es.guiapromocoes.com.br Open in urlscan Pro
5.135.84.192 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://es.guiapromocoes.com.br/
Submission: On August 22 via api (August 22nd 2023, 11:38:00 am UTC) from US — Scanned from US

Summary HTTP 100 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 23 IPs in 3 countries across 21 domains to perform 100 HTTP transactions. The main IP is 5.135.84.192, located in France and belongs to OVH, FR. The main domain is es.guiapromocoes.com.br.
TLS certificate: Issued by R3 on August 22nd 2023. Valid for: 3 months.

This is the only time es.guiapromocoes.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	5.135.84.192 5.135.84.192	16276 (OVH) (OVH)
2	172.217.13.194 172.217.13.194	15169 (GOOGLE) (GOOGLE)
5	172.217.13.168 172.217.13.168	15169 (GOOGLE) (GOOGLE)
2	172.217.13.138 172.217.13.138	15169 (GOOGLE) (GOOGLE)
19	192.185.223.224 192.185.223.224	19871 (NETWORK-S...) (NETWORK-SOLUTIONS-HOSTING)
1 9	2607:f8b0:402... 2607:f8b0:4020:805::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3032::6815:d13	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
8	2607:f8b0:402... 2607:f8b0:4020:807::2002	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:402... 2607:f8b0:4020:806::2008	15169 (GOOGLE) (GOOGLE)
8	2001:4860:480... 2001:4860:4802:32::178	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:402... 2607:f8b0:4020:806::2003	15169 (GOOGLE) (GOOGLE)
1	172.217.13.130 172.217.13.130	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	2607:f8b0:402... 2607:f8b0:4020:807::2004	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c0b::9a	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:402... 2607:f8b0:4020:806::2001	15169 (GOOGLE) (GOOGLE)
7	2607:f8b0:402... 2607:f8b0:4020:807::2001	15169 (GOOGLE) (GOOGLE)
3	104.126.112.26 104.126.112.26	16625 (AKAMAI-AS) (AKAMAI-AS)
4	23.52.158.180 23.52.158.180	16625 (AKAMAI-AS) (AKAMAI-AS)
1 9	172.217.13.98 172.217.13.98	15169 (GOOGLE) (GOOGLE)
2 2	23.76.43.24 23.76.43.24	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	2606:ae80:147... 2606:ae80:1471:1b::1720	25751 (VALUECLICK) (VALUECLICK)
1 1	216.200.232.249 216.200.232.249	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	35.194.66.159 35.194.66.159	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	54.152.164.74 54.152.164.74	14618 (AMAZON-AES) (AMAZON-AES)
1 1	34.232.117.132 34.232.117.132	14618 (AMAZON-AES) (AMAZON-AES)
1 1	34.197.10.159 34.197.10.159	14618 (AMAZON-AES) (AMAZON-AES)
1	34.160.55.127 34.160.55.127	15169 (GOOGLE) (GOOGLE)
100	23

2 5.135.84.192 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: tdn-5-135-84-192.gtranslate.net

es.guiapromocoes.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.13.194 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.13.168 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s04-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.13.138 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s05-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 192.185.223.224 (United States)

ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: 192-185-223-224.unifiedlayer.com

guiapromocoes.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4020:805::2002 (Montreal, Canada) 1 redirects

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6815:d13 (United States)

ASN13335 (CLOUDFLARENET, US)

script.joinads.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4020:807::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4020:806::2008 (Montreal, Canada)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4020:806::2003 (Montreal, Canada)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.13.130 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s05-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4020:807::2004 (Montreal, Canada)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c0b::9a (Ashburn, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4020:806::2001 (Montreal, Canada)

ASN15169 (GOOGLE, US)

cf70477cd02bd3043219fac404e63de7.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4020:807::2001 (Montreal, Canada)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.126.112.26 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-126-112-26.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.52.158.180 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-158-180.deploy.static.akamaitechnologies.com

warp.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lg3.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hblg.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.217.13.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: yul02s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.76.43.24 (Lithia Springs, United States) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-76-43-24.deploy.static.akamaitechnologies.com

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:ae80:1471:1b::1720 (United States) 2 redirects

ASN25751 (VALUECLICK, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.200.232.249 (Frederick, United States) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.194.66.159 (Washington, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 159.66.194.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.152.164.74 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-152-164-74.compute-1.amazonaws.com

fksnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.232.117.132 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-117-132.compute-1.amazonaws.com

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.197.10.159 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-10-159.compute-1.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.55.127 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 127.55.160.34.bc.googleusercontent.com

akl-navvy.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	guiapromocoes.com.br 1 redirects es.guiapromocoes.com.br guiapromocoes.com.br	336 KB
18	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 228 googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 stats.g.doubleclick.net — Cisco Umbrella Rank: 122 cm.g.doubleclick.net — Cisco Umbrella Rank: 261	201 KB
18	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 125 cf70477cd02bd3043219fac404e63de7.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 163	251 KB
11	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 76	804 KB
8	media.net contextual.media.net — Cisco Umbrella Rank: 764 warp.media.net — Cisco Umbrella Rank: 3011 lg3.media.net — Cisco Umbrella Rank: 6578 hblg.media.net — Cisco Umbrella Rank: 2478 cs.media.net — Cisco Umbrella Rank: 1735 akl-navvy.media.net — Cisco Umbrella Rank: 18016	104 KB
8	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 62	21 KB
4	google.com www.google.com — Cisco Umbrella Rank: 3	1 KB
2	dotomi.com 2 redirects dclk-match.dotomi.com — Cisco Umbrella Rank: 3533	884 B
2	owneriq.net 2 redirects px.owneriq.net — Cisco Umbrella Rank: 2071	2 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	262 B
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 157 partner.googleadservices.com — Cisco Umbrella Rank: 1244	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 183	135 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 73	2 KB
1	sharethrough.com 1 redirects match.sharethrough.com — Cisco Umbrella Rank: 673	355 B
1	yieldmo.com 1 redirects ads.yieldmo.com — Cisco Umbrella Rank: 808	596 B
1	fksnk.com 1 redirects fksnk.com — Cisco Umbrella Rank: 5105	619 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 1009	715 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 1279	874 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 225	57 KB
1	gstatic.com fonts.gstatic.com	8 KB
1	joinads.me script.joinads.me — Cisco Umbrella Rank: 554065	923 B
100	21

	Domain	Requested by
19	guiapromocoes.com.br	es.guiapromocoes.com.br guiapromocoes.com.br
11	www.googletagmanager.com	es.guiapromocoes.com.br www.googletagmanager.com
9	cm.g.doubleclick.net	1 redirects cf70477cd02bd3043219fac404e63de7.safeframe.googlesyndication.com
9	pagead2.googlesyndication.com	es.guiapromocoes.com.br pagead2.googlesyndication.com tpc.googlesyndication.com cf70477cd02bd3043219fac404e63de7.safeframe.googlesyndication.com
8	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
7	tpc.googlesyndication.com	pagead2.googlesyndication.com es.guiapromocoes.com.br cf70477cd02bd3043219fac404e63de7.safeframe.googlesyndication.com tpc.googlesyndication.com
4	www.google.com	es.guiapromocoes.com.br tpc.googlesyndication.com
4	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com www.googletagmanager.com
4	securepubads.g.doubleclick.net	es.guiapromocoes.com.br securepubads.g.doubleclick.net
3	contextual.media.net	es.guiapromocoes.com.br contextual.media.net cf70477cd02bd3043219fac404e63de7.safeframe.googlesyndication.com
2	dclk-match.dotomi.com	2 redirects
2	px.owneriq.net	2 redirects
2	cf70477cd02bd3043219fac404e63de7.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	www.facebook.com	es.guiapromocoes.com.br
2	connect.facebook.net	es.guiapromocoes.com.br connect.facebook.net
2	fonts.googleapis.com	es.guiapromocoes.com.br cf70477cd02bd3043219fac404e63de7.safeframe.googlesyndication.com
2	es.guiapromocoes.com.br	1 redirects
1	akl-navvy.media.net	contextual.media.net
1	match.sharethrough.com	1 redirects
1	ads.yieldmo.com	1 redirects
1	fksnk.com	1 redirects
1	um.simpli.fi	1 redirects
1	sync.mathtag.com	1 redirects
1	cs.media.net	contextual.media.net
1	hblg.media.net	cf70477cd02bd3043219fac404e63de7.safeframe.googlesyndication.com
1	lg3.media.net	cf70477cd02bd3043219fac404e63de7.safeframe.googlesyndication.com
1	www.googletagservices.com	es.guiapromocoes.com.br
1	warp.media.net	es.guiapromocoes.com.br
1	stats.g.doubleclick.net	www.google-analytics.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googleadservices.com	www.googletagmanager.com
1	fonts.gstatic.com	fonts.googleapis.com
1	script.joinads.me	es.guiapromocoes.com.br
100	33

This site contains links to these domains. Also see Links.

Domain
themecentury.com

Subject Issuer	Validity	Valid
en.guiapromocoes.com.br R3	`2023-08-22` - `2023-11-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
www.guiapromocoes.com.br R3	`2023-07-15` - `2023-10-13`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-08-02` - `2024-07-31`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-06-01` - `2023-08-30`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://es.guiapromocoes.com.br/
Frame ID: D3AF77C471AB9AA1A904F067AAB7983D
Requests: 66 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20190131/zrt_lookup.html
Frame ID: BA94733BB3C4B95F7850EB07B422EB4C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3312035738922216&output=html&adk=1812271804&adf=3025194257&lmt=1692708030&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fes.guiapromocoes.com.br%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692704272862&bpp=47&bdt=455&idt=514&shv=r20230817&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3569424809614&frm=20&pv=2&ga_vid=112353596.1692704273&ga_sid=1692704273&ga_hid=506192394&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076838%2C31077093%2C31077148%2C44795921%2C44796700&oid=2&pvsid=2388198473359643&tmod=1555107617&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=543
Frame ID: 2AFB511BEDE1292C9E4B669E2D70E913
Requests: 1 HTTP requests in this frame

Frame: https://cf70477cd02bd3043219fac404e63de7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 313AD627D2521B915281D2A41B41BB3D
Requests: 1 HTTP requests in this frame

Frame: https://cf70477cd02bd3043219fac404e63de7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E21A4A587131B16C177BEF113F6EE5AD
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 25DA9B99EE5D5D67A7D07C4515319163
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/nmedianet.js?cid=8CU7Q771E&ydspr=1
Frame ID: 47991311FC18FDE137B9085F664EE5C5
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7526F6B0914DF7D6DAD26F22D251D1E1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 35FD1A2596B59430080E6D9EEB7FA152
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2773&&kkdd=AA%7C3%7C9*nAH&Al=jwLEOf8EO8PPLPLEEjO&6neb=f&*.e)=f&M.Fz=HE--&Fln=P!qO~OOja&FeFn=~Fp61RtBDCatujDDJbbCFX%3D%3D&Fbln=O88O8jfPw&.lyz=jfE8ROwP&FF=qi&.F=Ux&FNo*=a!2&eln=P2kK80dOU&Meln=ZCs8wiL&NMMe.=j&bbb=MyKJNHFYJHP2!kH84~oqMtOrfs1MKgrwHPGwD~ZZVK8%3D&mXb4=NMMe.%3A%2F%2Fz.(6Bl)eb1*1F1z.(F1*(Ib&zmXb4=XOOa~%3AiiC~(uRPjaH*x*U*C~(U*x(VH&o.z=s&YX=j&B6n=8&)nMj=P!qqLCGPW&)nME=P-LEPPw8-&In)M)=.nE%3DoBYYhMM%3DfhlBbYDY%3Djfh16zbe*%3Df(-PhAXDzRF%3Df(LshAl.D.n%3Ds-jhBbYDbe.DI%3DO(fPhn1*DI%3Df(OEhnFE%3Djh.Fn%3Douhb)z%3Df%2CfhAD).o%3DLffLhn1*DY%3DEfhAYEbD.n%3DEfE-fPEjEEhlBbYDI%3DPOj(fOhBbYDMmF%3DfhBbYDbE)DI%3Dfh.Mn%3D-Owss8LLsOhb)M%3Df(fff%2CfhY).M%3DhFA16%3Djs(-shAl.DBbYDI%3Df(s8hAYEbDlD.n%3DEfE-fPEjEEhle%3DjNYHi!BK)seNsriuca8M2lh4II%3DfhAl.DBbYDY%3DfhblleB)%3D-O%2C-PhzM%3DEjhbF%3Djhbl.Bln%3Df%2CfhAYEbDlDI%3Df(fshbe.D.n%3DEfE-fPEEfshAl.DI%3DwLf(8-hb)nA%3Df(fff%2CfhBbYDI%3Dj(jshAYEbDBbYDI%3DfhAYEbDBbYDAl%3DjaJjwhBbYDMAl%3DfhBbYDY%3Djfh.YA%3D-j(Owh6F)M%3DJjhII%3DjLwhAA%3DfhFAYEbD.n%3DsEshb4A%3D8j(OwhYEbDI%3Djfffhzbe*%3Df(-PhAYEbDBbYDmF%3DfafhI*%3Djhbmz%3Df%2Cfhb)ne%3Df(fff%2Cfh)-eDI%3DL(fw%2Cwf(jLh.ln%3DO88O8jfPwh.n%3DjhBln%3DE_)Veb.M0UGl.GOsRyhBbYDbe.DmF%3DfhFAYEbDI%3Djs(-shIMn%3D-fPfPjjEw888Lw-sPfj8O-EfO8PssPwEsPfL-sOwE8sssOfwfs-fwE-Pwf--sPPw8-OfOfOjPPjLfs-s8jwEffjE-P-8sjLsOwL88w8hAXB%3Df(LshnEeDY%3DjfhFAYE%3Djs(-sh-eF4%3DjfffhBl*%3Dfh16D*.N%3Df(-PhbmM%3Df(fff%2Cfhn**D.Mb6%3DzFehnEeDI%3Djh16nEeDI%3Df(LPh..%3DUghFF%3DqihBlX%3DJjhFz%3Dfhbe.DI%3Dwf(jLhBbYD.be.DI%3DO(fPhbFA%3D8j(Owh!_%3DELPLhbmXe%3Df(fff%2CfhmIDBF%3DJEhoM.%3DjOhmIDFFm.%3DJEhFM%3DozX%20u1bmhI..DcZd%3DUg%2CUghbmXn%3Df(fff%2CfhI).l.E%3DjLwhI).l.j%3DjLwhl.Kz4%3Dfhl.l4%3DfhBbYDbeFDI%3DfhIln%3Df(-PhnF%3DPhBbYDbe.DbA%3DfhAYEbDI%3DL(fwhFIne%3Df(Ewwh.n%3DjhlMuezDln%3DjOh.zYYzbDM)6Dln%3D-Owss8LLsOh.BeeYuDM)6Dln%3DhnzMzFMznDM)6Dln%3DhAlzX)IlYlMu%3Df(Lshe1.%3Djh)FDMuez%3Djh)nIYm%3D-Owss8LLsOh)*e%3Djh16Iln%3Df(-PfhI4Yb%3Df(fjfh.Bln%3D!gaiaHxGxEP8SeZq!XFLlXE3YbqhnMF%3Dz).MD.Fhn**Dzbe*%3D4)Y.zhn**%3DzFehIneF)en%3Dfhn)Y6%3D.zbAzbDnz4)BYMh.6*M%3DY1o6DM)lYDN1*ze)6zDF)MFN)YYhlo.Y%3Djh.1Ie%3DhRln%3DgSQJeBIJE8LjP8jP8w-PEjOwhNM*Y%3DjhhlIF%3Djho.y%3DjOhM6.%3DEsfREsf%7C-ffREsf%7C-ffRwff%7C-ffRjfsf%7C-EfR8ff%7C-EfR8Pf%7C--wREPf%7C8j8RO-w%7C8PfR-Ef%7CsPfR8ff%7CO-wR8j8%7COsfREff%7COsfR-ff%7COwPRjfE8%7CL-fRjPf%7CLOfREsf%7CjfE8ROwPhI.I%3DfhI.e%3DfhM*R%3DE-f&oMA=f&***=BQ1.U4_Spam%3D&lX=f&lo_4b=j&Inb_n=8wf&*F4=P8-wE&un.eb=j&I)z=t8)6RzUpR%2F&m)Mebz=j&F)n1*)lo=MyKJNHFYJHJWiNU8EJBB4noskQNEl!fUwpn-Eu8_iF30kW3Dmu31y6%3D%3D&l.ln=s&)nA=_oAz.M1b%20G1FB.&e6ln=efjjfP8LELs-MEfE-fPEEjj-O&..Yn=%7B%22..le%22%3A%22E)fn%3Aswff%3AffE8%3Affff%3Affff%3Affff%3Affff%3Affff%22%2C%22..FF%22%3A%22qi%22%2C%22...F%22%3A%22Ux%22%2C%22..FMu%22%3A%22UzX%20x1bm%22%7D&NM*Y.bF=j&ure=1
Frame ID: 9C0FEEB6E99C52CB50595EAEFA86045D
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUU9JF8H&prvid=99%2C77%2C20000%2C294%2C262%2C460%2C461%2C462%2C4%2C313%2C10000%2C459%2C229%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Frame ID: 043B454E8FE9FDB98C664C9B43515B8D
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 632C37699000C3B4F377FEE9A50F3E52
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Guía de Promociones - Aquí encontrarás consejos de finanzas, beneficios y aplicaciones que harán tu día a día más fácil

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

100
Requests

86 %
HTTPS

45 %
IPv6

21
Domains

33
Subdomains

23
IPs

3
Countries

1922 kB
Transfer

5335 kB
Size

33
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://themecentury.com/
Title: temasiglo

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 54

https://es.guiapromocoes.com.br/wp-includes/js/wp-emoji-release.min.js?ver=6.3 HTTP 301
https://guiapromocoes.com.br/wp-includes/js/wp-emoji-release.min.js?ver=6.3

