urlscan.io logo urlscan.io
SecurityTrails logo

bonus.plata-forma-nova.com Open in urlscan Pro
2a02:4780:13:901:0:61b:9d50:3  Public Scan

Go To Rescan Add Verdict Report
URL: https://bonus.plata-forma-nova.com/
Submission: On January 27 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 4 countries across 14 domains to perform 126 HTTP transactions. The main IP is 2a02:4780:13:901:0:61b:9d50:3, located in São Paulo, Brazil and belongs to AS-HOSTINGER, CY. The main domain is bonus.plata-forma-nova.com.
TLS certificate: Issued by R3 on January 26th 2024. Valid for: 3 months.
This is the only time bonus.plata-forma-nova.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

3    2a02:4780:13:901:0:61b:9d50:3 (São Paulo, Brazil)

ASN47583 (AS-HOSTINGER, CY)
bonus.plata-forma-nova.com
5    2607:f8b0:4006:80d::200a (Colchester, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
33    2606:4700:3035::ac43:ce15 (United States)

ASN13335 (CLOUDFLARENET, US)
www.carpemundi.com.br
3    2607:f8b0:4006:81d::2008 (Colchester, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
19    2607:f8b0:4006:81e::2002 (Colchester, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
10    2a04:fa87:fffd::c000:42cd (Ireland)

ASN2635 (AUTOMATTIC, US)
viagemeturismo.abril.com.br
3    2607:f8b0:4006:81c::2003 (Colchester, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
6    2607:f8b0:4006:821::2002 (Colchester, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
6    2607:f8b0:4006:81d::200e (Colchester, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
7    2607:f8b0:4006:807::2002 (Colchester, United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    2607:f8b0:4004:c17::9c (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
5    2607:f8b0:4006:816::2004 (Colchester, United States)

ASN15169 (GOOGLE, US)
www.google.com
3    2607:f8b0:4006:81d::2001 (Colchester, United States)

ASN15169 (GOOGLE, US)
cf79cfae7bb2dd32cb36c1e0fa90ec92.safeframe.googlesyndication.com
11    2607:f8b0:4006:820::2001 (Colchester, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2607:f8b0:4006:80c::2002 (Colchester, United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    2606:4700:1::6813:824c (United States)

ASN13335 (CLOUDFLARENET, US)
jsc.mgid.com
c.mgid.com
2    2606:4700:3033::6815:325a (United States)

ASN13335 (CLOUDFLARENET, US)
sdk.mrf.io
experiences.mrf.io
3    162.19.96.32 (France)

ASN16276 (OVH, FR)
PTR: haproxy05.cl13.ovh.mrf.io
events.newsroom.bi
Apex Domain
Subdomains		 Transfer
33 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
cf79cfae7bb2dd32cb36c1e0fa90ec92.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
749 KB
33 carpemundi.com.br
www.carpemundi.com.br
2 MB
15 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
157 KB
10 abril.com.br
viagemeturismo.abril.com.br
281 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
42 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 2
3 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
3 KB
3 newsroom.bi
events.newsroom.bi — Cisco Umbrella Rank: 7316
2 KB
3 mgid.com
jsc.mgid.com — Cisco Umbrella Rank: 8715
c.mgid.com
185 KB
3 gstatic.com
fonts.gstatic.com
62 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
218 KB
3 plata-forma-nova.com
bonus.plata-forma-nova.com
53 KB
2 mrf.io
sdk.mrf.io — Cisco Umbrella Rank: 9261
experiences.mrf.io
48 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 230
130 KB
126 14
Domain Requested by
33 www.carpemundi.com.br 9 redirects bonus.plata-forma-nova.com
www.carpemundi.com.br
19 pagead2.googlesyndication.com bonus.plata-forma-nova.com
pagead2.googlesyndication.com
cf79cfae7bb2dd32cb36c1e0fa90ec92.safeframe.googlesyndication.com
tpc.googlesyndication.com
11 tpc.googlesyndication.com cf79cfae7bb2dd32cb36c1e0fa90ec92.safeframe.googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
10 viagemeturismo.abril.com.br bonus.plata-forma-nova.com
viagemeturismo.abril.com.br
7 securepubads.g.doubleclick.net www.carpemundi.com.br
securepubads.g.doubleclick.net
cf79cfae7bb2dd32cb36c1e0fa90ec92.safeframe.googlesyndication.com
www.googletagservices.com
6 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
viagemeturismo.abril.com.br
6 googleads.g.doubleclick.net pagead2.googlesyndication.com
www.googletagmanager.com
5 www.google.com bonus.plata-forma-nova.com
tpc.googlesyndication.com
5 fonts.googleapis.com bonus.plata-forma-nova.com
www.carpemundi.com.br
viagemeturismo.abril.com.br
3 events.newsroom.bi sdk.mrf.io
3 cf79cfae7bb2dd32cb36c1e0fa90ec92.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 fonts.gstatic.com fonts.googleapis.com
3 www.googletagmanager.com bonus.plata-forma-nova.com
www.googletagmanager.com
3 bonus.plata-forma-nova.com bonus.plata-forma-nova.com
www.carpemundi.com.br
2 jsc.mgid.com viagemeturismo.abril.com.br
jsc.mgid.com
2 www.googletagservices.com cf79cfae7bb2dd32cb36c1e0fa90ec92.safeframe.googlesyndication.com
2 stats.g.doubleclick.net www.google-analytics.com
1 c.mgid.com
1 experiences.mrf.io sdk.mrf.io
1 sdk.mrf.io viagemeturismo.abril.com.br
126 20
Subject Issuer Validity Valid
bonus.plata-forma-nova.com
R3		 2024-01-26 -
2024-04-25		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
carpemundi.com.br
E1		 2023-12-12 -
2024-03-11		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
viagemeturismo.abril.com.br
R3		 2023-12-04 -
2024-03-03		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-11 -
2024-04-10		 a year crt.sh
ssl03.cert.cl13.k8s.mrf.io
R3		 2024-01-11 -
2024-04-10		 3 months crt.sh

