e1bd2faebc9c2e889eb17e375754d79fd4e6913383fe6f2c
dc32db935295393932ba1e330314d339d58b938c6c384efdba9ee58748a27209
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de85994531214f8295ade173e105a9745315f560bedb3e5496cf840c70adbaac
df599e71678acc546ca43d19081e5b912b3fafcae8d5aff568320da06a1c0b46
df6a9de88ee4e7d4c68cab877e0fe746475b9d62004ca321205ed2bfb16ad460
e29df730abe9196cc3a37ea024a29dc6ce653e1af49d9e25738c037da92471ea
e2efb418f3f7bcc3ffd5179fd2d18923a7e3f39cec1102d4760a3d85d54ee25e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40c74195810fc027ed617f419a6c7ecf745d7fac0211355c663aa76ffbfcda0
e42a846a3d2e6db13c633d7640f26061c17da10f7aef278c35342ae8effe27c1
e57eed97b19a7b770dd3aa55cdbde01e5d83de9d25ffc1fca6a38c96fe4c7aff
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e593d32d2b3c25b54c4632fc55d4c55cce4154e0bfaeb75883da07b742e762dc
e6123603aeabe4b8467cc64a9ee3329093d346f494179fea936f699aeec37fdd
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
e86719cdc703a92c047078e14dffc618146aa269fae729236075332f026c13b9
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e9ba3d0c5d5408e00becd36ad394fa9ad9c0616741ebdd6dddc8e837db3605ba
ead4424b3efa3e99f5642344bc754e05e458b119e5da8d0b889246a20d990073
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
eb92fd44a15ababf68114c2eb8cec28b971bbb8d6b2f31f12fa337a7d8f3412e
ecd748f325fd55ed1fa4c542be8ed68543fd6040b65274ba0791ea0083e0521d
edcf2dd4d866dc95db5d4df44a6093adc112cea6ccb9d59f08c3922274d008e6
ee3d91bec75876c3e7419b881af0ece847fa97dd2140c30eb5a0679528846b07
eeff3f5cc97dce605164dd7be389b8a2b4125e8c480167b2789abd2d7d580ffc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0f33532c51af0b190228886dd6da4decb4b60929471b1a514783e392388981d
f25926ff55665105b087457a3b8c4bab026549561639f61d705bd5212381aa15
f2675ad8282efdc61e3a2f79f7faa7f46b091416ba2e116e809bfd89a61e6f89
f4a9c28481f9c12beddefb77229552e166434d04722a3049629b00dca38dc1c2
f807d9a89ecd158a9dadff3ad712a73891d8c79780027ea9238e619aa1dcfb05
fad22c352198a84b54b2afbf53227269a9eebf15a48cd6fd74b74531aa239dbf
fba588afc7b52d89d5552ab2b6751522b410bcc2e76d3e945a6f0dbbc24f4e70
fe8f48420e059b1f4f6a8edf6efbbdd83da9977b73b53ee568b8dddd20da2584
ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876

culturaenegocios.com.br Open in urlscan Pro 2a02:4780:13:990:0:71e:fb98:2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

327 Requests

86 %HTTPS

37 %IPv6

74 Domains

119 Subdomains

87 IPs

11 Countries

5402 kBTransfer

15934 kBSize

69 Cookies

6 Outgoing links

Page URL History

Redirected requests

327 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

culturaenegocios.com.br Open in urlscan Pro
2a02:4780:13:990:0:71e:fb98:2 Public Scan

Screenshot
Live screenshot

Full Image

327
Requests

86 %
HTTPS

37 %
IPv6

74
Domains

119
Subdomains

87
IPs

11
Countries

5402 kB
Transfer

15934 kB
Size

69
Cookies

327 HTTP transactions
4 data transactions