Request Chain 63

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11035197406/?random=915086576&cv=11&fst=1692704273368&bg=ffffff&guid=ON&async=1&gtm=45be38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fes.guiapromocoes.com.br%2F&label=9UBbCJqc5YMYEN7__o0p&hn=www.googleadservices.com&frm=0&tiba=Gu%C3%ADa%20de%20Promociones%20-%20Aqu%C3%AD%20encontrar%C3%A1s%20consejos%20de%20finanzas%2C%20beneficios%20y%20aplicaciones%20que%20har%C3%A1n%20tu%20d%C3%ADa%20a%20d%C3%ADa%20m%C3%A1s%20f%C3%A1cil&value=0&currency_code=BRL&gtm_ee=1&auid=1333276320.1692704273&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=EZ7kZPjZJcOV_gTK-7DQDw&sscte=1&crd=CKG4sQI&pscrd=Ek9DaEVJOExtUnB3WVFydGJ3X2JtNzZZWEhBUkltQU9JbnlGVnhBRUxPMG9JUmU1MFdBWno1NDBqV3A1TE1SR213NkM2VjFwem9FRXhjYmVJGlpDaEVJOExtUnB3WVE2Zk9Ga3YyaDRkRFVBUkl1QU1WU0drdHJ2T2xOVGktajBDM2R5aFpwRjJDbzJpdUNZWjlWdUNJSDQwMXBZVmo0SWQ1ckx4aUR6QXQ5UlEiEwi4psHnlvCAAxXDip8KHco9DPo HTTP 302
https://www.google.com/pagead/1p-conversion/11035197406/?random=915086576&cv=11&fst=1692704273368&bg=ffffff&guid=ON&async=1&gtm=45be38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fes.guiapromocoes.com.br%2F&label=9UBbCJqc5YMYEN7__o0p&hn=www.googleadservices.com&frm=0&tiba=Gu%C3%ADa%20de%20Promociones%20-%20Aqu%C3%AD%20encontrar%C3%A1s%20consejos%20de%20finanzas%2C%20beneficios%20y%20aplicaciones%20que%20har%C3%A1n%20tu%20d%C3%ADa%20a%20d%C3%ADa%20m%C3%A1s%20f%C3%A1cil&value=0&currency_code=BRL&gtm_ee=1&auid=1333276320.1692704273&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CKG4sQI&pscrd=Ek9DaEVJOExtUnB3WVFydGJ3X2JtNzZZWEhBUkltQU9JbnlGVnhBRUxPMG9JUmU1MFdBWno1NDBqV3A1TE1SR213NkM2VjFwem9FRXhjYmVJGlpDaEVJOExtUnB3WVE2Zk9Ga3YyaDRkRFVBUkl1QU1WU0drdHJ2T2xOVGktajBDM2R5aFpwRjJDbzJpdUNZWjlWdUNJSDQwMXBZVmo0SWQ1ckx4aUR6QXQ5UlEiEwi4psHnlvCAAxXDip8KHco9DPo&is_vtc=1&ocp_id=EZ7kZPjZJcOV_gTK-7DQDw&cid=CAQSKQBpAlJWfwSNpKpW9EgLP6USC5iTVCuxgpuvyYwn2hJWNez6WxrZW138&random=1673520112

Request Chain 86

https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzM1NzA1ODc0MDgxMzI0NzAwMFYxMA%3D%3D&google_sc=1 HTTP 302
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEINw3EUEhff0MOQV6UzMPsU&google_cver=1

Request Chain 87

https://px.owneriq.net/ecmg?google_gid=CAESEHD9Dc9498mZNXxli_Tf1uk&google_cver=1&google_push=AXcoOmTM4GcFHpNT4f16XgHiLKZRcK9tpC5wFKSi5Z4LGP2-CUx34tzx05qiI_LnD1gnBS4O4JzpKyel1R0aYGOMzrNXAUQgqeY HTTP 302
https://px.owneriq.net/ecc?redir=https%3a%2f%2fcm.g.doubleclick.net%2fpixel%3fgoogle_nid%3downeriq1%26google_sc%26google_push%3dAXcoOmTM4GcFHpNT4f16XgHiLKZRcK9tpC5wFKSi5Z4LGP2-CUx34tzx05qiI_LnD1gnBS4O4JzpKyel1R0aYGOMzrNXAUQgqeY%26google_cver%3d1%26google_gid%3dCAESEHD9Dc9498mZNXxli_Tf1uk%26google_hm%3dUTc0NTk5MDY3NDIwMzUzODkzMDc%3d&uid=Q7459906742035389307&ref=%2Fecmg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmTM4GcFHpNT4f16XgHiLKZRcK9tpC5wFKSi5Z4LGP2-CUx34tzx05qiI_LnD1gnBS4O4JzpKyel1R0aYGOMzrNXAUQgqeY&google_cver=1&google_gid=CAESEHD9Dc9498mZNXxli_Tf1uk&google_hm=UTc0NTk5MDY3NDIwMzUzODkzMDc=

Request Chain 88

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEKx_83t-uPksIvCZbAVKwS4&google_cver=1&google_push=AXcoOmSNgvAxzhvIY5nusjImCuqGWXZK4CAuJo-xOG82fj1X4FMM9IhJErfHiHgKmUHgG85LkgiSTrgDMfxBbrqfhlcEqssq-g HTTP 302
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=274411a7d2d704e0&is_secure=true&networkId=14000&version=1&google_gid=CAESEKx_83t-uPksIvCZbAVKwS4&google_cver=1&google_push=AXcoOmSNgvAxzhvIY5nusjImCuqGWXZK4CAuJo-xOG82fj1X4FMM9IhJErfHiHgKmUHgG85LkgiSTrgDMfxBbrqfhlcEqssq-g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAB8h2xskXKJgNmSJtPAAAAAAA&expiration=1692790674&google_cver=1&is_secure=true&google_gid=CAESEKx_83t-uPksIvCZbAVKwS4&google_push=AXcoOmSNgvAxzhvIY5nusjImCuqGWXZK4CAuJo-xOG82fj1X4FMM9IhJErfHiHgKmUHgG85LkgiSTrgDMfxBbrqfhlcEqssq-g

Request Chain 89

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEMIuc0wtRwxXipIo3LLeuJ8&google_cver=1&google_push=AXcoOmSPtcM5YZVO2sqLZhtWZx4WkHKDmd3F9A9yLRk1Qh-s5iJdONaFPKHdLr5xxSbCysVpEaDRaYtA5c1dKA29KFljw590GRY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmSPtcM5YZVO2sqLZhtWZx4WkHKDmd3F9A9yLRk1Qh-s5iJdONaFPKHdLr5xxSbCysVpEaDRaYtA5c1dKA29KFljw590GRY

Request Chain 90

https://um.simpli.fi/gp_match?google_gid=CAESEHx0DUSUt8o7vCsINuED_Hc&google_cver=1&google_push=AXcoOmT8FCydNGntFwZXGMC5Qsvm9ZHeZzWjFlLFWkf3zmIqM_Z-KL-3_2aAv1B8bC-VM7l85bK8u0ToH28gxlf3IjNWWtneQYE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EBDEA98EFBB64421888CEA027FD09EBE&google_push=AXcoOmT8FCydNGntFwZXGMC5Qsvm9ZHeZzWjFlLFWkf3zmIqM_Z-KL-3_2aAv1B8bC-VM7l85bK8u0ToH28gxlf3IjNWWtneQYE

Request Chain 91

https://fksnk.com/cs/google?google_gid=CAESEJNHBK7CD64uJqRcva6Mfms&google_cver=1&google_push=AXcoOmTfh1lA6lwBO75rMC5POJP1Paz4Lz-lpILvbkt_vwlCYIvb-4fKcUF0gYglV0-KACK__1lM6As7fU8PRC1czMxHJKXq12I HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=ODU4MUNGOUMxQkFGQjFERg==

Request Chain 92

https://ads.yieldmo.com/exptsync?google_gid=CAESEIxkgTssvQThja0oForspFE&google_cver=1&google_push=AXcoOmTWhFH4jfhh__NQvyvg_j7-CM9rtPVGqFjoFlQC2doL24hQyuwoe8X_wQLWYArJhQvGoCztsHB7t8onOWKf-3r2gGWaDUA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmTWhFH4jfhh__NQvyvg_j7-CM9rtPVGqFjoFlQC2doL24hQyuwoe8X_wQLWYArJhQvGoCztsHB7t8onOWKf-3r2gGWaDUA&google_hm=M21TUG9ISGJiUEhJVElEMHlXdWQ=

Request Chain 93

https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEFJmQODmc46yAy7H32nL9M8&google_cver=1&google_push=AXcoOmSHtN3etDx9El9SapWQkwLgSTPChl9XGXVmO8TkLzS6IpHeTg9LH7PY9R-EF4mIEw05VSKln5FZudmzM_oBxT1oVKMMx87z HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=MTBlNzA3MjQtMzMxNy00ZDAwLWJjNzYtNzdjNzU1ZTAxMmRk&google_push=AXcoOmSHtN3etDx9El9SapWQkwLgSTPChl9XGXVmO8TkLzS6IpHeTg9LH7PY9R-EF4mIEw05VSKln5FZudmzM_oBxT1oVKMMx87z

100 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
es.guiapromocoes.com.br/ 94 KB
23 KB 1474ms
696ms Document
text/html 5.135.84.192
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://es.guiapromocoes.com.br/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.135.84.192 , France, ASN16276 (OVH, FR),
Reverse DNS: tdn-5-135-84-192.gtranslate.net
Software: gtranslate /
Resource Hash: c7146cb6d05184fb32bf2227267794b20ffb14ff81230ee1bbe81757b2a1806e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
cache-control: max-age=0
content-language: es
date: Tue, 22 Aug 2023 11:37:52 GMT
expires: Tue, 22 Aug 2023 11:37:52 GMT
last-modified: Tue, 22 Aug 2023 02:40:30 GMT
server: gtranslate
vary: Accept-Encoding,User-Agent
x-gt-cache-status: BYPASS
x-gt-delivered-by: GTranslate v8.2.4 in 7ms visit https://gtranslate.io
x-gt-server: vagh

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 393ms
47ms Script
text/javascript 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3312035738922216

Requested by

Host: es.guiapromocoes.com.br
URL: https://es.guiapromocoes.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

cafe /

Resource Hash

f56deb678b037a35b745067228951222edf8d07142b8c7b9d084b1c12e9325ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://es.guiapromocoes.com.br/
Origin: https://es.guiapromocoes.com.br
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 11:37:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50908
x-xss-protection: 0
server: cafe
etag: 14976847800829011020
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 22 Aug 2023 11:37:52 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 179 KB
65 KB 401ms
55ms Script
application/javascript 172.217.13.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-255372860-1

Requested by

Host: es.guiapromocoes.com.br
URL: https://es.guiapromocoes.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

4fb458a47de56cbb5a8fe40e7bea9da5a0e277007bdc7bdf8275ebccc3881164

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://es.guiapromocoes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 11:37:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66461
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 22 Aug 2023 11:37:52 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 260 KB
87 KB 64ms
59ms Script
application/javascript 172.217.13.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-09QK8DK4KL

Requested by

Host: es.guiapromocoes.com.br
URL: https://es.guiapromocoes.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

de1eb4abf13cc7038496f16b50ee1fea06506c9a9126bd4c663743d98dd6c82d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://es.guiapromocoes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 11:37:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88900
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 22 Aug 2023 11:37:52 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 256 KB
86 KB 82ms
77ms Script
application/javascript 172.217.13.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KK6NZ7SKWR

Requested by

Host: es.guiapromocoes.com.br
URL: https://es.guiapromocoes.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

91aa4418bf8f020caeb752d08a9b752e97dfd1a29918c1832072bbf9e74ed29b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://es.guiapromocoes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 11:37:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88081
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 22 Aug 2023 11:37:52 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 143 KB
55 KB 79ms
74ms Script
application/javascript 172.217.13.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11035197406

Requested by

Host: es.guiapromocoes.com.br
URL: https://es.guiapromocoes.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

49fe15f9514abc304c41840cb89b98ec424cbbb733ca1e7432ba1c8a5bad2267

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://es.guiapromocoes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 11:37:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55718
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 22 Aug 2023 11:37:52 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
853 B 381ms
35ms Stylesheet
text/css 172.217.13.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins&display=swap

Requested by

Host: es.guiapromocoes.com.br
URL: https://es.guiapromocoes.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f10.1e100.net

Software

ESF /

Resource Hash

e4240ee23e840bebe54c7c07512f10aee39ae8c0f3ddd6a692be08eb6a6875a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://es.guiapromocoes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 22 Aug 2023 11:37:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:16:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 22 Aug 2023 11:37:52 GMT

GET
H2 200 a49114acc2f8ad184bf04f1c746f86ca.css
guiapromocoes.com.br/wp-content/cache/min/1/ 240 KB
56 KB 395ms
77ms Stylesheet
text/css 192.185.223.224
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://guiapromocoes.com.br/wp-content/cache/min/1/a49114acc2f8ad184bf04f1c746f86ca.css
Requested by: Host: es.guiapromocoes.com.br
URL: https://es.guiapromocoes.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.223.224 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 192-185-223-224.unifiedlayer.com
Software: Apache /
Resource Hash: 3a96028b7a0904cbcea159628be9b82059fd6a3072cc5b0e9ed07837e4d162cb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://es.guiapromocoes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 11:37:52 GMT
content-encoding: gzip
last-modified: Tue, 22 Aug 2023 02:40:30 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=31536000, public
accept-ranges: bytes
expires: Wed, 21 Aug 2024 11:37:52 GMT

GET
H2 200 jquery.min.js Show response
guiapromocoes.com.br/wp-includes/js/jquery/ 85 KB
37 KB 374ms
56ms Script
application/javascript 192.185.223.224
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://guiapromocoes.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Requested by: Host: es.guiapromocoes.com.br
URL: https://es.guiapromocoes.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.223.224 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 192-185-223-224.unifiedlayer.com
Software: Apache /
Resource Hash: 5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Request headers

accept-language: en-US,en;q=0.9
Referer: https://es.guiapromocoes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 11:37:52 GMT
content-encoding: gzip
last-modified: Fri, 18 Aug 2023 02:14:59 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
accept-ranges: bytes
expires: Wed, 21 Aug 2024 11:37:52 GMT

GET
H2 200 jquery-migrate.min.js Show response
guiapromocoes.com.br/wp-includes/js/jquery/ 13 KB
5 KB 347ms
29ms Script
application/javascript 192.185.223.224
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://guiapromocoes.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: es.guiapromocoes.com.br
URL: https://es.guiapromocoes.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.223.224 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 192-185-223-224.unifiedlayer.com
Software: Apache /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: en-US,en;q=0.9
Referer: https://es.guiapromocoes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 11:37:52 GMT
content-encoding: gzip
last-modified: Fri, 18 Aug 2023 02:14:59 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 5422
expires: Wed, 21 Aug 2024 11:37:52 GMT

GET
H2 200 cookie-law-info-public.js Show response
guiapromocoes.com.br/wp-content/plugins/cookie-law-info/legacy/public/js/ 33 KB
11 KB 357ms
39ms Script
application/javascript 192.185.223.224
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://guiapromocoes.com.br/wp-content/plugins/cookie-law-info/legacy/public/js/cookie-law-info-public.js?ver=3.1.2
Requested by: Host: es.guiapromocoes.com.br
URL: https://es.guiapromocoes.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.223.224 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 192-185-223-224.unifiedlayer.com
Software: Apache /
Resource Hash: 6c52384c7b0641dd1ead85d079c22d39bcc6dc5f2537afb1e6396bb619771a3f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://es.guiapromocoes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 11:37:52 GMT
content-encoding: gzip
last-modified: Fri, 18 Aug 2023 02:15:14 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 10776
expires: Wed, 21 Aug 2024 11:37:52 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 97 KB
28 KB 273ms
67ms Script
text/javascript 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: es.guiapromocoes.com.br
URL: https://es.guiapromocoes.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b8a37fefb69257f95a1268933bfdcbe291d1c73f0e7f1811d145857b2dac249

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://es.guiapromocoes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 11:37:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28630
x-xss-protection: 0
server: cafe
etag: 230 / 19591 / m202308150101 / config-hash: 13318944492194595103
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 22 Aug 2023 11:37:53 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 179 KB
65 KB 62ms
57ms Script
application/javascript 172.217.13.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-181670863-2

Requested by

Host: es.guiapromocoes.com.br
URL: https://es.guiapromocoes.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

dd248a75bdc1f227d6d036eae86e819dd967b01640f4f7eb9c72cd51ef441fa7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://es.guiapromocoes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 11:37:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66468
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 22 Aug 2023 11:37:52 GMT

GET
H2 200 icon-loading-guia-promo-1.png
guiapromocoes.com.br/wp-content/uploads/2023/05/ 5 KB
5 KB 43ms
38ms Image
image/png 192.185.223.224
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://guiapromocoes.com.br/wp-content/uploads/2023/05/icon-loading-guia-promo-1.png
Requested by: Host: es.guiapromocoes.com.br
URL: https://es.guiapromocoes.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.223.224 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 192-185-223-224.unifiedlayer.com
Software: Apache /
Resource Hash: 3c22c36c57bd8240babc7ec06bf14ca6f6847464388be309eb46fb0ece0c3f40

Request headers

accept-language: en-US,en;q=0.9
Referer: https://es.guiapromocoes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 11:37:52 GMT
last-modified: Tue, 09 May 2023 20:49:57 GMT
server: Apache
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=10368000, public
accept-ranges: bytes
content-length: 4775
expires: Wed, 20 Dec 2023 11:37:52 GMT

GET
H2 200 cropped-LOGO-GUIA-PROMOCOES-203-%C3%97-40-px.png
guiapromocoes.com.br/wp-content/uploads/2022/12/ 6 KB
6 KB 54ms
50ms Image
image/png 192.185.223.224
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://guiapromocoes.com.br/wp-content/uploads/2022/12/cropped-LOGO-GUIA-PROMOCOES-203-%C3%97-40-px.png
Requested by: Host: es.guiapromocoes.com.br
URL: https://es.guiapromocoes.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.223.224 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 192-185-223-224.unifiedlayer.com
Software: Apache /
Resource Hash: 9e782a683dd821f655a52d6ef2b9332ec524026b7613079fc0d9aa8a66e6f02e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://es.guiapromocoes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 11:37:52 GMT
last-modified: Sat, 10 Dec 2022 01:27:52 GMT
server: Apache
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=10368000, public
accept-ranges: bytes
content-length: 5653
expires: Wed, 20 Dec 2023 11:37:52 GMT

GET
H2 200 WhatsApp-Image-2023-08-21-at-23.28.21.webp
guiapromocoes.com.br/wp-content/uploads/2023/08/ 33 KB
33 KB 373ms
56ms Image
image/webp 192.185.223.224
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://guiapromocoes.com.br/wp-content/uploads/2023/08/WhatsApp-Image-2023-08-21-at-23.28.21.webp
Requested by: Host: es.guiapromocoes.com.br
URL: https://es.guiapromocoes.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.223.224 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 192-185-223-224.unifiedlayer.com
Software: Apache /
Resource Hash: 5a9e08bd3fd1965617cd17ba6c346039b7a6c1949cf42779e859ed0008fc1ad3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://es.guiapromocoes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 11:37:52 GMT
last-modified: Tue, 22 Aug 2023 02:29:33 GMT
server: Apache
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 33380
expires: Wed, 20 Dec 2023 11:37:52 GMT

GET
H2 200 WhatsApp-Image-2023-08-21-at-23.34.29.webp
guiapromocoes.com.br/wp-content/uploads/2023/08/ 49 KB
49 KB 51ms
47ms Image
image/webp 192.185.223.224
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://guiapromocoes.com.br/wp-content/uploads/2023/08/WhatsApp-Image-2023-08-21-at-23.34.29.webp
Requested by: Host: es.guiapromocoes.com.br
URL: https://es.guiapromocoes.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.223.224 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 192-185-223-224.unifiedlayer.com
Software: Apache /
Resource Hash: 2e65c96ae7512cecb72524eaae3591afd195dbeb6b02696d8115ab604f438994