This page contains 18 frames:

Primary Page: https://bonus.plata-forma-nova.com/
Frame ID: 5DAFCA7C3C96011A2028788B33B9C76D
Requests: 79 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/zrt_lookup_fy2021.html
Frame ID: ED8B4FCB33AF70DFE1FD53421E735DB4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5604719799704952&output=html&adk=1812271804&adf=3025194257&lmt=1706323591&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x675_l%7C308x675_r&format=0x0&url=https%3A%2F%2Fbonus.plata-forma-nova.com%2F&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.7&asamct=0.7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706323590583&bpp=5&bdt=396&idt=492&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=317533220682&frm=20&pv=2&ga_vid=1312026962.1706323591&ga_sid=1706323591&ga_hid=1333840735&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31080589%2C31080591%2C95322183%2C95320890%2C95321626%2C95322164%2C95323007&oid=2&pvsid=1143235603038385&tmod=1630422537&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=569
Frame ID: E8A2108F8324642393B7B11BE454DEC5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5604719799704952&output=html&h=50&slotname=4686316025&adk=2458788269&adf=777406876&pi=t.ma~as.4686316025&w=320&lmt=1706323591&format=320x50&url=https%3A%2F%2Fbonus.plata-forma-nova.com%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706323590589&bpp=2&bdt=403&idt=615&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=317533220682&frm=20&pv=1&ga_vid=1312026962.1706323591&ga_sid=1706323591&ga_hid=1333840735&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31080589%2C31080591%2C95322183%2C95320890%2C95321626%2C95322164%2C95323007&oid=2&pvsid=1143235603038385&tmod=1630422537&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfnEr%7C&abl=CF&pfx=0&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=640
Frame ID: A8ABB279615A094FBC518F91D5DC62F8
Requests: 1 HTTP requests in this frame

Frame: https://cf79cfae7bb2dd32cb36c1e0fa90ec92.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2F0775AB27CD9E95BCAAE58CBDA25D03
Requests: 1 HTTP requests in this frame

Frame: https://bonus.plata-forma-nova.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Frame ID: EC9625C4F1CE5E383BB8BF60F122C90D
Requests: 1 HTTP requests in this frame

Frame: https://cf79cfae7bb2dd32cb36c1e0fa90ec92.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 68815DEE579737E2486B9126F4DFF26A
Requests: 11 HTTP requests in this frame