Request headers

accept-language: en-US,en;q=0.9
Referer: https://es.guiapromocoes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 11:37:52 GMT
last-modified: Tue, 22 Aug 2023 02:35:58 GMT
server: Apache
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 50432
expires: Wed, 20 Dec 2023 11:37:52 GMT

GET
H2 200 WhatsApp-Image-2023-08-14-at-22.09.16.webp
guiapromocoes.com.br/wp-content/uploads/2023/08/ 12 KB
12 KB 55ms
51ms Image
image/webp 192.185.223.224
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://guiapromocoes.com.br/wp-content/uploads/2023/08/WhatsApp-Image-2023-08-14-at-22.09.16.webp
Requested by: Host: es.guiapromocoes.com.br
URL: https://es.guiapromocoes.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.223.224 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 192-185-223-224.unifiedlayer.com
Software: Apache /
Resource Hash: e5fcbcc4e9a8888263e0b0e05ecb320be2a0aa2c6b937b457659b6b63588cda3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://es.guiapromocoes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 11:37:52 GMT
last-modified: Tue, 15 Aug 2023 01:11:23 GMT
server: Apache
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 12202
expires: Wed, 20 Dec 2023 11:37:52 GMT

GET
H2 409 index.js
guiapromocoes.com.br/wp-content/plugins/contact-form-7/includes/swv/js/ 0
0 176ms
176ms Script
text/html 192.185.223.224
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://guiapromocoes.com.br/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8
Requested by: Host: es.guiapromocoes.com.br
URL: https://es.guiapromocoes.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.223.224 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 192-185-223-224.unifiedlayer.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://es.guiapromocoes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H2 409 index.js
guiapromocoes.com.br/wp-content/plugins/contact-form-7/includes/js/ 0
0 150ms
145ms Script
text/html 192.185.223.224
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://guiapromocoes.com.br/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8
Requested by: Host: es.guiapromocoes.com.br
URL: https://es.guiapromocoes.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.223.224 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 192-185-223-224.unifiedlayer.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://es.guiapromocoes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H2 200 jquery.bxslider.min.js Show response
guiapromocoes.com.br/wp-content/themes/newspaper-lite/assets/lib/bxslider/ 23 KB
8 KB 48ms
41ms Script
application/javascript 192.185.223.224
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://guiapromocoes.com.br/wp-content/themes/newspaper-lite/assets/lib/bxslider/jquery.bxslider.min.js?ver=4.2.12
Requested by: Host: es.guiapromocoes.com.br
URL: https://es.guiapromocoes.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.223.224 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 192-185-223-224.unifiedlayer.com
Software: Apache /
Resource Hash: a8e3c1f378254611d83d27991dd0bd18c759d064fe52160f16043be1ec434cc5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://es.guiapromocoes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 11:37:52 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 00:52:56 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 7865
expires: Wed, 21 Aug 2024 11:37:52 GMT

GET
H2 200 custom-script.min.js Show response
guiapromocoes.com.br/wp-content/themes/newspaper-lite/assets/js/ 3 KB
1 KB 46ms
39ms Script
application/javascript 192.185.223.224
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://guiapromocoes.com.br/wp-content/themes/newspaper-lite/assets/js/custom-script.min.js?ver=1.0.7
Requested by: Host: es.guiapromocoes.com.br
URL: https://es.guiapromocoes.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.223.224 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 192-185-223-224.unifiedlayer.com
Software: Apache /
Resource Hash: abef1f4c53d4729d11bd3f7a6b9cb7321f88cb7c2006f4ca2ce8d23454332a46

Request headers

accept-language: en-US,en;q=0.9
Referer: https://es.guiapromocoes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 11:37:52 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 00:52:56 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 1237
expires: Wed, 21 Aug 2024 11:37:52 GMT

GET
H2 200 loftloader.min.js Show response
guiapromocoes.com.br/wp-content/plugins/loftloader/assets/js/ 522 B
359 B 45ms
39ms Script
application/javascript 192.185.223.224
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://guiapromocoes.com.br/wp-content/plugins/loftloader/assets/js/loftloader.min.js?ver=2022112601
Requested by: Host: es.guiapromocoes.com.br
URL: https://es.guiapromocoes.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.223.224 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 192-185-223-224.unifiedlayer.com
Software: Apache /
Resource Hash: 3cc6fc5270cfbd41ab6196ac372b893406236037932561644b4736a5f274f04a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://es.guiapromocoes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 11:37:52 GMT
content-encoding: gzip
last-modified: Tue, 09 May 2023 19:56:39 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 302
expires: Wed, 21 Aug 2024 11:37:52 GMT

GET
H2 200 kvp.js Show response
script.joinads.me/ 644 B
923 B 217ms
10ms Script
application/javascript 2606:4700:3032::6815:d13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.joinads.me/kvp.js
Requested by: Host: es.guiapromocoes.com.br
URL: https://es.guiapromocoes.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:d13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f65dc0067c4310138c0b145662a08ce48630433e9a2cd404cfb244d0ac30642f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://es.guiapromocoes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 11:37:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 432580
cf-polished: origSize=645
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 27 Jul 2022 20:41:24 GMT
server: cloudflare
etag: W/"62e1a2f4-285"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VSGXiKA6lJ7ccoXhO9LZlrqhh32IporQg6suo3uA1CxDCx2Jc6%2BSP8KuAGL%2FD90iZm3yLLi5UGnLIhYUspjMdUqPYB8hs0fs69YNi1vtZXrLCbVJDLx2S8gF%2BVaCT3o2L8DYnxqqW5%2BJTXHXRsLkdA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31104000
cf-ray: 7faad38aff06c32b-EWR
expires: Sun, 11 Aug 2024 11:28:13 GMT

GET
H2 200 lazyload.min.js Show response
guiapromocoes.com.br/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/ 8 KB
3 KB 54ms
50ms Script
application/javascript 192.185.223.224
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://guiapromocoes.com.br/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js
Requested by: Host: es.guiapromocoes.com.br
URL: https://es.guiapromocoes.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.223.224 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 192-185-223-224.unifiedlayer.com
Software: Apache /
Resource Hash: 8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://es.guiapromocoes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 11:37:52 GMT
content-encoding: gzip
last-modified: Sat, 08 Jan 2022 21:30:34 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 3270
expires: Wed, 21 Aug 2024 11:37:52 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 173 KB
47 KB 197ms
6ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: es.guiapromocoes.com.br
URL: https://es.guiapromocoes.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ec140ae8baa4b61226d96beba9277a0072e45b805004b8ea983c5d43402aeb66

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://es.guiapromocoes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 22 Aug 2023 11:37:53 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 47412
x-xss-protection: 0
pragma: public
x-fb-debug: xC4zMlQ2Oo/1FuITaYivUeoHO71EskBgIDAYqNnLEyBphS+L9Hop/Mp05DDzvv/Ekgh96uv8VmjAJEontW5nlQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/ 392 KB
132 KB 94ms
64ms Script
text/javascript 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3312035738922216

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fa86459105bc6909e39f993298cdd45734f2b35c92798dd700e9e454c9b8067a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://es.guiapromocoes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 11:37:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134777
x-xss-protection: 0
server: cafe
etag: 10067749343082715212
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Aug 2023 11:37:52 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230817/r20190131/ Frame BA94 10 KB
5 KB 243ms
20ms Document
text/html 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230817/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3312035738922216

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://es.guiapromocoes.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 48578
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4542
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 21 Aug 2023 22:08:15 GMT
etag: 13776922816869014096
expires: Mon, 04 Sep 2023 22:08:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
BLOB 200
OK 1e43aa38-6d27-42cc-9b4e-73899c41a9d0
https://es.guiapromocoes.com.br/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://es.guiapromocoes.com.br/1e43aa38-6d27-42cc-9b4e-73899c41a9d0
Requested by: Host: es.guiapromocoes.com.br
URL: https://es.guiapromocoes.com.br/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 219 KB
77 KB 67ms
66ms Script
application/javascript 2607:f8b0:4020:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-27GP0244L6&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-255372860-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:806::2008 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

185f021225b68b0daabbb5ae653e5ea0736007b1022cb7c43f625d23ca41feb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://es.guiapromocoes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 11:37:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79243
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 22 Aug 2023 11:37:52 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 180ms
5ms Script
text/javascript 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-255372860-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://es.guiapromocoes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 22 Aug 2023 10:27:56 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4197
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 22 Aug 2023 12:27:56 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 260 KB
87 KB 50ms
50ms Script
application/javascript 2607:f8b0:4020:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-09QK8DK4KL&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-255372860-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:806::2008 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bdfe34a674ecca3d92e0574c7a4da4d37b2097e11129ced613464cb00e07e721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://es.guiapromocoes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 11:37:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88858
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 22 Aug 2023 11:37:52 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 252 KB
85 KB 54ms
54ms Script
application/javascript 2607:f8b0:4020:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KK6NZ7SKWR&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-255372860-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:806::2008 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2f43753c21b3ae829746f0aa0ea0b5bd19a181fbea1d74bfd559ebc0419aa322

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://es.guiapromocoes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 11:37:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87155
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 22 Aug 2023 11:37:52 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 143 KB
55 KB 75ms
74ms Script
application/javascript 2607:f8b0:4020:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11035197406&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-255372860-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:806::2008 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8743a0ec6f2d91fb0d1f5d6ea5a4a2d12ae47aff206802deaa6a19835c57bde0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://es.guiapromocoes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 11:37:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55789
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 22 Aug 2023 11:37:52 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 179 KB
65 KB 68ms
68ms Script
application/javascript 2607:f8b0:4020:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-181670863-2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-255372860-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:806::2008 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

501ad83567ab2e8f11c38aa489ee3d6274a03a2621fb91cc8d2aed98b471f8a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://es.guiapromocoes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 11:37:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66476
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 22 Aug 2023 11:37:52 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 185ms
18ms Font
font/woff2 2607:f8b0:4020:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://es.guiapromocoes.com.br
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 01:19:59 GMT
x-content-type-options: nosniff
age: 296274
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 18 Aug 2024 01:19:59 GMT

GET fontawesome-webfont.woff2
guiapromocoes.com.br/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/ 0
0

GET
H2 200 WhatsApp-Image-2023-08-09-at-23.06.02.webp
guiapromocoes.com.br/wp-content/uploads/2023/08/ 22 KB
22 KB 38ms
31ms Image
image/webp 192.185.223.224
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://guiapromocoes.com.br/wp-content/uploads/2023/08/WhatsApp-Image-2023-08-09-at-23.06.02.webp
Requested by: Host: es.guiapromocoes.com.br
URL: https://es.guiapromocoes.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.223.224 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 192-185-223-224.unifiedlayer.com
Software: Apache /
Resource Hash: f2e28e4ecf573eda3fe231998f565a19621071b0aadd4de0b694218e2b145d6a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://es.guiapromocoes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 11:37:52 GMT
last-modified: Thu, 10 Aug 2023 02:08:28 GMT
server: Apache
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 22582
expires: Wed, 20 Dec 2023 11:37:52 GMT

GET
H2 200 WhatsApp-Image-2023-08-08-at-21.26.30.webp
guiapromocoes.com.br/wp-content/uploads/2023/08/ 47 KB
47 KB 40ms
33ms Image
image/webp 192.185.223.224
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://guiapromocoes.com.br/wp-content/uploads/2023/08/WhatsApp-Image-2023-08-08-at-21.26.30.webp
Requested by: Host: es.guiapromocoes.com.br
URL: https://es.guiapromocoes.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.223.224 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 192-185-223-224.unifiedlayer.com
Software: Apache /
Resource Hash: 638b91bd86a96e20c60987fa9c0a58cc19edac9b8c130854915e1aff7b29cfb6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://es.guiapromocoes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 11:37:52 GMT
last-modified: Wed, 09 Aug 2023 00:27:36 GMT
server: Apache
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 47852
expires: Wed, 20 Dec 2023 11:37:52 GMT

GET
H2 200 WhatsApp-Image-2023-08-08-at-20.35.31.webp
guiapromocoes.com.br/wp-content/uploads/2023/08/ 12 KB
12 KB 38ms
32ms Image
image/webp 192.185.223.224
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://guiapromocoes.com.br/wp-content/uploads/2023/08/WhatsApp-Image-2023-08-08-at-20.35.31.webp
Requested by: Host: es.guiapromocoes.com.br
URL: https://es.guiapromocoes.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.223.224 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 192-185-223-224.unifiedlayer.com
Software: Apache /
Resource Hash: ee839ae7a428045ebb553c9f9d5cc4cb43070642e19e0665027ee5ba2f864fba

Request headers

accept-language: en-US,en;q=0.9
Referer: https://es.guiapromocoes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 11:37:52 GMT
last-modified: Tue, 08 Aug 2023 23:36:48 GMT
server: Apache
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 12366
expires: Wed, 20 Dec 2023 11:37:52 GMT

GET fontawesome-webfont.woff
guiapromocoes.com.br/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/ 0
0

GET fontawesome-webfont.ttf
guiapromocoes.com.br/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/ 0
0

GET
H2 200 2044605325729011 Show response
connect.facebook.net/signals/config/ 306 KB
87 KB 65ms
64ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2044605325729011?v=2.9.124&r=stable&domain=es.guiapromocoes.com.br

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

782c23b8974a129ccdbaebfba8fbc43622148e09415625293412e05cbf83541e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://es.guiapromocoes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 22 Aug 2023 11:37:53 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: Q+387kPAURyW1bBvY7HAHkWu7Zm8/RXl6SnoGxk+AtoQvh/t+W++1xq2YqfDlhaZPcRdw7FDaAVMNQScGMVw6Q==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
167 B 19ms
18ms Ping
text/plain 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-27GP0244L6&gtm=45je38l0&_p=506192394&cid=112353596.1692704273&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1692704273&sct=1&seg=0&dl=https%3A%2F%2Fes.guiapromocoes.com.br%2F&dt=Gu%C3%ADa%20de%20Promociones%20-%20Aqu%C3%AD%20encontrar%C3%A1s%20consejos%20de%20finanzas%2C%20beneficios%20y%20aplicaciones%20que%20har%C3%A1n%20tu%20d%C3%ADa%20a%20d%C3%ADa%20m%C3%A1s%20f%C3%A1cil&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-27GP0244L6&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://es.guiapromocoes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 11:37:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://es.guiapromocoes.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11035197406/ 2 KB
2 KB 49ms
49ms Script
text/javascript 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11035197406/?random=1692704273356&cv=11&fst=1692704273356&bg=ffffff&guid=ON&async=1&gtm=45be38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fes.guiapromocoes.com.br%2F&hn=www.googleadservices.com&frm=0&tiba=Gu%C3%ADa%20de%20Promociones%20-%20Aqu%C3%AD%20encontrar%C3%A1s%20consejos%20de%20finanzas%2C%20beneficios%20y%20aplicaciones%20que%20har%C3%A1n%20tu%20d%C3%ADa%20a%20d%C3%ADa%20m%C3%A1s%20f%C3%A1cil&auid=1333276320.1692704273&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11035197406

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

07d393b34f2235f8e60786f2b533403510bf234f7cb503fe6dad3062d4754864

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://es.guiapromocoes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 11:37:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1396
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/11035197406/ 3 KB
2 KB 267ms
42ms Script
text/javascript 172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/11035197406/?random=1692704273368&cv=11&fst=1692704273368&bg=ffffff&guid=ON&async=1&gtm=45be38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fes.guiapromocoes.com.br%2F&label=9UBbCJqc5YMYEN7__o0p&hn=www.googleadservices.com&frm=0&tiba=Gu%C3%ADa%20de%20Promociones%20-%20Aqu%C3%AD%20encontrar%C3%A1s%20consejos%20de%20finanzas%2C%20beneficios%20y%20aplicaciones%20que%20har%C3%A1n%20tu%20d%C3%ADa%20a%20d%C3%ADa%20m%C3%A1s%20f%C3%A1cil&value=0&currency_code=BRL&gtm_ee=1&auid=1333276320.1692704273&uamb=0&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11035197406

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

cafe /

Resource Hash

9fe767cfce3150cc4e5d32f94a50dc7d91bf0ed072fc76f98c991b9d660073fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://es.guiapromocoes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 11:37:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1676
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 407 B
427 B 34ms
33ms Script
text/javascript 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=es.guiapromocoes.com.br&callback=_gfp_s_&client=ca-pub-3312035738922216

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cdff775d87fedddc0313f7d6b54d6a4de5ee2d943d28ff1b2b065600dd9238f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://es.guiapromocoes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 11:37:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 259
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2AFB 0
20 B 121ms
108ms Document
text/html 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3312035738922216&output=html&adk=1812271804&adf=3025194257&lmt=1692708030&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fes.guiapromocoes.com.br%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692704272862&bpp=47&bdt=455&idt=514&shv=r20230817&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3569424809614&frm=20&pv=2&ga_vid=112353596.1692704273&ga_sid=1692704273&ga_hid=506192394&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076838%2C31077093%2C31077148%2C44795921%2C44796700&oid=2&pvsid=2388198473359643&tmod=1555107617&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=543

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://es.guiapromocoes.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 22 Aug 2023 11:37:53 GMT
expires: Tue, 22 Aug 2023 11:37:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
41ms Image
image/gif 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=loader-section%20section-fade&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: es.guiapromocoes.com.br
URL: https://es.guiapromocoes.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://es.guiapromocoes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 11:37:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
41ms Image
image/gif 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=loader-section%20section-fade&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: es.guiapromocoes.com.br
URL: https://es.guiapromocoes.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://es.guiapromocoes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 11:37:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 19ms
19ms XHR
text/plain 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=506192394&t=pageview&_s=1&dl=https%3A%2F%2Fes.guiapromocoes.com.br%2F&ul=en-us&de=UTF-8&dt=Gu%C3%ADa%20de%20Promociones%20-%20Aqu%C3%AD%20encontrar%C3%A1s%20consejos%20de%20finanzas%2C%20beneficios%20y%20aplicaciones%20que%20har%C3%A1n%20tu%20d%C3%ADa%20a%20d%C3%ADa%20m%C3%A1s%20f%C3%A1cil&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1950869211&gjid=450762723&cid=112353596.1692704273&tid=UA-255372860-1&_gid=294392680.1692704273&_r=1&gtm=457e38l0&jsscut=1&z=1267017380

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://es.guiapromocoes.com.br/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 11:37:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://es.guiapromocoes.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 41ms
41ms Ping
text/plain 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-09QK8DK4KL&gtm=45je38l0&_p=506192394&cid=112353596.1692704273&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1692704273&sct=1&seg=0&dl=https%3A%2F%2Fes.guiapromocoes.com.br%2F&dt=Gu%C3%ADa%20de%20Promociones%20-%20Aqu%C3%AD%20encontrar%C3%A1s%20consejos%20de%20finanzas%2C%20beneficios%20y%20aplicaciones%20que%20har%C3%A1n%20tu%20d%C3%ADa%20a%20d%C3%ADa%20m%C3%A1s%20f%C3%A1cil&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-09QK8DK4KL
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://es.guiapromocoes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 11:37:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://es.guiapromocoes.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 34ms
34ms Ping
text/plain 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-KK6NZ7SKWR&gtm=45je38l0&_p=506192394&cid=112353596.1692704273&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1692704273&sct=1&seg=0&dl=https%3A%2F%2Fes.guiapromocoes.com.br%2F&dt=Gu%C3%ADa%20de%20Promociones%20-%20Aqu%C3%AD%20encontrar%C3%A1s%20consejos%20de%20finanzas%2C%20beneficios%20y%20aplicaciones%20que%20har%C3%A1n%20tu%20d%C3%ADa%20a%20d%C3%ADa%20m%C3%A1s%20f%C3%A1cil&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KK6NZ7SKWR
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://es.guiapromocoes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 11:37:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://es.guiapromocoes.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 216 KB
77 KB 46ms
46ms Script
application/javascript 2607:f8b0:4020:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KQ50CSGZB5&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-181670863-2

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:806::2008 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

57074e0e1615abba4cb91dffe4974eca71b4285987c1fbe5aba45c9243e7b8f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://es.guiapromocoes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 11:37:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78753
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 22 Aug 2023 11:37:53 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 21ms
21ms XHR
text/plain 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=506192394&t=pageview&_s=1&dl=https%3A%2F%2Fes.guiapromocoes.com.br%2F&ul=en-us&de=UTF-8&dt=Gu%C3%ADa%20de%20Promociones%20-%20Aqu%C3%AD%20encontrar%C3%A1s%20consejos%20de%20finanzas%2C%20beneficios%20y%20aplicaciones%20que%20har%C3%A1n%20tu%20d%C3%ADa%20a%20d%C3%ADa%20m%C3%A1s%20f%C3%A1cil&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAUABAAAAACAAI~&jid=290858080&gjid=1255992006&cid=112353596.1692704273&tid=UA-181670863-2&_gid=294392680.1692704273&_r=1&gtm=457e38l0&jsscut=1&z=1579834518

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://es.guiapromocoes.com.br/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 11:37:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://es.guiapromocoes.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

wp-emoji-release.min.js Show response
guiapromocoes.com.br/wp-includes/js/
Redirect Chain

https://es.guiapromocoes.com.br/wp-includes/js/wp-emoji-release.min.js?ver=6.3
https://guiapromocoes.com.br/wp-includes/js/wp-emoji-release.min.js?ver=6.3

18 KB
5 KB

35ms
34ms

Script
application/javascript

192.185.223.224
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://guiapromocoes.com.br/wp-includes/js/wp-emoji-release.min.js?ver=6.3
Requested by: Host: es.guiapromocoes.com.br
URL: https://es.guiapromocoes.com.br/
Protocol: H2
Server: 192.185.223.224 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 192-185-223-224.unifiedlayer.com
Software: Apache /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: en-US,en;q=0.9
Referer: https://es.guiapromocoes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 11:37:53 GMT
content-encoding: gzip
last-modified: Thu, 06 Apr 2023 21:07:55 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 5344
expires: Wed, 21 Aug 2024 11:37:53 GMT

Redirect headers

x-gt-redirect-reason: request is a static file
Location: https://guiapromocoes.com.br/wp-includes/js/wp-emoji-release.min.js?ver=6.3
Date: Tue, 22 Aug 2023 11:37:53 GMT
Server: gtranslate
Connection: keep-alive
Content-Length: 166
Content-Type: text/html

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/ 402 KB
127 KB 16ms
16ms Script
text/javascript 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6eda84e469463424ebf458949c409a82ee31d042cf3c8e84978658832f634c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://es.guiapromocoes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 22:01:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49001
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129634
x-xss-protection: 0
server: cafe
etag: 8962464231799197432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 20 Aug 2024 22:01:12 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 69ms
3ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2044605325729011&ev=PageView&dl=https%3A%2F%2Fes.guiapromocoes.com.br%2F&rl=&if=false&ts=1692704273536&sw=1600&sh=1200&v=2.9.124&r=stable&ec=0&o=30&fbp=fb.2.1692704273534.2127208513&it=1692704273240&coo=false&rqm=GET

Requested by

Host: es.guiapromocoes.com.br
URL: https://es.guiapromocoes.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://es.guiapromocoes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 22 Aug 2023 11:37:53 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/11035197406/ 42 B
455 B 107ms
42ms Image
image/gif 2607:f8b0:4020:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11035197406/?random=1692704273356&cv=11&fst=1692702000000&bg=ffffff&guid=ON&async=1&gtm=45be38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fes.guiapromocoes.com.br%2F&frm=0&tiba=Gu%C3%ADa%20de%20Promociones%20-%20Aqu%C3%AD%20encontrar%C3%A1s%20consejos%20de%20finanzas%2C%20beneficios%20y%20aplicaciones%20que%20har%C3%A1n%20tu%20d%C3%ADa%20a%20d%C3%ADa%20m%C3%A1s%20f%C3%A1cil&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=384638846&rmt_tld=0&ipr=y

Requested by

Host: es.guiapromocoes.com.br
URL: https://es.guiapromocoes.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://es.guiapromocoes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 11:37:53 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
351 B 46ms
21ms XHR
text/plain 2607:f8b0:4004:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-181670863-2&cid=112353596.1692704273&jid=290858080&gjid=1255992006&_gid=294392680.1692704273&_u=aADAAUABAAAAACAAI~&z=1147020351

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://es.guiapromocoes.com.br/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 22 Aug 2023 11:37:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://es.guiapromocoes.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 17ms
17ms Ping
text/plain 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-KQ50CSGZB5&gtm=45je38l0&_p=506192394&cid=112353596.1692704273&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1692704273&sct=1&seg=0&dl=https%3A%2F%2Fes.guiapromocoes.com.br%2F&dt=Gu%C3%ADa%20de%20Promociones%20-%20Aqu%C3%AD%20encontrar%C3%A1s%20consejos%20de%20finanzas%2C%20beneficios%20y%20aplicaciones%20que%20har%C3%A1n%20tu%20d%C3%ADa%20a%20d%C3%ADa%20m%C3%A1s%20f%C3%A1cil&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KQ50CSGZB5&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://es.guiapromocoes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 11:37:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://es.guiapromocoes.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 77 KB
24 KB 291ms
290ms XHR
text/plain 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2388198473359643&correlator=2443037131356669&eid=44799390&output=ldjh&gdfp_req=1&vrg=202308150101&ptt=17&impl=fif&iu_parts=22955840735%2Cguiapromocoes.com.br%2CGuiapromocoes_Interstitial&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&ists=1&fas=8&sc=1&cookie=ID%3D7adfc01977acb278-2217ab80afe300ef%3AT%3D1692704273%3ART%3D1692704273%3AS%3DALNI_MbcNWwCrtmiRawBhGlUN1zr_ZSzsA&gpic=UID%3D00000d8d0d188c8e%3AT%3D1692704273%3ART%3D1692704273%3AS%3DALNI_Mb_LxLRBP7p_gBF6EfY-5queTm_Qw&abxe=1&dt=1692704273691&lmt=1692708030&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fes.guiapromocoes.com.br%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=112353596.1692704273&ga_sid=1692704273&ga_hid=506192394&ga_fc=true&dlt=1692704272407&idt=1249&cust_params=id_post_wp%3D2210&adks=3765549957&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7058a9f8fbf0a4463b3df750715d7d5600d34b902703d0998628eb2d454bf437

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://es.guiapromocoes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 11:37:53 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24425
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://es.guiapromocoes.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
cf70477cd02bd3043219fac404e63de7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 313A 6 KB
3 KB 112ms
35ms Document
text/html 2607:f8b0:4020:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cf70477cd02bd3043219fac404e63de7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://es.guiapromocoes.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 22 Aug 2023 11:37:53 GMT
expires: Wed, 21 Aug 2024 11:37:53 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/ 37 KB
13 KB 14ms
12ms Script
text/javascript 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75cabc24bf21015cd44fc8329fd6070558e9503cf50eadfa65b8d20504bb803f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://es.guiapromocoes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 11:58:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85148
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13169
x-xss-protection: 0
server: cafe
etag: 9395162698141603618
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 20 Aug 2024 11:58:45 GMT

GET
H2

200

/
www.google.com/pagead/1p-conversion/11035197406/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11035197406/?random=915086576&cv=11&fst=1692704273368&bg=ffffff&guid=ON&async=1&gtm=45be38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fes....
https://www.google.com/pagead/1p-conversion/11035197406/?random=915086576&cv=11&fst=1692704273368&bg=ffffff&guid=ON&async=1&gtm=45be38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fes.guiapromocoes.com.br%...

42 B
108 B

42ms
42ms

Image
image/gif

2607:f8b0:4020:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-conversion/11035197406/?random=915086576&cv=11&fst=1692704273368&bg=ffffff&guid=ON&async=1&gtm=45be38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fes.guiapromocoes.com.br%2F&label=9UBbCJqc5YMYEN7__o0p&hn=www.googleadservices.com&frm=0&tiba=Gu%C3%ADa%20de%20Promociones%20-%20Aqu%C3%AD%20encontrar%C3%A1s%20consejos%20de%20finanzas%2C%20beneficios%20y%20aplicaciones%20que%20har%C3%A1n%20tu%20d%C3%ADa%20a%20d%C3%ADa%20m%C3%A1s%20f%C3%A1cil&value=0&currency_code=BRL&gtm_ee=1&auid=1333276320.1692704273&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CKG4sQI&pscrd=Ek9DaEVJOExtUnB3WVFydGJ3X2JtNzZZWEhBUkltQU9JbnlGVnhBRUxPMG9JUmU1MFdBWno1NDBqV3A1TE1SR213NkM2VjFwem9FRXhjYmVJGlpDaEVJOExtUnB3WVE2Zk9Ga3YyaDRkRFVBUkl1QU1WU0drdHJ2T2xOVGktajBDM2R5aFpwRjJDbzJpdUNZWjlWdUNJSDQwMXBZVmo0SWQ1ckx4aUR6QXQ5UlEiEwi4psHnlvCAAxXDip8KHco9DPo&is_vtc=1&ocp_id=EZ7kZPjZJcOV_gTK-7DQDw&cid=CAQSKQBpAlJWfwSNpKpW9EgLP6USC5iTVCuxgpuvyYwn2hJWNez6WxrZW138&random=1673520112

Requested by

Host: es.guiapromocoes.com.br
URL: https://es.guiapromocoes.com.br/

Protocol

Server

2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://es.guiapromocoes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 11:37:53 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 22 Aug 2023 11:37:53 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://www.google.com/pagead/1p-conversion/11035197406/?random=915086576&cv=11&fst=1692704273368&bg=ffffff&guid=ON&async=1&gtm=45be38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fes.guiapromocoes.com.br%2F&label=9UBbCJqc5YMYEN7__o0p&hn=www.googleadservices.com&frm=0&tiba=Gu%C3%ADa%20de%20Promociones%20-%20Aqu%C3%AD%20encontrar%C3%A1s%20consejos%20de%20finanzas%2C%20beneficios%20y%20aplicaciones%20que%20har%C3%A1n%20tu%20d%C3%ADa%20a%20d%C3%ADa%20m%C3%A1s%20f%C3%A1cil&value=0&currency_code=BRL&gtm_ee=1&auid=1333276320.1692704273&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CKG4sQI&pscrd=Ek9DaEVJOExtUnB3WVFydGJ3X2JtNzZZWEhBUkltQU9JbnlGVnhBRUxPMG9JUmU1MFdBWno1NDBqV3A1TE1SR213NkM2VjFwem9FRXhjYmVJGlpDaEVJOExtUnB3WVE2Zk9Ga3YyaDRkRFVBUkl1QU1WU0drdHJ2T2xOVGktajBDM2R5aFpwRjJDbzJpdUNZWjlWdUNJSDQwMXBZVmo0SWQ1ckx4aUR6QXQ5UlEiEwi4psHnlvCAAxXDip8KHco9DPo&is_vtc=1&ocp_id=EZ7kZPjZJcOV_gTK-7DQDw&cid=CAQSKQBpAlJWfwSNpKpW9EgLP6USC5iTVCuxgpuvyYwn2hJWNez6WxrZW138&random=1673520112
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 59ms
58ms XHR
application/json 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230817&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

cafe /

Resource Hash

404ec0576998dec8a03befc13218a331eb6947da89079c61e92dd15f6345a072

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://es.guiapromocoes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 11:37:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11830
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 492ms
73ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://es.guiapromocoes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 11:37:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 22 Aug 2023 11:37:54 GMT

GET
H2 200 container.html Show response
cf70477cd02bd3043219fac404e63de7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E21A 6 KB
3 KB 18ms
9ms Document
text/html 2607:f8b0:4020:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cf70477cd02bd3043219fac404e63de7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://es.guiapromocoes.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 22 Aug 2023 11:37:53 GMT
expires: Wed, 21 Aug 2024 11:37:53 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 / Show response
www.facebook.com/tr/ Frame 25DA 0
77 B 4ms
3ms Document
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://es.guiapromocoes.com.br
Referer: https://es.guiapromocoes.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://es.guiapromocoes.com.br
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Tue, 22 Aug 2023 11:37:54 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 css2
fonts.googleapis.com/ Frame E21A 4 KB
767 B 41ms
39ms Stylesheet
text/css 172.217.13.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: cf70477cd02bd3043219fac404e63de7.safeframe.googlesyndication.com
URL: https://cf70477cd02bd3043219fac404e63de7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f10.1e100.net

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cf70477cd02bd3043219fac404e63de7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 22 Aug 2023 11:37:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 09:38:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 22 Aug 2023 11:37:54 GMT

GET
H2 200 nmedianet.js Show response
contextual.media.net/ Frame 4799 95 KB
36 KB 71ms
23ms Script
text/javascript 104.126.112.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/nmedianet.js?cid=8CU7Q771E&ydspr=1

Requested by

Host: es.guiapromocoes.com.br
URL: https://es.guiapromocoes.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-126-112-26.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ea5bd8cbe2932aec2793001d8850c235580ca8be923a0076af90b4ed5aa8e72c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cf70477cd02bd3043219fac404e63de7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-mnt-h: 22-wx9p
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Tue, 22 Aug 2023 11:37:54 GMT
server: Apache
etag: "1759b68f1a6bff07db65dcb5920ba60c"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
x-mnt-w: 22-4sb8
timing-allow-origin: *
content-length: 36931
expires: Tue, 22 Aug 2023 11:42:54 GMT

GET
H2 200 release-20230329-99-adperformance.js Show response
warp.media.net/rtb/resources/ Frame 4799 71 KB
25 KB 104ms
15ms Script
application/javascript 23.52.158.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://warp.media.net/rtb/resources/release-20230329-99-adperformance.js

Requested by

Host: es.guiapromocoes.com.br
URL: https://es.guiapromocoes.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.158.180 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-158-180.deploy.static.akamaitechnologies.com

Software

UploadServer /

Resource Hash

529040ffb31edc3b458168066d513769520e983e2cc9ffb8d6c9ea0d98c57a11

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cf70477cd02bd3043219fac404e63de7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
date: Tue, 22 Aug 2023 11:37:54 GMT
x-guploader-uploadid: ADPycdvIA07uolGXKB2ssiwsyDgqMV4zKQeEzrGWzE-0qe0mB_SYBHuFlR0hWZLANlGZBaEyJeskGsWCcGiO_fk5GCOg0Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 25080
server: UploadServer
etag: "821663833b8f83b3092ebbca9ed4a6f2"
vary: Accept-Encoding
x-goog-hash: md5=ghZjgzuPg7MJLrvKntSm8g==, crc32c=XNaW9A==
content-type: application/javascript
x-goog-generation: 1680095338448196
cache-control: max-age=3600
x-goog-stored-content-length: 73074
expires: Tue, 22 Aug 2023 12:37:54 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame 4799 3 KB
1 KB 14ms
12ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/window_focus_fy2021.js

Requested by

Host: es.guiapromocoes.com.br
URL: https://es.guiapromocoes.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cf70477cd02bd3043219fac404e63de7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 16:50:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67661
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 16:50:13 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame 4799 20 KB
8 KB 19ms
17ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: es.guiapromocoes.com.br
URL: https://es.guiapromocoes.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cf70477cd02bd3043219fac404e63de7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 16:50:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67661
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 16:50:13 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 4799 0
0 42ms
40ms Image
text/html 2607:f8b0:4020:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRxrE0WWX92gThmfor2SpaIJHXJ6RRkN5yBKUccsZiSg7b8IFxJOJZrsrTs9XaKgCl8W0ARQwjq66dXsiXIPIqiZQP86g
Requested by: Host: es.guiapromocoes.com.br
URL: https://es.guiapromocoes.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cf70477cd02bd3043219fac404e63de7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 4799 24 KB
7 KB 20ms
18ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: es.guiapromocoes.com.br
URL: https://es.guiapromocoes.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cf70477cd02bd3043219fac404e63de7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 01:14:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 296602
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 18 Aug 2024 01:14:32 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4799 181 KB
57 KB 106ms
59ms Script
text/javascript 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: es.guiapromocoes.com.br
URL: https://es.guiapromocoes.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cf70477cd02bd3043219fac404e63de7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 11:37:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57781
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692618714633496"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Aug 2023 11:37:54 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/elements/html/ Frame E21A 20 KB
8 KB 14ms
13ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: cf70477cd02bd3043219fac404e63de7.safeframe.googlesyndication.com
URL: https://cf70477cd02bd3043219fac404e63de7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4539a37b37acaf787b3ccd0bb1e9a3372c9150aff547eeddd0296ad2a6d664f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cf70477cd02bd3043219fac404e63de7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 17:04:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66816
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8570
x-xss-protection: 0
server: cafe
etag: 11167480076894372452
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 17:04:18 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7526 13 KB
5 KB 17ms
12ms Document
text/html 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://es.guiapromocoes.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 321112
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 18 Aug 2023 18:26:02 GMT
expires: Sat, 17 Aug 2024 18:26:02 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 35FD 829 B
559 B 46ms
43ms Document
text/html 2607:f8b0:4020:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

46fa02ba0596d6bf560508d08c7a36d681fd52138b0126bbb3530e01d8a02a13

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xI84e-2yMe48Qr8RDqK5ew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://es.guiapromocoes.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 537
content-security-policy: script-src 'report-sample' 'nonce-xI84e-2yMe48Qr8RDqK5ew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 22 Aug 2023 11:37:54 GMT
expires: Tue, 22 Aug 2023 11:37:54 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js Show response
pagead2.googlesyndication.com/bg/ Frame 7526 37 KB
14 KB 13ms
13ms Script
text/javascript 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54e623589f5260a5167aafd289740f8aae40ebe6e0d6afe29d28459edb5a4718

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 05:09:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 282502
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14636
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 18 Aug 2024 05:09:32 GMT