Frame: https://cf79cfae7bb2dd32cb36c1e0fa90ec92.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 522AB549BA0AE1037D06C323BAC099D4
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5604719799704952&output=html&h=250&slotname=5936160424&adk=1791241607&adf=3173046727&pi=t.ma~as.5936160424&w=300&lmt=1667502608&format=300x250&url=https%3A%2F%2Fcf79cfae7bb2dd32cb36c1e0fa90ec92.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706323592688&bpp=15&bdt=249&idt=275&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&correlator=1810976650483&frm=22&ife=3&pv=2&ga_vid=1547679496.1706323593&ga_sid=1706323593&ga_hid=872662246&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1867882211&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079266%2C44798934%2C95320378%2C95320870%2C95320891%2C95321627%2C95322162%2C95323004&oid=2&pvsid=2359848741189240&tmod=1359917875&uas=0&nvt=1&top=https%3A%2F%2Fbonus.plata-forma-nova.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.m8k5twkph5ms&fsb=1&dtd=317
Frame ID: FFCF5EB6AB6A6FB4E2A007DEF517C4DB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5604719799704952&output=html&h=90&slotname=8132650740&adk=2591520744&adf=3173046726&pi=t.ma~as.8132650740&w=728&format=728x90&url=https%3A%2F%2Fbonus.plata-forma-nova.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706323592760&bpp=13&bdt=308&idt=433&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&correlator=1216494985688&frm=24&ife=3&pv=2&ga_vid=687456110.1706323593&ga_sid=1706323593&ga_hid=941625344&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1867882211&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31080590%2C44798934%2C44809004%2C95320890%2C95321626%2C95322162%2C95323007&oid=2&pvsid=951133427231841&tmod=1286738774&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.bdpcza9v5w9z&fsb=1&dtd=447
Frame ID: AFB406EDAF50C2F08718A206C7D628E3
Requests: 1 HTTP requests in this frame

Frame: https://viagemeturismo.abril.com.br/topo-parceiros/
Frame ID: FC9470AF302BC50C9916BB49DC98E6A3
Requests: 21 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 79784A9ED18F65BE4DC18DEDC9C926C9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 211E8603EF4599133584A866231FE5D0
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5E3A34EAD1617A98307FB1705FE18F9E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 49CD8740BAFC9CF8061724AA78229F00
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7E4A268AA8847A2B1D1B30A16BFCC705
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2793DD57A83BE2D6EEDA02E053B6CCB4
Requests: 2 HTTP requests in this frame

Frame: https://experiences.mrf.io/passexperience/dw-check.html?v=6
Frame ID: B643EA5A19F0C3907EF1965EBE42C4E6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Carpe Mundi - Blog de viagens e experiências pelo mundo

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

126
Requests

86 %
HTTPS

94 %
IPv6

14
Domains

20
Subdomains

19
IPs

4
Countries

4435 kB
Transfer

9412 kB
Size

14
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46
  • https://www.carpemundi.com.br/wp-content/uploads/2019/04/para-onde-viajar-em-janeiro-costa-rica-150x150.jpg HTTP 301
  • https://www.carpemundi.com.br/wp-content/uploads/2019/04/para-onde-viajar-em-janeiro-costa-rica.jpg
Request Chain 47
  • https://www.carpemundi.com.br/wp-content/uploads/2019/04/para-onde-viajar-em-fevereiro-filipinas-150x150.jpg HTTP 301
  • https://www.carpemundi.com.br/wp-content/uploads/2019/04/para-onde-viajar-em-fevereiro-filipinas.jpg
Request Chain 48
  • https://www.carpemundi.com.br/wp-content/uploads/2019/04/para-onde-viajar-em-marco-atacama-150x150.jpg HTTP 301
  • https://www.carpemundi.com.br/wp-content/uploads/2019/04/para-onde-viajar-em-marco-atacama.jpg
Request Chain 49
  • https://www.carpemundi.com.br/wp-content/uploads/2017/03/vertical_rio-150x150.jpg HTTP 301
  • https://www.carpemundi.com.br/wp-content/uploads/2017/03/vertical_rio.jpg
Request Chain 50
  • https://www.carpemundi.com.br/wp-content/uploads/2019/04/para-onde-viajar-em-maio-belgica-150x150.jpg HTTP 301
  • https://www.carpemundi.com.br/wp-content/uploads/2019/04/para-onde-viajar-em-maio-belgica.jpg
Request Chain 51
  • https://www.carpemundi.com.br/wp-content/uploads/2019/04/para-onde-viajar-em-junho-cambara-do-sul-150x150.jpg HTTP 301
  • https://www.carpemundi.com.br/wp-content/uploads/2019/04/para-onde-viajar-em-junho-cambara-do-sul.jpg
Request Chain 52
  • https://www.carpemundi.com.br/wp-content/uploads/2019/04/para-onde-viajar-em-junho-suica-150x150.jpg HTTP 301
  • https://www.carpemundi.com.br/wp-content/uploads/2019/04/para-onde-viajar-em-junho-suica.jpg
Request Chain 53
  • https://www.carpemundi.com.br/wp-content/uploads/2019/04/para-onde-viajar-em-agosto-namibia-150x150.jpg HTTP 301
  • https://www.carpemundi.com.br/wp-content/uploads/2019/04/para-onde-viajar-em-agosto-namibia.jpg
Request Chain 54
  • https://www.carpemundi.com.br/wp-content/uploads/2015/08/torreeeeeeeee-scaled-150x150.jpg HTTP 301
  • https://www.carpemundi.com.br/wp-content/uploads/2015/08/torreeeeeeeee-scaled.jpg