GET
H2 200 SAFEFRAME.html Show response
contextual.media.net/sr/2722522032/ Frame 9C0F 96 KB
32 KB 229ms
223ms Document
text/html 104.126.112.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2773&&kkdd=AA%7C3%7C9*nAH&Al=jwLEOf8EO8PPLPLEEjO&6neb=f&*.e)=f&M.Fz=HE--&Fln=P!qO~OOja&FeFn=~Fp61RtBDCatujDDJbbCFX%3D%3D&Fbln=O88O8jfPw&.lyz=jfE8ROwP&FF=qi&.F=Ux&FNo*=a!2&eln=P2kK80dOU&Meln=ZCs8wiL&NMMe.=j&bbb=MyKJNHFYJHP2!kH84~oqMtOrfs1MKgrwHPGwD~ZZVK8%3D&mXb4=NMMe.%3A%2F%2Fz.(6Bl)eb1*1F1z.(F1*(Ib&zmXb4=XOOa~%3AiiC~(uRPjaH*x*U*C~(U*x(VH&o.z=s&YX=j&B6n=8&)nMj=P!qqLCGPW&)nME=P-LEPPw8-&In)M)=.nE%3DoBYYhMM%3DfhlBbYDY%3Djfh16zbe*%3Df(-PhAXDzRF%3Df(LshAl.D.n%3Ds-jhBbYDbe.DI%3DO(fPhn1*DI%3Df(OEhnFE%3Djh.Fn%3Douhb)z%3Df%2CfhAD).o%3DLffLhn1*DY%3DEfhAYEbD.n%3DEfE-fPEjEEhlBbYDI%3DPOj(fOhBbYDMmF%3DfhBbYDbE)DI%3Dfh.Mn%3D-Owss8LLsOhb)M%3Df(fff%2CfhY).M%3DhFA16%3Djs(-shAl.DBbYDI%3Df(s8hAYEbDlD.n%3DEfE-fPEjEEhle%3DjNYHi!BK)seNsriuca8M2lh4II%3DfhAl.DBbYDY%3DfhblleB)%3D-O%2C-PhzM%3DEjhbF%3Djhbl.Bln%3Df%2CfhAYEbDlDI%3Df(fshbe.D.n%3DEfE-fPEEfshAl.DI%3DwLf(8-hb)nA%3Df(fff%2CfhBbYDI%3Dj(jshAYEbDBbYDI%3DfhAYEbDBbYDAl%3DjaJjwhBbYDMAl%3DfhBbYDY%3Djfh.YA%3D-j(Owh6F)M%3DJjhII%3DjLwhAA%3DfhFAYEbD.n%3DsEshb4A%3D8j(OwhYEbDI%3Djfffhzbe*%3Df(-PhAYEbDBbYDmF%3DfafhI*%3Djhbmz%3Df%2Cfhb)ne%3Df(fff%2Cfh)-eDI%3DL(fw%2Cwf(jLh.ln%3DO88O8jfPwh.n%3DjhBln%3DE_)Veb.M0UGl.GOsRyhBbYDbe.DmF%3DfhFAYEbDI%3Djs(-shIMn%3D-fPfPjjEw888Lw-sPfj8O-EfO8PssPwEsPfL-sOwE8sssOfwfs-fwE-Pwf--sPPw8-OfOfOjPPjLfs-s8jwEffjE-P-8sjLsOwL88w8hAXB%3Df(LshnEeDY%3DjfhFAYE%3Djs(-sh-eF4%3DjfffhBl*%3Dfh16D*.N%3Df(-PhbmM%3Df(fff%2Cfhn**D.Mb6%3DzFehnEeDI%3Djh16nEeDI%3Df(LPh..%3DUghFF%3DqihBlX%3DJjhFz%3Dfhbe.DI%3Dwf(jLhBbYD.be.DI%3DO(fPhbFA%3D8j(Owh!_%3DELPLhbmXe%3Df(fff%2CfhmIDBF%3DJEhoM.%3DjOhmIDFFm.%3DJEhFM%3DozX%20u1bmhI..DcZd%3DUg%2CUghbmXn%3Df(fff%2CfhI).l.E%3DjLwhI).l.j%3DjLwhl.Kz4%3Dfhl.l4%3DfhBbYDbeFDI%3DfhIln%3Df(-PhnF%3DPhBbYDbe.DbA%3DfhAYEbDI%3DL(fwhFIne%3Df(Ewwh.n%3DjhlMuezDln%3DjOh.zYYzbDM)6Dln%3D-Owss8LLsOh.BeeYuDM)6Dln%3DhnzMzFMznDM)6Dln%3DhAlzX)IlYlMu%3Df(Lshe1.%3Djh)FDMuez%3Djh)nIYm%3D-Owss8LLsOh)*e%3Djh16Iln%3Df(-PfhI4Yb%3Df(fjfh.Bln%3D!gaiaHxGxEP8SeZq!XFLlXE3YbqhnMF%3Dz).MD.Fhn**Dzbe*%3D4)Y.zhn**%3DzFehIneF)en%3Dfhn)Y6%3D.zbAzbDnz4)BYMh.6*M%3DY1o6DM)lYDN1*ze)6zDF)MFN)YYhlo.Y%3Djh.1Ie%3DhRln%3DgSQJeBIJE8LjP8jP8w-PEjOwhNM*Y%3DjhhlIF%3Djho.y%3DjOhM6.%3DEsfREsf%7C-ffREsf%7C-ffRwff%7C-ffRjfsf%7C-EfR8ff%7C-EfR8Pf%7C--wREPf%7C8j8RO-w%7C8PfR-Ef%7CsPfR8ff%7CO-wR8j8%7COsfREff%7COsfR-ff%7COwPRjfE8%7CL-fRjPf%7CLOfREsf%7CjfE8ROwPhI.I%3DfhI.e%3DfhM*R%3DE-f&oMA=f&***=BQ1.U4_Spam%3D&lX=f&lo_4b=j&Inb_n=8wf&*F4=P8-wE&un.eb=j&I)z=t8)6RzUpR%2F&m)Mebz=j&F)n1*)lo=MyKJNHFYJHJWiNU8EJBB4noskQNEl!fUwpn-Eu8_iF30kW3Dmu31y6%3D%3D&l.ln=s&)nA=_oAz.M1b%20G1FB.&e6ln=efjjfP8LELs-MEfE-fPEEjj-O&..Yn=%7B%22..le%22%3A%22E)fn%3Aswff%3AffE8%3Affff%3Affff%3Affff%3Affff%3Affff%22%2C%22..FF%22%3A%22qi%22%2C%22...F%22%3A%22Ux%22%2C%22..FMu%22%3A%22UzX%20x1bm%22%7D&NM*Y.bF=j&ure=1

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU7Q771E&ydspr=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-126-112-26.deploy.static.akamaitechnologies.com

Software

Resource Hash

c0af69033729bc7abb57ca62f77f28bb705a4c8170ed9def9550798996f49fd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://cf70477cd02bd3043219fac404e63de7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 32260
content-type: text/html
date: Tue, 22 Aug 2023 11:37:54 GMT
expires: Tue, 22 Aug 2023 11:37:54 GMT
pragma: no-cache
strict-transport-security: max-age=31536000
timing-allow-origin: *
vary: Accept-Encoding
x-sc-h: 22-e1v1

GET
H2 200 bping.php
lg3.media.net/ Frame 4799 35 B
176 B 54ms
15ms Image
image/gif 23.52.158.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bping.php?vgd_len=2558&&vgd_cdv=1055&vgd_cage=0&vgd_tsce=L233&vgd_mcf=84362&gdpr=0&mspa=0&prid=8PRVCXX19&cid=8CU7Q771E&crid=744741086&vi=1692704274889892217&ugd=4&lf=6&kwrf=https%3A%2F%2Fes.guiapromocoes.com.br&cc=US&sc=NY&lper=100&wsip=170785135&r=1692704274497&rrr=tzR-hLcl-L8PCOL4fQnUtB7M05otRAM6L8F6_QTTGR4%3D&requrl=https%3A%2F%2Fes.guiapromocoes.com.br%2F&vgde_bdata=QOfvzxjj~77v9~8xLjMjvu9~myJLEYv9.AW~eBMJ-Nv9.iX~e8QMQOvXAu~xLjMLEQMGvh.9W~OmYMGv9.hf~ONfvu~QNOvz5~L1Jv9%2C9~eM1Qzvi99i~OmYMjvf9~ejfLMQOvf9fA9Wfuff~8xLjMGvWhu.9h~xLjM7UNv9~xLjMLf1MGv9~Q7OvAhFXXHiiXh~L17v9.999%2C9~j1Q7v~NemyvuX.AX~e8QMxLjMGv9.XH~ejfLM8MQOvf9fA9Wfuff~8EvuwjTb%3DxD1XEwXcb5C4H708~kGGv9~e8QMxLjMjv9~L88Ex1vAh%2CAW~J7vfu~LNvu~L8Qx8Ov9%2C9~ejfLM8MGv9.9X~LEQMQOvf9fA9Wff9X~e8QMGvFi9.HA~L1Oev9.999%2C9~xLjMGvu.uX~ejfLMxLjMGv9~ejfLMxLjMe8vu4ouF~xLjM7e8v9~xLjMjvu9~QjevAu.hF~yN17vou~GGvuiF~eev9~NejfLMQOvXfX~LkevHu.hF~jfLMGvu999~JLEYv9.AW~ejfLMxLjMUNv949~GYvu~LUJv9%2C9~L1OEv9.999%2C9~1AEMGvi.9F%2CF9.ui~Q8OvhHHhHu9WF~QOvu~x8OvfV1ZELQ7%2FIs8QshX-l~xLjMLEQMUNv9~NejfLMGvuX.AX~G7OvA9W9WuufFHHHiFAXW9uHhAf9hHWXXWFfXW9iAXhFfHXXXh9F9XA9FfAWF9AAXWWFHAh9h9huWWui9XAXHuFf99ufAWAHXuiXhFiHHFH~eBxv9.iX~OfEMjvu9~NejfvuX.AX~AENkvu999~x8Yv9~myMYQwv9.AW~LU7v9.999%2C9~OYYMQ7LyvJNE~OfEMGvu~myOfEMGv9.iW~QQvIK~NNvPb~x8Bvou~NJv9~LEQMGvF9.ui~xLjMQLEQMGvh.9W~LNevHu.hF~%3DVvfiWi~LUBEv9.999%2C9~UGMxNvof~z7Qvuh~UGMNNUQvof~N7vzJBn5mLU~GQQMC_pvIK%2CIK~LUBOv9.999%2C9~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8Q8kv9~xLjMLENMGv9~G8Ov9.AW~ONvW~xLjMLEQMLev9~ejfLMGvi.9F~NGOEv9.fFF~QOvu~875EJM8Ovuh~QJjjJLM71yM8OvAhFXXHiiXh~QxEEj5M71yM8Ov~OJ7JN7JOM71yM8Ov~e8JB1G8j875v9.iX~EmQvu~1NM75EJvu~1OGjUvAhFXXHiiXh~1YEvu~myG8Ov9.AW9~GkjLv9.9u9~Qx8Ov%3DK4b4T3s3fWHrE_P%3DBNi8BfdjLP~O7NvJ1Q7MQN~OYYMJLEYvk1jQJ~OYYvJNE~GOEN1EOv9~O1jyvQJLeJLMOJk1xj7~QyY7vjmzyM718jMwmYJE1yJMN17Nw1jj~8zQjvu~QmGEv~-8OvKrtoExGofHiuWHuWHFAWfuhF~w7Yjvu~~8GNvu~zQlvuh~7yQvfX9-fX9%7CA99-fX9%7CA99-F99%7CA99-u9X9%7CAf9-H99%7CAf9-HW9%7CAAF-fW9%7CHuH-hAF%7CHW9-Af9%7CXW9-H99%7ChAF-HuH%7ChX9-f99%7ChX9-A99%7ChFW-u9fH%7CiA9-uW9%7Cih9-fX9%7Cu9fH-hFW~GQGv9~GQEv9~7Y-vfA9&ssld=%7B%22QQ8E%22%3A%22f19O%3AXF99%3A99fH%3A9999%3A9999%3A9999%3A9999%3A9999%22%2C%22QQNN%22%3A%22Pb%22%2C%22QQQN%22%3A%22I3%22%2C%22QQN75%22%3A%22IJBn3mLU%22%7D&vgd_ydspr=1&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=9009&vgd_rakh=1692704274194949407&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CUU9JF8H&vgd_hb_audit_2=839288643&vgd_pgid=p01108492953t202308221137&vgd_pgids=1&vgd_uspa=0&hvsid=00000169270427449300958081327493&gdpr=0&mspa=0&vgd_l2type=scs_newfl&vgd_end=2

Requested by

Host: cf70477cd02bd3043219fac404e63de7.safeframe.googlesyndication.com
URL: https://cf70477cd02bd3043219fac404e63de7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.158.180 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-158-180.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cf70477cd02bd3043219fac404e63de7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
date: Tue, 22 Aug 2023 11:37:54 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Tue, 22 Aug 2023 11:37:54 GMT

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 043B 26 KB
10 KB 68ms
64ms Document
text/html 104.126.112.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUU9JF8H&prvid=99%2C77%2C20000%2C294%2C262%2C460%2C461%2C462%2C4%2C313%2C10000%2C459%2C229%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1

Requested by

Host: cf70477cd02bd3043219fac404e63de7.safeframe.googlesyndication.com
URL: https://cf70477cd02bd3043219fac404e63de7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-126-112-26.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

03155ddd40e93cac36a91b9bfd87fb52e40a788587b3689f2cad6179bd11b2fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://cf70477cd02bd3043219fac404e63de7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=166193
content-encoding: gzip
content-length: 9539
content-type: text/html; charset=UTF-8
date: Tue, 22 Aug 2023 11:37:54 GMT
expires: Thu, 24 Aug 2023 09:47:47 GMT
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 clog
hblg.media.net/ Frame 4799 35 B
191 B 40ms
5ms Image
image/gif 23.52.158.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=5853&lper=1&itypeid=17&itype=ADX&cc=US&cid=8CUU9JF8H&reqid=56eh490EbryWyKHPWdwqig&vid=56eh490EbryWyKHPWdwqig&dn=es.guiapromocoes.com.br&rawDn=es.guiapromocoes.com.br&pid=8PR113JGC&ugd=4&fleet=appnexus&requrl=https%3A%2F%2Fes.guiapromocoes.com.br&cliIPV6=2a0d%3A5600%3A0024%3A0000%3A0000%3A0000%3A0000%3A0000&cliIPType=v6&coppa_enf=true&lmt_status=N&lmt_applied=N&lmt_enf=true&dnt_enf=false&geo_source=2&sc=NY&ct=New+York&zip=10013&pubid=pub-ADX-116310109131&tgtval=pub-ADX-116310109131&csip=rtb-appnexus-85cb5b67cb-xpgz2.SC&dtc=east_sc&zone=d&sd=1&ptype=23&tmax=300&xtmax=290&gdpr=0&gpp_present=false&app=0&sat=1&device_id=4&surl=https%3A%2F%2Fes.guiapromocoes.com.br&sckfl=1&suid=CAESELYFY284DpTUCwc9iw2jlrU&smbrid=adx-1&cxtSgmt=long_tail_homepage_catchall&usp_status=0&usp_enf=1&mspa_enforced=false&gqid=AD8Fdm7EiTjUS_Sg1kIqLGe3lYNc8lkOvT8yogbKqj_Iy6qlcJ0Qlws1NZiJwcdA4LpCSBIg&pexid=ADX-pub-2491841846382176&geoll=true&is_ortb=false&s_ip=74.125.19.10&s_city=morganton&commit_id=6b8b646e&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2023-08-21+00%3A00%3A00&schain_cmpl=1&schain_nodes_count=1&dummy_vsid=false&amptype=1&second_call=false&supply_cc=US&ipcc=US&is_msnnative_src=false&rtttime=114&req_tid_present=false&pvid=460&prvAccId=744741086&prvApiId=8CU7Q771E&adj0=0.0&adj1=0.0&adj2=0.0&pst=0&crid=839288643&prspt=headerBid&prvReqId=352248525440909_580296478_8392886434601&reqsize=1024x768&size=1024x768&chnl=ECP&bdp=0.380&cbdp=0.266&og_cbdp=0.380&ogbdp=0.38&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&advUrl=https%3A%2F%2Frelated.investorfocus.net&dfpBd=0.266&dt=O&dbf=1&epc=744741086&s=1&snm=SUCCESS&pcrid=8CU7Q771E-744741086-34-20&tpbTkn=false&exid=218&bidflr=0.010&pbidflr=0.010&opbidflr=0.010&spbf=0&viewability=95&sbdrid=196&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Ctpi%3D1%7Ckbb_se%3D1%7Cdbr%3D1%7Csfl%3Dfalse%7Cbfl%3D-100%7Ctpi%3D1&mnrf=0&ortbseat=BID_API&brsrclk=0&bidrestime=1692704273920&fpuReq=0&bfs=103&acsn=1&ybnca_erpm=0.38&dmm_erpm=true&dmm_ogerpm=false&bcrid=1700080807684001024076800059500&strg=ECP&vls=0&scrid=1700080807684001024076800059500&mang=1&pvdTmax=230&fpusp=false&ae=false&epcexp=false&moau=true&ucrid_ver=2&omid=0&mnet_static_share=0.0&apPrfs%3C%3E=60%23%2365%23%2313%23%234%23%2310&incentive_type=0&aogbdp=0.0&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_sbp=-10.0&mx_sua_cvg=1111111&mx_tid_sent=false&mx_epbc=8CU7Q771E&mx_SPRIG=2&mx_bsBucket=0&mx_ssProfile=0&mx_sua_os_n=Windows+NT&mx_lr=0&mx_TAS=1&mx_ep_sent%3C%3E=badv&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_sua_os_v=10.0&mx_bsBucketRa=0&mx_sid=8CUU9JF8H&mx_SC=0&mx_lr_seg_deal=0&mx_aqcpl_crid=0&mx_nsz=17&mx_GCID=0&mx_maq_call=false&mx_aurt=0&mx_sua_model=x64&mx_bsBucketKtwRl=0&mx_tgs=250x250%7C300x250%7C300x600%7C300x1050%7C320x400%7C320x480%7C336x280%7C414x736%7C480x320%7C580x400%7C736x414%7C750x200%7C750x300%7C768x1024%7C930x180%7C970x250%7C1024x768&mx_bsProfileRa=0&mx_IAB2=2&mx_bss_algos%3C%3E=0&mx_aurl_hc=0&mx_aabpc=0&mx_PC=1&mx_UCC=5&mx_isLossNtf=false&mx_bsProfileKtwRl=0&mx_bsProfile=0&mx_ssBucket=0&mx_TAF=3&mx_gpid_sent=false&mx_commit_id=cb563d41be&is_video_cmp=false&acid=ad954bf4454a4a1e9d27d355dfdce4a6&rtime=55.0&wsip=mowx-lite-5d4856794d-b7gld&ltime=66.0&act=headerBid&abs=0%7C0%7Cxtmax%3D290%7Cbrr%3D0&adtypes=0&adblk=3765549957&impId=1&reftime=0&reftype=0&psrc=fail&insl=1&mowxReqId=ad954bf4454a4a1e9d27d355dfdce4a6_1&policy_enf=2&pub_blk_enf=1&renderer=0&ifst=0&iframingState=0&ifdp=0&slotVisibility=1&adpos=1&media=0&native_asset=0&req_mtype%3C%3E=0&ctr=-1.0&rfc=-1&skadidfl=0&feedback_id=56eh490EbryWyKHPWdwqig&supplyTagId=3765549957&mnrfc=-1&v_plcmt_override=0&v_placement_override=0&pb_exp=0&viewability_vendor=EXCHANGE&vcmplrt=-1.0&imp_tid_present=false&actltime=68&mp_seg%3C%3E=100273&debug_ts=2023-08-22+11%3A37%3A53&__expireat=1692704874193&mview=1&rme=adm&bdata=sd2%3Dnull~tt%3D0~iurl_l%3D10~ogerpm%3D0.38~vw_exc%3D0.95~vis_sd%3D531~url_rps_b%3D7.08~dom_b%3D0.72~dc2%3D1~scd%3Dny~rae%3D0%2C0~v_asn%3D9009~dom_l%3D20~vl2r_sd%3D2023082122~iurl_b%3D871.07~url_tkc%3D0~url_r2a_b%3D0~std%3D3765549957~rat%3D0.000%2C0~last%3D~cvog%3D15.35~vis_url_b%3D0.54~vl2r_i_sd%3D2023082122~ip%3D1hlLSCuRa5ph5MSyKE4tPi~fbb%3D0~vis_url_l%3D0~riipua%3D37%2C38~et%3D21~rc%3D1~risuid%3D0%2C0~vl2r_i_b%3D0.05~rps_sd%3D2023082205~vis_b%3D690.43~radv%3D0.000%2C0~url_b%3D1.15~vl2r_url_b%3D0~vl2r_url_vi%3D1E-16~url_tvi%3D0~url_l%3D10~slv%3D31.76~gcat%3D-1~bb%3D196~vv%3D0~cvl2r_sd%3D525~rfv%3D41.76~l2r_b%3D1000~erpm%3D0.38~vl2r_url_kc%3D0E0~bm%3D1~rke%3D0%2C0~radp%3D0.000%2C0~a3p_b%3D9.06%2C60.19~sid%3D744741086~sd%3D1~uid%3D2IaGprstVNFisF75xz~url_rps_kc%3D0~cvl2r_b%3D15.35~btd%3D3080811264449635801473207485586258093576245557060530623860335886437070718819053541620012383451957694464~vwu%3D0.95~d2p_l%3D10~cvl2%3D15.35~3pcf%3D1000~uim%3D0~og_msh%3D0.38~rkt%3D0.000%2C0~dmm_strg%3Decp~d2p_b%3D1~ogd2p_b%3D0.98~ss%3DNA~cc%3DUS~uiw%3D-1~ce%3D0~rps_b%3D60.19~url_srps_b%3D7.08~rcv%3D41.76~CI%3D2989~rkwp%3D0.000%2C0~kb_uc%3D-2~nts%3D17~kb_ccks%3D-2~ct%3Dnew%20york~bss_KTW%3DNA%2CNA~rkwd%3D0.000%2C0~basis2%3D196~basis1%3D196~isRef%3D0~isif%3D0~url_rpc_b%3D0~bid%3D0.38~dc%3D8~url_rps_rv%3D0~vl2r_b%3D9.06~cbdp%3D0.266%7Esd%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D3765549957%7Esupply_tag_id%3D%7Edetected_tag_id%3D%7Eviewability%3D0.95%7Epos%3D1%7Eac_type%3D1%7Eadblk%3D3765549957%7Eamp%3D1%7Eogbid%3D0.380%7Ebflr%3D0.010%7Esuid%3DCAESELYFY284DpTUCwc9iw2jlrU%7Edtc%3Deast_sc%7Edmm_erpm%3Dfalse%7Edmm%3Decp%7Ebdpcapd%3D0%7Edalg%3Dserver_default%7Esgmt%3Dlong_tail_homepage_catchall%7Einsl%3D1%7Esobp%3D%7Exid%3DADX-pub-2491841846382176%7Ehtml%3D1%7E~ibc%3D1~nsz%3D17~tgs%3D250x250%7C300x250%7C300x600%7C300x1050%7C320x400%7C320x480%7C336x280%7C414x736%7C480x320%7C580x400%7C736x414%7C750x200%7C750x300%7C768x1024%7C930x180%7C970x250%7C1024x768~bsb%3D0~bsp%3D0~tmx%3D230&utime=572&sf=0&cpr=0.13893318731085458

Requested by

Host: cf70477cd02bd3043219fac404e63de7.safeframe.googlesyndication.com
URL: https://cf70477cd02bd3043219fac404e63de7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.158.180 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-158-180.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cf70477cd02bd3043219fac404e63de7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 11:37:54 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Tue, 22 Aug 2023 11:37:54 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 632C 1 KB
643 B 18ms
12ms Document
text/html 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: cf70477cd02bd3043219fac404e63de7.safeframe.googlesyndication.com
URL: https://cf70477cd02bd3043219fac404e63de7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cf70477cd02bd3043219fac404e63de7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 36605
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 22 Aug 2023 01:27:49 GMT
etag: 48472445140208031
expires: Wed, 23 Aug 2023 01:27:49 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 35FD 0
0 44ms
43ms Image
text/html 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230817&jk=2388198473359643&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H2

200

cksync
cs.media.net/ Frame 043B
Redirect Chain

https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzM1NzA1ODc0MDgxMzI0NzAwMFYxMA%3D%3D&google_sc=1
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEINw3EUEhff0MOQV6UzMPsU&google_cver=1

61 B
453 B

91ms
65ms

Image
image/gif

23.52.158.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEINw3EUEhff0MOQV6UzMPsU&google_cver=1
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUU9JF8H&prvid=99%2C77%2C20000%2C294%2C262%2C460%2C461%2C462%2C4%2C313%2C10000%2C459%2C229%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol: H2
Server: 23.52.158.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-158-180.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 11:37:54 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 61
x-mnet-hl2: E
expires: Tue, 22 Aug 2023 11:37:54 GMT

Redirect headers

pragma: no-cache
date: Tue, 22 Aug 2023 11:37:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEINw3EUEhff0MOQV6UzMPsU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 632C
Redirect Chain

https://px.owneriq.net/ecmg?google_gid=CAESEHD9Dc9498mZNXxli_Tf1uk&google_cver=1&google_push=AXcoOmTM4GcFHpNT4f16XgHiLKZRcK9tpC5wFKSi5Z4LGP2-CUx34tzx05qiI_LnD1gnBS4O4JzpKyel1R0aYGOMzrNXAUQgqeY
https://px.owneriq.net/ecc?redir=https%3a%2f%2fcm.g.doubleclick.net%2fpixel%3fgoogle_nid%3downeriq1%26google_sc%26google_push%3dAXcoOmTM4GcFHpNT4f16XgHiLKZRcK9tpC5wFKSi5Z4LGP2-CUx34tzx05qiI_LnD1gnB...
https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmTM4GcFHpNT4f16XgHiLKZRcK9tpC5wFKSi5Z4LGP2-CUx34tzx05qiI_LnD1gnBS4O4JzpKyel1R0aYGOMzrNXAUQgqeY&google_cver=1&google...

170 B
188 B

40ms
39ms

Image
image/png

172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmTM4GcFHpNT4f16XgHiLKZRcK9tpC5wFKSi5Z4LGP2-CUx34tzx05qiI_LnD1gnBS4O4JzpKyel1R0aYGOMzrNXAUQgqeY&google_cver=1&google_gid=CAESEHD9Dc9498mZNXxli_Tf1uk&google_hm=UTc0NTk5MDY3NDIwMzUzODkzMDc=

Requested by

Host: cf70477cd02bd3043219fac404e63de7.safeframe.googlesyndication.com
URL: https://cf70477cd02bd3043219fac404e63de7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 11:37:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 22 Aug 2023 11:37:54 GMT
Server: Apache/2.4.6 (CentOS)
X-Powered-By: PHP/7.3.33
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmTM4GcFHpNT4f16XgHiLKZRcK9tpC5wFKSi5Z4LGP2-CUx34tzx05qiI_LnD1gnBS4O4JzpKyel1R0aYGOMzrNXAUQgqeY&google_cver=1&google_gid=CAESEHD9Dc9498mZNXxli_Tf1uk&google_hm=UTc0NTk5MDY3NDIwMzUzODkzMDc=
Content-Type: text/html
Cache-Control: max-age=11765
Connection: keep-alive
Content-Length: 154

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 632C
Redirect Chain

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEKx_83t-uPksIvCZbAVKwS4&google_cver=1&google_push=AXcoOmSNgvAxzhvIY5nusjImCuqGWXZK4CAuJo-xOG82fj1X4FMM9Ih...
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=274411a7d2d704e0&is_secure=true&networkId=14000&version=1&google_gid=CAESEKx_83t-uPksIvCZbAVKwS4&google_cver=1&google_push=AXcoOmSNgvAx...
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAB8h2xskXKJgNmSJtPAAAAAAA&expiration=1692790674&google_cver=1&is_secure=true&google_gid=CAESEKx_83t-uPksIvCZbAVKw...

170 B
232 B

38ms
37ms

Image
image/png

172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAB8h2xskXKJgNmSJtPAAAAAAA&expiration=1692790674&google_cver=1&is_secure=true&google_gid=CAESEKx_83t-uPksIvCZbAVKwS4&google_push=AXcoOmSNgvAxzhvIY5nusjImCuqGWXZK4CAuJo-xOG82fj1X4FMM9IhJErfHiHgKmUHgG85LkgiSTrgDMfxBbrqfhlcEqssq-g

Requested by

Host: cf70477cd02bd3043219fac404e63de7.safeframe.googlesyndication.com
URL: https://cf70477cd02bd3043219fac404e63de7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 11:37:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 22 Aug 2023 11:37:54 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAB8h2xskXKJgNmSJtPAAAAAAA&expiration=1692790674&google_cver=1&is_secure=true&google_gid=CAESEKx_83t-uPksIvCZbAVKwS4&google_push=AXcoOmSNgvAxzhvIY5nusjImCuqGWXZK4CAuJo-xOG82fj1X4FMM9IhJErfHiHgKmUHgG85LkgiSTrgDMfxBbrqfhlcEqssq-g
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 632C
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEMIuc0wtRwxXipIo3LLeuJ8&google_cver=1&google_push=AXcoOmSPtcM5YZVO2sqLZhtWZx4WkHKDmd3F9A9yLRk1Qh-s5iJdONaFPKHdLr5xxSbCysVpEaDRaYtA5c1dKA29...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmSPtcM5YZVO2sqLZhtWZx4WkHKDmd3F9A9yLRk1Qh-s5iJdONaFPKHdLr5xxSbCysVpEaDRaYtA5c1dKA29KFljw590GRY

170 B
232 B

37ms
36ms

Image
image/png

172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmSPtcM5YZVO2sqLZhtWZx4WkHKDmd3F9A9yLRk1Qh-s5iJdONaFPKHdLr5xxSbCysVpEaDRaYtA5c1dKA29KFljw590GRY

Requested by

Host: cf70477cd02bd3043219fac404e63de7.safeframe.googlesyndication.com
URL: https://cf70477cd02bd3043219fac404e63de7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 11:37:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 22 Aug 2023 11:37:54 GMT
Server: MT3 1031 59fd23a master ord ord-pixel-x16 config_version:"1969"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmSPtcM5YZVO2sqLZhtWZx4WkHKDmd3F9A9yLRk1Qh-s5iJdONaFPKHdLr5xxSbCysVpEaDRaYtA5c1dKA29KFljw590GRY
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 22 Aug 2023 11:37:53 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 632C
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEHx0DUSUt8o7vCsINuED_Hc&google_cver=1&google_push=AXcoOmT8FCydNGntFwZXGMC5Qsvm9ZHeZzWjFlLFWkf3zmIqM_Z-KL-3_2aAv1B8bC-VM7l85bK8u0ToH28gxlf3IjNWWtneQYE
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EBDEA98EFBB64421888CEA027FD09EBE&google_push=AXcoOmT8FCydNGntFwZXGMC5Qsvm9ZHeZzWjFlLFWkf3zmIqM_Z-KL-3_2aAv1B8bC-VM7l85bK8u0ToH28gxlf...

170 B
232 B

39ms
37ms

Image
image/png

172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EBDEA98EFBB64421888CEA027FD09EBE&google_push=AXcoOmT8FCydNGntFwZXGMC5Qsvm9ZHeZzWjFlLFWkf3zmIqM_Z-KL-3_2aAv1B8bC-VM7l85bK8u0ToH28gxlf3IjNWWtneQYE

Requested by

Host: cf70477cd02bd3043219fac404e63de7.safeframe.googlesyndication.com
URL: https://cf70477cd02bd3043219fac404e63de7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 11:37:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 22 Aug 2023 11:37:54 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EBDEA98EFBB64421888CEA027FD09EBE&google_push=AXcoOmT8FCydNGntFwZXGMC5Qsvm9ZHeZzWjFlLFWkf3zmIqM_Z-KL-3_2aAv1B8bC-VM7l85bK8u0ToH28gxlf3IjNWWtneQYE
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 21 Aug 2023 11:37:54 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 632C
Redirect Chain

https://fksnk.com/cs/google?google_gid=CAESEJNHBK7CD64uJqRcva6Mfms&google_cver=1&google_push=AXcoOmTfh1lA6lwBO75rMC5POJP1Paz4Lz-lpILvbkt_vwlCYIvb-4fKcUF0gYglV0-KACK__1lM6As7fU8PRC1czMxHJKXq12I
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=ODU4MUNGOUMxQkFGQjFERg==

170 B
243 B

39ms
37ms

Image
image/png

172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=ODU4MUNGOUMxQkFGQjFERg==

Requested by

Host: cf70477cd02bd3043219fac404e63de7.safeframe.googlesyndication.com
URL: https://cf70477cd02bd3043219fac404e63de7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 11:37:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=ODU4MUNGOUMxQkFGQjFERg==
date: Tue, 22 Aug 2023 11:37:54 GMT
content-language: en-US
content-type: text/html;charset=ISO-8859-1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 632C
Redirect Chain

https://ads.yieldmo.com/exptsync?google_gid=CAESEIxkgTssvQThja0oForspFE&google_cver=1&google_push=AXcoOmTWhFH4jfhh__NQvyvg_j7-CM9rtPVGqFjoFlQC2doL24hQyuwoe8X_wQLWYArJhQvGoCztsHB7t8onOWKf-3r2gGWaDUA
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmTWhFH4jfhh__NQvyvg_j7-CM9rtPVGqFjoFlQC2doL24hQyuwoe8X_wQLWYArJhQvGoCztsHB7t8onOWKf-3r2gGWaDUA&google_hm=M21TUG9ISGJiUEhJVElEM...

170 B
232 B

39ms
38ms

Image
image/png

172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmTWhFH4jfhh__NQvyvg_j7-CM9rtPVGqFjoFlQC2doL24hQyuwoe8X_wQLWYArJhQvGoCztsHB7t8onOWKf-3r2gGWaDUA&google_hm=M21TUG9ISGJiUEhJVElEMHlXdWQ=

Requested by

Host: cf70477cd02bd3043219fac404e63de7.safeframe.googlesyndication.com
URL: https://cf70477cd02bd3043219fac404e63de7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 11:37:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 22 Aug 2023 11:37:54 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=utf-8
location: https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmTWhFH4jfhh__NQvyvg_j7-CM9rtPVGqFjoFlQC2doL24hQyuwoe8X_wQLWYArJhQvGoCztsHB7t8onOWKf-3r2gGWaDUA&google_hm=M21TUG9ISGJiUEhJVElEMHlXdWQ=
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 632C
Redirect Chain

https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEFJmQODmc46yAy7H32nL9M8&google_cver=1&google_push=AXcoOmSHtN3etDx9El9SapWQkwLgSTPChl9XGXVmO8TkLzS6IpHeTg9LH7PY9R-EF4mIEw05VSKln5FZudmzM_oBx...
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=MTBlNzA3MjQtMzMxNy00ZDAwLWJjNzYtNzdjNzU1ZTAxMmRk&google_push=AXcoOmSHtN3etDx9El9SapWQkwLgSTPChl9XGXVmO8TkLzS6IpHeTg9LH7PY9R-E...