126 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
bonus.plata-forma-nova.com/ 		252 KB
52 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bonus.plata-forma-nova.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:13:901:0:61b:9d50:3 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed / PHP/8.1.18
Resource Hash
067c25063af7fefa7a34e27f46398a86707af0989dc3a3447574b0687bd60ad3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Sat, 27 Jan 2024 02:46:30 GMT
platform
hostinger
server
LiteSpeed
vary
Accept-Encoding
x-powered-by
PHP/8.1.18
css
fonts.googleapis.com/ 		3 KB
965 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato%3A400%2C400i%2C700%2C700i%7CShadows%20Into%20Light&display=swap
Requested by
Host: bonus.plata-forma-nova.com
URL: https://bonus.plata-forma-nova.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::200a Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
05ded66e4e6f8fef626c8bca46680341fed78704119e244366f25660f10faf68
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.plata-forma-nova.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 27 Jan 2024 02:46:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 27 Jan 2024 02:46:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 27 Jan 2024 02:46:30 GMT
8e40d5cc2ebb546bdc7c96efa133fbb2.css
www.carpemundi.com.br/wp-content/cache/min/1/ 		553 KB
75 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.carpemundi.com.br/wp-content/cache/min/1/8e40d5cc2ebb546bdc7c96efa133fbb2.css
Requested by
Host: bonus.plata-forma-nova.com
URL: https://bonus.plata-forma-nova.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:ce15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / sundaycooks.com, estudiosunday.com
Resource Hash
5b5523d1567bfe44515496eece612239cc514967bde2acf11c766c27ffa4fa61
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.plata-forma-nova.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 02:46:30 GMT
strict-transport-security
max-age=63072000; includeSubdomains
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-powered-by
sundaycooks.com, estudiosunday.com
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 26 Jan 2024 13:36:55 GMT
server
cloudflare
etag
W/"65b3b577-8a21c"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gddnwmz0CZRUxqtOdzgV8cpmpZbwjUzZd%2BhdTY4N2yNA%2FG9glzGG4yQil4hlpqAl6k%2F28Hp2xBwmH31ZU0J0PLqubdX70Ec5EgdyezZUIZHaQmp8lPB0J%2F7ZKwmYdZ6VXVQ7hSWxkXmSIR2JzpaX7nacSqY%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2678400
cf-ray
84bdaa680ad04bcf-BUF
js
www.googletagmanager.com/gtag/ 		186 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-69391223-1
Requested by
Host: bonus.plata-forma-nova.com
URL: https://bonus.plata-forma-nova.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2008 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4da656cd79e55a12a3b3673b04b20e51143a13eb2ce40eda9bc4b6c44e4443ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.plata-forma-nova.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 02:46:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68515
x-xss-protection
0
last-modified
Sat, 27 Jan 2024 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 27 Jan 2024 02:46:30 GMT
fontawesome-webfont.woff2
www.carpemundi.com.br/wp-content/themes/carpemundi/fonts/ 		0
0
fontawesome-webfont.woff
www.carpemundi.com.br/wp-content/themes/carpemundi/fonts/ 		0
0
fontawesome-webfont.ttf
www.carpemundi.com.br/wp-content/themes/carpemundi/fonts/ 		0
0
fontawesome-webfont.svg
www.carpemundi.com.br/wp-content/themes/carpemundi/fonts/ 		0
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		146 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5604719799704952&host=ca-host-pub-2644536267352236
Requested by
Host: bonus.plata-forma-nova.com
URL: https://bonus.plata-forma-nova.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
471e93bcda3878b64456cda05326feed034173ad4deb3a8d7ba68426555b3e43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bonus.plata-forma-nova.com/
Origin
https://bonus.plata-forma-nova.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 02:46:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51110
x-xss-protection
0
server
cafe
etag
7700328692651518049
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sat, 27 Jan 2024 02:46:30 GMT
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9ae848609cccf18610e7c6952fb3b9116e3c4a4d11357e1d71c6ba77abcc5247