170 B
232 B

40ms
39ms

Image
image/png

172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=MTBlNzA3MjQtMzMxNy00ZDAwLWJjNzYtNzdjNzU1ZTAxMmRk&google_push=AXcoOmSHtN3etDx9El9SapWQkwLgSTPChl9XGXVmO8TkLzS6IpHeTg9LH7PY9R-EF4mIEw05VSKln5FZudmzM_oBxT1oVKMMx87z

Requested by

Host: cf70477cd02bd3043219fac404e63de7.safeframe.googlesyndication.com
URL: https://cf70477cd02bd3043219fac404e63de7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 11:37:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=MTBlNzA3MjQtMzMxNy00ZDAwLWJjNzYtNzdjNzU1ZTAxMmRk&google_push=AXcoOmSHtN3etDx9El9SapWQkwLgSTPChl9XGXVmO8TkLzS6IpHeTg9LH7PY9R-EF4mIEw05VSKln5FZudmzM_oBxT1oVKMMx87z
date: Tue, 22 Aug 2023 11:37:54 GMT
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 632C 0
50 B 169ms
36ms Image
text/html 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KTKlejUscGfQCRJW7mIcZFoc7p_DKJjYy3ZlMxEGA3_MVM7NLSVy-DCOn5HOvjniqk7G1bNg

Requested by

Host: cf70477cd02bd3043219fac404e63de7.safeframe.googlesyndication.com
URL: https://cf70477cd02bd3043219fac404e63de7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 11:37:54 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7526 0
10 B 12ms
12ms Image
text/plain 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?fHiqBQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 11:37:54 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 bql.php Show response
akl-navvy.media.net/ Frame 9C0F 15 B
279 B 50ms
26ms Script
text/javascript 34.160.55.127
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://akl-navvy.media.net/bql.php?vgd_len=8221&&vgd_canary=0&vgd_l2type=scs_newfl&fp=rYmFUZ2eQbvEWbCcONpCLWs75T1ib77wO-IznP7OKSGgK_5mbshQmGTeWKb_jaE6MEBzAfY12x21dYdGyKTr5zScx-BptLxD9U7lKRgxwrO4e_hG56cpk48_jlwbeaJRVzjptO_-2zN60mN2xFzmbw%3D%3D&cme=Omv9xwNAEtdR4VN1kfLIEiQaen-jn8qNvI1k9G1ho-40jGp4hJAO5EXFHOqctkES0k9ViLvOu8VEB3EnMzH-xAH3IFWK0vueZiT0OoDQAD12wn-9BZeacdL8yJpfcQV78xhS5KsH-EFuTH4bnikWsEpbbH9tLFMHOyQIFeUvC4AFL_0GKwf6_N6T_LSLr2mgAj-nFIK298C62AfCfMfDr_FEBzOpc4nF-ew_m2_MNyM%3D%7C%7Cu8A6SM53vAcxkZY9VHWafLSuY-HKDieQ%7CUFJJWZ1lEVdklaUp4Q9x5TG45h_4b8t5%7CfoIS3o4cK7XJ_lHbVkW8Kw%3D%3D%7Ca0AmFUYXmD6g4E_AM2UIMbnAhhhXbBwmhFbwj92oDaB8kgM1Y3l7MQ%3D%3D%7Cxrl5Md8q4-9MV5XgYHndBH7wzImOX9N6eZjCaDTgjb_VaTJVsamAgg%3D%3D%7C1PiSZJgAPAqtJi7Zlv19wP-NuhSbhzIIB7EIe2bZY1WkWMy3XDoKcsEUJndgKGkTIizgmqSZ61PZqi8iRMkosODx3-3BiMeH8vJX-7xnJ0XnLWlxEKBW4rTgZu2inJkPznq6HIEvhMa0Ezd5wUacpMlxg84qMYzzlMiRewZ4M_AAi8QxsPoh0NMC6nRJIDcsGgJjh7HSYoFvhOijZNaOof4dl53oW2TxuDwO67tz9FO7VCpgw7Rlx9WSpZdmLoNEPAO2L70uxIYUQ0W58TkUB_rXKYGpogOF%7C&subBdr=196&bdrid=460&ksu=224&fdkt=391&vgde_kbbh=ffoyxQJuO&kwd[]=Apply+for+Stimulus+Check&kwt[]=391&kbc[]=1262292604&kwp[]=1&kid[]=214431410&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.1665%7C24%3D0%7C25%3D0%7C22%3D0.0001%7C7%3D0.0002%7C8%3D082117%7C9%3D0%7C11%3D0%7C26%3D37203%7C27%3D856%7C13%3D0.0668%7C14%3D082205%7C15%3D0%7Cr%3D3%7Cokt%3D391%7Cbkt%3D391%7Cir%3D1%7Ciid%3D4230750%7Cps%3D0.398&ktd[]=275700187392&kwd[]=How+to+Lower+Blood+Pressure+Quickly&kwt[]=391&kbc[]=1262292604&kwp[]=2&kid[]=98521951&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.2492%7C24%3D0%7C25%3D0%7C22%3D0.0001%7C7%3D0.0003%7C8%3D082117%7C9%3D0%7C11%3D0%7C26%3D145008%7C27%3D4520%7C13%3D0.0545%7C14%3D082205%7C15%3D0%7Cr%3D5%7Cokt%3D391%7Cbkt%3D391%7Cir%3D1%7Ciid%3D6532492%7Cps%3D0.398&ktd[]=275716972800&kwd[]=Stocks+to+Invest+In&kwt[]=391&kbc[]=1262292604&kwp[]=3&kid[]=27190006&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.2212%7C24%3D0%7C25%3D0%7C22%3D0.0001%7C7%3D0.0002%7C8%3D082117%7C9%3D0%7C11%3D0%7C26%3D346124%7C27%3D322%7C13%3D0.0667%7C14%3D082205%7C15%3D0%7Cr%3D6%7Cokt%3D391%7Cbkt%3D391%7Cir%3D1%7Ciid%3D5839107%7Cps%3D0.398&ktd[]=276522270976&kwd[]=Average+Retirement+Income&kwt[]=391&kbc[]=1262292604&kwp[]=4&kid[]=2721539&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.1188%7C24%3D0%7C25%3D0%7C22%3D0.0001%7C7%3D0.0003%7C8%3D082117%7C9%3D0%7C11%3D0%7C26%3D1653964%7C27%3D7238%7C13%3D0.0568%7C14%3D082205%7C15%3D0%7Cr%3D7%7Cokt%3D391%7Cbkt%3D391%7Cir%3D1%7Ciid%3D1693812%7Cps%3D0.398&ktd[]=275716964608&kwd[]=Bank+Owned+Cars+for+Sale&kwt[]=391&kbc[]=1262292604&kwp[]=5&kid[]=299487099&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.0957%7C24%3D0%7C25%3D0%7C22%3D0.0001%7C7%3D0.0002%7C8%3D082117%7C9%3D0%7C11%3D0%7C26%3D638260%7C27%3D3044%7C13%3D0.0590%7C14%3D082205%7C15%3D0%7Cr%3D8%7Cokt%3D391%7Cbkt%3D391%7Cir%3D1%7Ciid%3D1692299%7Cps%3D0.398&ktd[]=275716964608&kwd[]=Best+Dentists+Near+Me&kwt[]=391&kbc[]=1262292604&kwp[]=6&kid[]=324977595&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.1039%7C24%3D0%7C25%3D0%7C22%3D0.0001%7C7%3D0.0002%7C8%3D082117%7C9%3D0%7C11%3D0%7C26%3D1757660%7C27%3D5431%7C13%3D0.0638%7C14%3D082205%7C15%3D0%7Cr%3D9%7Cokt%3D391%7Cbkt%3D391%7Cir%3D1%7Ciid%3D9763344%7Cps%3D0.398&ktd[]=275700187392&kwd[]=5+Best+Medicare+Advantage+Plans&kwt[]=391&kbc[]=1262292604&kwp[]=7&kid[]=329937320&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.1491%7C24%3D0%7C25%3D0%7C22%3D0.0001%7C7%3D0.0002%7C8%3D082117%7C9%3D0%7C11%3D0%7C26%3D1658422%7C27%3D3990%7C13%3D0.0527%7C14%3D082205%7C15%3D0%7Cr%3D11%7Cokt%3D391%7Cbkt%3D391%7Cir%3D1%7Ciid%3D8519930%7Cps%3D0.398&ktd[]=275700187392&kwd[]=Ford+F-150+Pickup+Truck+Prices&kwt[]=391&kbc[]=1262292604&kwp[]=8&kid[]=329727114&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.1325%7C24%3D0%7C25%3D0%7C22%3D0.0001%7C7%3D0.0002%7C8%3D082117%7C9%3D0%7C11%3D0%7C26%3D60234%7C27%3D35%7C13%3D0.0337%7C14%3D082205%7C15%3D0%7Cr%3D12%7Cokt%3D391%7Cbkt%3D391%7Cir%3D1%7Ciid%3D11520899%7Cps%3D0.398&ktd[]=275700187392&kwd[]=10+Signs+of+Diabetes&kwt[]=655&kbc[]=null&kwp[]=9&kid[]=324839761&kbc2[]=&ktd[]=&kwd[]=Top+5+Gold+Investments&kwt[]=655&kbc[]=null&kwp[]=10&kid[]=324866405&kbc2[]=&ktd[]=&kwd[]=Free+Internet+TV+Streaming&kwt[]=655&kbc[]=null&kwp[]=11&kid[]=11585793&kbc2[]=&ktd[]=&kwd[]=Free+Puppies+for+Adoption&kwt[]=655&kbc[]=null&kwp[]=12&kid[]=208394637&kbc2[]=&ktd[]=&kwd[]=Master+Bathroom+Remodeling&kwt[]=655&kbc[]=null&kwp[]=13&kid[]=120224079&kbc2[]=&ktd[]=&kwd[]=Best+Way+to+Whiten+Teeth&kwt[]=655&kbc[]=null&kwp[]=14&kid[]=3494611&kbc2[]=&ktd[]=&kwd[]=Top+10+Women%27s+Perfumes&kwt[]=655&kbc[]=null&kwp[]=15&kid[]=172038814&kbc2[]=&ktd[]=&kwd[]=10+Best+Stocks+to+Buy+Now&kwt[]=655&kbc[]=null&kwp[]=16&kid[]=321595960&kbc2[]=&ktd[]=&v=1&geo=40.72%7C-74&dlper=20&lper=100&lpid=&tsid=1886&hint=&cc=US&wsip=170774658&bca=0&ugd=4&vgde_setid=Nff&ssld=%7B%22QQNN%22%3A%22Pb%22%2C%22QQN75%22%3A%22IJBn3mLU%22%2C%22QQ8E%22%3A%22f19O%3AXF99%3A99fH%3A9999%3A9999%3A9999%3A9999%3A9999%22%2C%22QQQN%22%3A%22I3%22%7D&cid=8CU7Q771E&vi=1692704274889892217&vsid=3357058740813229&tdAdd[]=asnum%3D9009&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_adprefflag=11&vgd_adpref_diff=0100&vgd_fm_lang=EN&vgd_implt=3&vgd_cage=4&vgd_tsce=L233-S233&vgd_imdtl=1&vgd_l3_sc=NY&vgd_chost=contextual.media.net&vgd_sslb=1111&vgd_hb_audit_1=8CUU9JF8H&vgd_hb_audit_2=839288643&vgd_refdomain=guiapromocoes.com.br&vgd_pdtid=1&vgd_nrrv=13243&vgd_nrrmf=1000ca0a&vgd_nrrsf=scrr&vgd_cty=new+york&vgd_ifrmode=14&sttm=1692704274493&upk=1692704274.10371&hvsid=00000169270427449300958081327493&verid=3111299&sbdrId=196&tsrc=entity&vgd_l1rakh=1692704274194949407&vgd_ecrid=1700080807684001024076800059500&vgd_isiolc=1&kbbq=%26asn%3D9009&vgd_mcf=84362&vgd_vstrid=3357058740813229&vgde_bdata=QOfvzxjj~77v9~8xLjMjvu9~myJLEYv9.AW~eBMJ-Nv9.iX~e8QMQOvXAu~xLjMLEQMGvh.9W~OmYMGv9.hf~ONfvu~QNOvz5~L1Jv9%2C9~eM1Qzvi99i~OmYMjvf9~ejfLMQOvf9fA9Wfuff~8xLjMGvWhu.9h~xLjM7UNv9~xLjMLf1MGv9~Q7OvAhFXXHiiXh~L17v9.999%2C9~j1Q7v~NemyvuX.AX~e8QMxLjMGv9.XH~ejfLM8MQOvf9fA9Wfuff~8EvuwjTb%3DxD1XEwXcb5C4H708~kGGv9~e8QMxLjMjv9~L88Ex1vAh%2CAW~J7vfu~LNvu~L8Qx8Ov9%2C9~ejfLM8MGv9.9X~LEQMQOvf9fA9Wff9X~e8QMGvFi9.HA~L1Oev9.999%2C9~xLjMGvu.uX~ejfLMxLjMGv9~ejfLMxLjMe8vu4ouF~xLjM7e8v9~xLjMjvu9~QjevAu.hF~yN17vou~GGvuiF~eev9~NejfLMQOvXfX~LkevHu.hF~jfLMGvu999~JLEYv9.AW~ejfLMxLjMUNv949~GYvu~LUJv9%2C9~L1OEv9.999%2C9~1AEMGvi.9F%2CF9.ui~Q8OvhHHhHu9WF~QOvu~x8OvfV1ZELQ7%2FIs8QshX-l~xLjMLEQMUNv9~NejfLMGvuX.AX~G7OvA9W9WuufFHHHiFAXW9uHhAf9hHWXXWFfXW9iAXhFfHXXXh9F9XA9FfAWF9AAXWWFHAh9h9huWWui9XAXHuFf99ufAWAHXuiXhFiHHFH~eBxv9.iX~OfEMjvu9~NejfvuX.AX~AENkvu999~x8Yv9~myMYQwv9.AW~LU7v9.999%2C9~OYYMQ7LyvJNE~OfEMGvu~myOfEMGv9.iW~QQvIK~NNvPb~x8Bvou~NJv9~LEQMGvF9.ui~xLjMQLEQMGvh.9W~LNevHu.hF~%3DVvfiWi~LUBEv9.999%2C9~UGMxNvof~z7Qvuh~UGMNNUQvof~N7vzJBn5mLU~GQQMC_pvIK%2CIK~LUBOv9.999%2C9~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8Q8kv9~xLjMLENMGv9~G8Ov9.AW~ONvW~xLjMLEQMLev9~ejfLMGvi.9F~NGOEv9.fFF~QOvu~875EJM8Ovuh~QJjjJLM71yM8OvAhFXXHiiXh~QxEEj5M71yM8Ov~OJ7JN7JOM71yM8Ov~e8JB1G8j875v9.iX~EmQvu~1NM75EJvu~1OGjUvAhFXXHiiXh~1YEvu~myG8Ov9.AW9~GkjLv9.9u9~Qx8Ov%3DK4b4T3s3fWHrE_P%3DBNi8BfdjLP~O7NvJ1Q7MQN~OYYMJLEYvk1jQJ~OYYvJNE~GOEN1EOv9~O1jyvQJLeJLMOJk1xj7~QyY7vjmzyM718jMwmYJE1yJMN17Nw1jj~8zQjvu~QmGEv~-8OvKrtoExGofHiuWHuWHFAWfuhF~w7Yjvu~~8GNvu~zQlvuh~7yQvfX9-fX9%7CA99-fX9%7CA99-F99%7CA99-u9X9%7CAf9-H99%7CAf9-HW9%7CAAF-fW9%7CHuH-hAF%7CHW9-Af9%7CXW9-H99%7ChAF-HuH%7ChX9-f99%7ChX9-A99%7ChFW-u9fH%7CiA9-uW9%7Cih9-fX9%7Cu9fH-hFW~GQGv9~GQEv9~7Y-vfA9&vgd_bhv_kbb=-1&vgd_cfud=230612&vgd_scsver=168&vgd_optout=0&vgd_ydspr=1&vgd_l2shld=1&vgd_rensize=0_0&vgd_scr_h=1200&vgd_scr_w=1600&vgd_dma=501&vgd_ect=4g&vgd_l1rpth=%2Fnmedianet.js&vgd_lbt=500&vgd_mbr=1&vgd_pgids=1&tdAdd[]=uiparams%3D&vgd_uspa=0&vgd_sc=NY&vgd_l1rhst=contextual.media.net&hvsid=00000169270427449300958081327493&rc=0&rand=1692704274871&acid=ad954bf4454a4a1e9d27d355dfdce4a6&matm=1692704274871&vgd_ltimesrc=1&vgd_ltime=495&vgd_rtime=493&vgd_etm=11&vgd_l1hcsd=Swx9p%7C5463&vgd_l1ch=1&vgd_lhl=1166&vgd_pgid=p01108492953t202308221137&vgd_csip=rtb-appnexus-85cb5b67cb-xpgz2.SC&vgd_sbSup=0&vgd_nrrs=13243&vgd_cdv=1055&vgd_cntrdt=SL%7CDIV-creative%7CDIV-card%7CDIV-ad_position_box%7CBODY&vgd_crefurl=https%3A%2F%2Fes.guiapromocoes.com.br%2F&vgd_eadm=1&vgd_matchstr=hr%3D0%7C&vgd_end=2

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2773&&kkdd=AA%7C3%7C9*nAH&Al=jwLEOf8EO8PPLPLEEjO&6neb=f&*.e)=f&M.Fz=HE--&Fln=P!qO~OOja&FeFn=~Fp61RtBDCatujDDJbbCFX%3D%3D&Fbln=O88O8jfPw&.lyz=jfE8ROwP&FF=qi&.F=Ux&FNo*=a!2&eln=P2kK80dOU&Meln=ZCs8wiL&NMMe.=j&bbb=MyKJNHFYJHP2!kH84~oqMtOrfs1MKgrwHPGwD~ZZVK8%3D&mXb4=NMMe.%3A%2F%2Fz.(6Bl)eb1*1F1z.(F1*(Ib&zmXb4=XOOa~%3AiiC~(uRPjaH*x*U*C~(U*x(VH&o.z=s&YX=j&B6n=8&)nMj=P!qqLCGPW&)nME=P-LEPPw8-&In)M)=.nE%3DoBYYhMM%3DfhlBbYDY%3Djfh16zbe*%3Df(-PhAXDzRF%3Df(LshAl.D.n%3Ds-jhBbYDbe.DI%3DO(fPhn1*DI%3Df(OEhnFE%3Djh.Fn%3Douhb)z%3Df%2CfhAD).o%3DLffLhn1*DY%3DEfhAYEbD.n%3DEfE-fPEjEEhlBbYDI%3DPOj(fOhBbYDMmF%3DfhBbYDbE)DI%3Dfh.Mn%3D-Owss8LLsOhb)M%3Df(fff%2CfhY).M%3DhFA16%3Djs(-shAl.DBbYDI%3Df(s8hAYEbDlD.n%3DEfE-fPEjEEhle%3DjNYHi!BK)seNsriuca8M2lh4II%3DfhAl.DBbYDY%3DfhblleB)%3D-O%2C-PhzM%3DEjhbF%3Djhbl.Bln%3Df%2CfhAYEbDlDI%3Df(fshbe.D.n%3DEfE-fPEEfshAl.DI%3DwLf(8-hb)nA%3Df(fff%2CfhBbYDI%3Dj(jshAYEbDBbYDI%3DfhAYEbDBbYDAl%3DjaJjwhBbYDMAl%3DfhBbYDY%3Djfh.YA%3D-j(Owh6F)M%3DJjhII%3DjLwhAA%3DfhFAYEbD.n%3DsEshb4A%3D8j(OwhYEbDI%3Djfffhzbe*%3Df(-PhAYEbDBbYDmF%3DfafhI*%3Djhbmz%3Df%2Cfhb)ne%3Df(fff%2Cfh)-eDI%3DL(fw%2Cwf(jLh.ln%3DO88O8jfPwh.n%3DjhBln%3DE_)Veb.M0UGl.GOsRyhBbYDbe.DmF%3DfhFAYEbDI%3Djs(-shIMn%3D-fPfPjjEw888Lw-sPfj8O-EfO8PssPwEsPfL-sOwE8sssOfwfs-fwE-Pwf--sPPw8-OfOfOjPPjLfs-s8jwEffjE-P-8sjLsOwL88w8hAXB%3Df(LshnEeDY%3DjfhFAYE%3Djs(-sh-eF4%3DjfffhBl*%3Dfh16D*.N%3Df(-PhbmM%3Df(fff%2Cfhn**D.Mb6%3DzFehnEeDI%3Djh16nEeDI%3Df(LPh..%3DUghFF%3DqihBlX%3DJjhFz%3Dfhbe.DI%3Dwf(jLhBbYD.be.DI%3DO(fPhbFA%3D8j(Owh!_%3DELPLhbmXe%3Df(fff%2CfhmIDBF%3DJEhoM.%3DjOhmIDFFm.%3DJEhFM%3DozX%20u1bmhI..DcZd%3DUg%2CUghbmXn%3Df(fff%2CfhI).l.E%3DjLwhI).l.j%3DjLwhl.Kz4%3Dfhl.l4%3DfhBbYDbeFDI%3DfhIln%3Df(-PhnF%3DPhBbYDbe.DbA%3DfhAYEbDI%3DL(fwhFIne%3Df(Ewwh.n%3DjhlMuezDln%3DjOh.zYYzbDM)6Dln%3D-Owss8LLsOh.BeeYuDM)6Dln%3DhnzMzFMznDM)6Dln%3DhAlzX)IlYlMu%3Df(Lshe1.%3Djh)FDMuez%3Djh)nIYm%3D-Owss8LLsOh)*e%3Djh16Iln%3Df(-PfhI4Yb%3Df(fjfh.Bln%3D!gaiaHxGxEP8SeZq!XFLlXE3YbqhnMF%3Dz).MD.Fhn**Dzbe*%3D4)Y.zhn**%3DzFehIneF)en%3Dfhn)Y6%3D.zbAzbDnz4)BYMh.6*M%3DY1o6DM)lYDN1*ze)6zDF)MFN)YYhlo.Y%3Djh.1Ie%3DhRln%3DgSQJeBIJE8LjP8jP8w-PEjOwhNM*Y%3DjhhlIF%3Djho.y%3DjOhM6.%3DEsfREsf%7C-ffREsf%7C-ffRwff%7C-ffRjfsf%7C-EfR8ff%7C-EfR8Pf%7C--wREPf%7C8j8RO-w%7C8PfR-Ef%7CsPfR8ff%7CO-wR8j8%7COsfREff%7COsfR-ff%7COwPRjfE8%7CL-fRjPf%7CLOfREsf%7CjfE8ROwPhI.I%3DfhI.e%3DfhM*R%3DE-f&oMA=f&***=BQ1.U4_Spam%3D&lX=f&lo_4b=j&Inb_n=8wf&*F4=P8-wE&un.eb=j&I)z=t8)6RzUpR%2F&m)Mebz=j&F)n1*)lo=MyKJNHFYJHJWiNU8EJBB4noskQNEl!fUwpn-Eu8_iF30kW3Dmu31y6%3D%3D&l.ln=s&)nA=_oAz.M1b%20G1FB.&e6ln=efjjfP8LELs-MEfE-fPEEjj-O&..Yn=%7B%22..le%22%3A%22E)fn%3Aswff%3AffE8%3Affff%3Affff%3Affff%3Affff%3Affff%22%2C%22..FF%22%3A%22qi%22%2C%22...F%22%3A%22Ux%22%2C%22..FMu%22%3A%22UzX%20x1bm%22%7D&NM*Y.bF=j&ure=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.160.55.127 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

127.55.160.34.bc.googleusercontent.com

Software

Resource Hash

c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 11:37:54 GMT
via: 1.1 google
strict-transport-security: max-age=63072000
accept-ch: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform-Version
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Mon, 21 Aug 2023 20:20:06 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 47ms
47ms Image
text/html 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230817&jk=2388198473359643&bg=!BgWlBUrNAAZGPLJIZjw7ADQBe5WfOD5nJFM_XWuZNCZ5cBz2b9hwt_GfWESuYIfRnGKbFVNinVxbQjeSOtrvdHIXDbABAgAAAURSAAAAB2gBBwoAT70OCTKVfeogvwavXaw4jbpGppT77rmoWACe1hXONtxYcQ27zEe15MbAbMy-VY-yTTem3A4PKrSYNqdUvxycp3BHxQnW7hYsSlKZ9amaKyGZAsih17-dR_7oTrCEW5qgC23QyrKJ7wqWWzadbHNafjeloGQskfAD25QT82JAU-qEiB1rEgHTIo_-eRhVul9pOSKd7QEKaF1BJdQxdbsa7qPVcsi0KmjDSeZs2grsJTmksBidQv80ULqcBRINb9whfYKkSNgP69ion7MPV40WaqLd3ycGpdupYTYSlBaQI7ErUkTXgEuCFOmvlpHg9L3SspjJREUR30g7oAOgRxNZTuGKSe5oX3M-SbuwbSQ2o767qu5vd8X-am8d9esgs5g2tzzeDYOgvBrCmjRg9KQbyhEdW9xuGLY0IgGlhvMEZL0ybA89dKrMOAgVdojoUuFyVHDAhIz3Sed2y6nbBsr7uUYEVMEvI-259Jy6o9C-qERIuqVL0P1Ul6mwd1b8kvJdn4T-FdjNBRMYbyMXwDg7mX0CeQl4hpLuj64DU0s77Zlmwp-_tgrNssYnMLVIwcgllJxrKgmwelY-fL9qIx30ocDQTZllmDt0XDbjCAHyeEpJvIEnLV_khgXMzY6UneLZ701xI99kXccECcbvEgBRm0Yjkv0RbLY7fmidAEX9CTyUalMywQ7YLfsbI71Nr9juWi6gt3FxQbXjOAwEiJLcgOKoTYV4jbMLr-cWjU6sLnwBrP1rMe2XyPSlagPpxLrKfmMEh_ixbHEYyU6zl_wSLJSXEj-rzf99aKpYyr-x5AwV2uMoL-TEe0kcRdOk84oqrtOzFH-fxYw1TLJyH_y9Eh3k6CbDk9ZSmidTfPTgwh8OSINrexIZb_XG2VyZ-lVTk6P4r0j7QJl4r0a1MxpntHu5tuUG7L2evFOYloQuuOOlx-Ewi3nH8CKFj0KnvhlBlzHjENNNKthv03Jbjs-HX_lCjBSDYfa54hz8YUhgpyqVyncdcu_z3AfezBIfancsWdFagwi7vsI5kfei_OY-d8Tz8ITuzcO4Cehs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://es.guiapromocoes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 22ms
22ms Ping
text/plain 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-27GP0244L6&gtm=45je38l0&_p=506192394&cid=112353596.1692704273&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEII&_s=2&sid=1692704273&sct=1&seg=0&dl=https%3A%2F%2Fes.guiapromocoes.com.br%2F&dt=Gu%C3%ADa%20de%20Promociones%20-%20Aqu%C3%AD%20encontrar%C3%A1s%20consejos%20de%20finanzas%2C%20beneficios%20y%20aplicaciones%20que%20har%C3%A1n%20tu%20d%C3%ADa%20a%20d%C3%ADa%20m%C3%A1s%20f%C3%A1cil&en=ad_impression&ep.query_id=CNWUyeeW8IADFRsTiAkdL38FUQ&_et=706
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-27GP0244L6&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://es.guiapromocoes.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 11:37:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://es.guiapromocoes.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: guiapromocoes.com.br
URL: https://guiapromocoes.com.br/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0

Domain: guiapromocoes.com.br
URL: https://guiapromocoes.com.br/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff?v=4.7.0

Domain: guiapromocoes.com.br
URL: https://guiapromocoes.com.br/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.ttf?v=4.7.0

Verdicts & Comments Add Verdict or Comment

89 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

33 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.guiapromocoes.com.br/	1970-01-20 16:21:20	Name: _gcl_au Value: 1.1.1333276320.1692704273
.guiapromocoes.com.br/	1970-01-20 14:13:10	Name: _gid Value: GA1.3.294392680.1692704273
.guiapromocoes.com.br/	1970-01-20 14:11:44	Name: _gat_gtag_UA_255372860_1 Value: 1
.guiapromocoes.com.br/	1970-01-20 23:47:44	Name: _ga_09QK8DK4KL Value: GS1.1.1692704273.1.0.1692704273.0.0.0
.guiapromocoes.com.br/	1970-01-20 23:47:44	Name: _ga_KK6NZ7SKWR Value: GS1.1.1692704273.1.0.1692704273.0.0.0
.guiapromocoes.com.br/	1970-01-20 14:11:44	Name: _gat_gtag_UA_181670863_2 Value: 1
es.guiapromocoes.com.br/	1970-01-20 22:57:20	Name: cookielawinfo-checkbox-necessary Value: yes
es.guiapromocoes.com.br/	1970-01-20 22:57:20	Name: cookielawinfo-checkbox-functional Value: no
es.guiapromocoes.com.br/	1970-01-20 22:57:20	Name: cookielawinfo-checkbox-performance Value: no
es.guiapromocoes.com.br/	1970-01-20 22:57:20	Name: cookielawinfo-checkbox-analytics Value: no
es.guiapromocoes.com.br/	1970-01-20 22:57:20	Name: cookielawinfo-checkbox-advertisement Value: no
es.guiapromocoes.com.br/	1970-01-20 22:57:20	Name: cookielawinfo-checkbox-others Value: no
.guiapromocoes.com.br/	1970-01-20 16:21:20	Name: _fbp Value: fb.2.1692704273534.2127208513
.guiapromocoes.com.br/	1970-01-20 23:33:20	Name: __gads Value: ID=7adfc01977acb278-2217ab80afe300ef:T=1692704273:RT=1692704273:S=ALNI_MbcNWwCrtmiRawBhGlUN1zr_ZSzsA
.guiapromocoes.com.br/	1970-01-20 23:33:20	Name: __gpi Value: UID=00000d8d0d188c8e:T=1692704273:RT=1692704273:S=ALNI_Mb_LxLRBP7p_gBF6EfY-5queTm_Qw
.guiapromocoes.com.br/	1970-01-20 23:47:44	Name: _ga_KQ50CSGZB5 Value: GS1.1.1692704273.1.0.1692704273.0.0.0
.guiapromocoes.com.br/	1970-01-20 23:47:44	Name: _ga Value: GA1.1.112353596.1692704273
.doubleclick.net/	1970-01-20 23:47:44	Name: IDE Value: AHWqTUlhHGIScvnXr6W9WT8s5Ms5Y8ySx3_wLaSC3FcJ_6mhdrlIvqjG7EQC0Uy7eGQ
.guiapromocoes.com.br/	1970-01-20 23:47:44	Name: _ga_27GP0244L6 Value: GS1.1.1692704273.1.0.1692704274.0.0.0
.media.net/	1970-01-20 22:57:20	Name: visitor-id Value: 3357058740813229000V10
fksnk.com/	1970-01-20 14:21:49	Name: AWSALBCORS Value: 6mRdv7GxvwYL4UyasBl4E0w+RgteniXArDvnk+9w8YYu1AE7ulxPOSfMRvw4BXqdPFOZjXuXSg/bZ0XRuYAbSHowwDlBs5VTQll7Pz/dhAaNqTTe6pLLqjBM4+dK
.fksnk.com/	1970-01-20 16:21:20	Name: f_001 Value: 8581CF9C1BAFB1DF
.fksnk.com/	1970-01-20 14:13:10	Name: g_001 Value: 1
.simpli.fi/	1970-01-20 22:58:46	Name: suid Value: EBDEA98EFBB64421888CEA027FD09EBE
.sharethrough.com/	1970-01-20 14:54:56	Name: stx_user_id Value: 10e70724-3317-4d00-bc76-77c755e012dd
.yieldmo.com/	1970-01-20 22:57:20	Name: yieldmo_id Value: 3mSPoHHbbPHITID0yWud%7C1692662400000%7C0
.owneriq.net/	1970-01-20 23:47:44	Name: si Value: Q7459906742035389307P
.owneriq.net/	1970-01-20 14:26:08	Name: p2 Value: gguuid
.owneriq.net/	1970-01-20 14:26:08	Name: gguuid Value: 1
.mathtag.com/	1970-01-20 23:37:39	Name: uuid Value: c3b764e4-9e12-4000-86f4-14c350acd27f
.mathtag.com/	1970-01-20 14:54:56	Name: mt_mop Value: 4:1692704274
.dotomi.com/	1970-01-20 14:11:44	Name: DotomiTest Value: 274411a7d2d704e0
.media.net/	1970-01-20 14:31:53	Name: data-g Value: CAESEINw3EUEhff0MOQV6UzMPsU~~6

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://guiapromocoes.com.br/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8 Message: Failed to load resource: the server responded with a status of 409 ()
javascript	error	URL: https://es.guiapromocoes.com.br/ Message: Access to font at 'https://guiapromocoes.com.br/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0' from origin 'https://es.guiapromocoes.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://guiapromocoes.com.br/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://es.guiapromocoes.com.br/ Message: Access to font at 'https://guiapromocoes.com.br/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff?v=4.7.0' from origin 'https://es.guiapromocoes.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://guiapromocoes.com.br/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff?v=4.7.0 Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://guiapromocoes.com.br/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8 Message: Failed to load resource: the server responded with a status of 409 ()
javascript	error	URL: https://es.guiapromocoes.com.br/ Message: Access to font at 'https://guiapromocoes.com.br/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.ttf?v=4.7.0' from origin 'https://es.guiapromocoes.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://guiapromocoes.com.br/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.ttf?v=4.7.0 Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.yieldmo.com
akl-navvy.media.net
cf70477cd02bd3043219fac404e63de7.safeframe.googlesyndication.com
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
cs.media.net
dclk-match.dotomi.com
es.guiapromocoes.com.br
fksnk.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
guiapromocoes.com.br
hblg.media.net
lg3.media.net
match.sharethrough.com
pagead2.googlesyndication.com
partner.googleadservices.com
px.owneriq.net
script.joinads.me
securepubads.g.doubleclick.net
stats.g.doubleclick.net
sync.mathtag.com
tpc.googlesyndication.com
um.simpli.fi
warp.media.net
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
guiapromocoes.com.br
104.126.112.26
172.217.13.130
172.217.13.138
172.217.13.168
172.217.13.194
172.217.13.98
192.185.223.224
2001:4860:4802:32::178
216.200.232.249
23.52.158.180
23.76.43.24
2606:4700:3032::6815:d13
2606:ae80:1471:1b::1720
2607:f8b0:4004:c0b::9a
2607:f8b0:4020:805::2002
2607:f8b0:4020:806::2001
2607:f8b0:4020:806::2003
2607:f8b0:4020:806::2008
2607:f8b0:4020:807::2001
2607:f8b0:4020:807::2002
2607:f8b0:4020:807::2004
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
34.160.55.127
34.197.10.159
34.232.117.132
35.194.66.159
5.135.84.192
54.152.164.74
03155ddd40e93cac36a91b9bfd87fb52e40a788587b3689f2cad6179bd11b2fe
07d393b34f2235f8e60786f2b533403510bf234f7cb503fe6dad3062d4754864
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
185f021225b68b0daabbb5ae653e5ea0736007b1022cb7c43f625d23ca41feb7
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2e65c96ae7512cecb72524eaae3591afd195dbeb6b02696d8115ab604f438994
2f43753c21b3ae829746f0aa0ea0b5bd19a181fbea1d74bfd559ebc0419aa322
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3a96028b7a0904cbcea159628be9b82059fd6a3072cc5b0e9ed07837e4d162cb
3c22c36c57bd8240babc7ec06bf14ca6f6847464388be309eb46fb0ece0c3f40
3cc6fc5270cfbd41ab6196ac372b893406236037932561644b4736a5f274f04a
404ec0576998dec8a03befc13218a331eb6947da89079c61e92dd15f6345a072
4539a37b37acaf787b3ccd0bb1e9a3372c9150aff547eeddd0296ad2a6d664f8
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46fa02ba0596d6bf560508d08c7a36d681fd52138b0126bbb3530e01d8a02a13
49fe15f9514abc304c41840cb89b98ec424cbbb733ca1e7432ba1c8a5bad2267
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
4fb458a47de56cbb5a8fe40e7bea9da5a0e277007bdc7bdf8275ebccc3881164
501ad83567ab2e8f11c38aa489ee3d6274a03a2621fb91cc8d2aed98b471f8a0
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
529040ffb31edc3b458168066d513769520e983e2cc9ffb8d6c9ea0d98c57a11
54e623589f5260a5167aafd289740f8aae40ebe6e0d6afe29d28459edb5a4718
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57074e0e1615abba4cb91dffe4974eca71b4285987c1fbe5aba45c9243e7b8f3
5a9e08bd3fd1965617cd17ba6c346039b7a6c1949cf42779e859ed0008fc1ad3
5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
638b91bd86a96e20c60987fa9c0a58cc19edac9b8c130854915e1aff7b29cfb6
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c52384c7b0641dd1ead85d079c22d39bcc6dc5f2537afb1e6396bb619771a3f
7058a9f8fbf0a4463b3df750715d7d5600d34b902703d0998628eb2d454bf437
75cabc24bf21015cd44fc8329fd6070558e9503cf50eadfa65b8d20504bb803f
782c23b8974a129ccdbaebfba8fbc43622148e09415625293412e05cbf83541e
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
8743a0ec6f2d91fb0d1f5d6ea5a4a2d12ae47aff206802deaa6a19835c57bde0
8b8a37fefb69257f95a1268933bfdcbe291d1c73f0e7f1811d145857b2dac249
8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6
91aa4418bf8f020caeb752d08a9b752e97dfd1a29918c1832072bbf9e74ed29b
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9e782a683dd821f655a52d6ef2b9332ec524026b7613079fc0d9aa8a66e6f02e
9fe767cfce3150cc4e5d32f94a50dc7d91bf0ed072fc76f98c991b9d660073fb
a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd
a6eda84e469463424ebf458949c409a82ee31d042cf3c8e84978658832f634c5
a8e3c1f378254611d83d27991dd0bd18c759d064fe52160f16043be1ec434cc5
abef1f4c53d4729d11bd3f7a6b9cb7321f88cb7c2006f4ca2ce8d23454332a46
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
bdfe34a674ecca3d92e0574c7a4da4d37b2097e11129ced613464cb00e07e721
c0af69033729bc7abb57ca62f77f28bb705a4c8170ed9def9550798996f49fd5
c7146cb6d05184fb32bf2227267794b20ffb14ff81230ee1bbe81757b2a1806e
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
cdff775d87fedddc0313f7d6b54d6a4de5ee2d943d28ff1b2b065600dd9238f8
dd248a75bdc1f227d6d036eae86e819dd967b01640f4f7eb9c72cd51ef441fa7
de1eb4abf13cc7038496f16b50ee1fea06506c9a9126bd4c663743d98dd6c82d
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4240ee23e840bebe54c7c07512f10aee39ae8c0f3ddd6a692be08eb6a6875a9
e5fcbcc4e9a8888263e0b0e05ecb320be2a0aa2c6b937b457659b6b63588cda3
ea5bd8cbe2932aec2793001d8850c235580ca8be923a0076af90b4ed5aa8e72c
ec140ae8baa4b61226d96beba9277a0072e45b805004b8ea983c5d43402aeb66
ee839ae7a428045ebb553c9f9d5cc4cb43070642e19e0665027ee5ba2f864fba
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2e28e4ecf573eda3fe231998f565a19621071b0aadd4de0b694218e2b145d6a
f56deb678b037a35b745067228951222edf8d07142b8c7b9d084b1c12e9325ce
f65dc0067c4310138c0b145662a08ce48630433e9a2cd404cfb244d0ac30642f
fa86459105bc6909e39f993298cdd45734f2b35c92798dd700e9e454c9b8067a

es.guiapromocoes.com.br Open in urlscan Pro 5.135.84.192 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

100 Requests

86 %HTTPS

45 %IPv6

21 Domains

33 Subdomains

23 IPs

3 Countries

1922 kBTransfer

5335 kBSize

33 Cookies

1 Outgoing links

Redirected requests

100 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

es.guiapromocoes.com.br Open in urlscan Pro
5.135.84.192 Public Scan

Screenshot
Live screenshot

Full Image

100
Requests

86 %
HTTPS

45 %
IPv6

21
Domains

33
Subdomains

23
IPs

3
Countries

1922 kB
Transfer

5335 kB
Size

33
Cookies

100 HTTP transactions
0 data transactions