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bfcc2143b6f0635117b7354d9c0965778cd10168c10ca661d0ce42af30820951

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		67 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d3eea5738077a2f0a2284196cf4a8a0caae61859e77001b5805b58b285d9329

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3619664b6a85b0c8a85d1d67d86cbf0b0c610f0f63389d8c7220c2f4a13f317f

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a14ea03c678fe3a3ac453e1778b500e39bd693d46843141ad49536f0760012d2

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		69 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f23cb4c67499b9876de26a739e8796e73d36c284d8e321670c6b7d3ca886005f

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e9ad1757eb986ec7d2eb77ebb5ca1a164b2dc229f07386bc7620ddb5d450d69e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfed60df6dddf414abf15c4a6714e8b558af56ccee0a491a9dafdc7ec637c811

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8db884a803763d69afac285887d37c851961b4b91e824bdd9e2e5068b425f438

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		69 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d6ce66f31110d4b9bb78658c36747004fce44b7c2dcdccaed317fda91ca0eca2

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		69 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b69a7259e54130c6c0853c3b4630e05d6a718be079f25976196bf5d29fe40f43

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		70 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fcc71ddf7994aa7db1397170a0272d8bf66543a600047021541ee87153455cd6

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
89e274a69e6c678c418e5e8256b414ae7bd93c9d2ffc86f0a2491214171b486d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
be0fae7a62c7d80dcf7ce440eed37d8c3bb105a95d2d449a15db575aa09fcab3

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
376aba408c9fe4c01f4e72805d1657037f68c8255347d95d7eed978f9a297c8b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		69 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b411ecd2fe60b754dee8afef998a6eedaf227996f9fe2d45f075b980e1c29075

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		69 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bd534bb39a5f3e606b22603ee0047d6c715d9d9f42786990ec2c929cbf03a397

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		146 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: bonus.plata-forma-nova.com
URL: https://bonus.plata-forma-nova.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
93a1e8c6b810c63830f3d3e2df06c17cd1e19bf0d406b8d0cb2b023cfded0a51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.plata-forma-nova.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 02:46:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51063
x-xss-protection
0
server
cafe
etag
6434086083876944541
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sat, 27 Jan 2024 02:46:30 GMT
/
viagemeturismo.abril.com.br/script-topo-parceiros/ 		834 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://viagemeturismo.abril.com.br/script-topo-parceiros/?ver=1.0.0.1616095949
Requested by
Host: bonus.plata-forma-nova.com
URL: https://bonus.plata-forma-nova.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:42cd , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
dca6351de5a9288d4d6431664599824235fd8d05e0faa5c92329b816c8bc5ce0
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.plata-forma-nova.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-hacker
If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
date
Sat, 27 Jan 2024 02:46:30 GMT
content-encoding
br
strict-transport-security
max-age=300
age
13750
x-powered-by
WordPress VIP <https://wpvip.com>
x-cache
grace
host-header
a9130478a60e5f9135f765b23f26593b
content-length
481
x-rq
jfk2 85 188 443
server
nginx
access-control-max-age
0
access-control-allow-methods
POST, GET
content-type
text/html; charset=UTF-8
access-control-allow-origin
.abril.com.br
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
max-age=300, must-revalidate
vary
Accept-Encoding, Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
accept-ranges
bytes
link
<https://viagemeturismo.abril.com.br/wp-json/>; rel="https://api.w.org/"
lazyload.min.js
www.carpemundi.com.br/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.carpemundi.com.br/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js
Requested by
Host: bonus.plata-forma-nova.com
URL: https://bonus.plata-forma-nova.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:ce15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / sundaycooks.com, estudiosunday.com
Resource Hash
8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.plata-forma-nova.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 02:46:30 GMT
strict-transport-security
max-age=63072000; includeSubdomains
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-powered-by
sundaycooks.com, estudiosunday.com
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 09 May 2022 19:48:31 GMT
server
cloudflare
etag
W/"6279700f-2063"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Yt8rkG1RNOOWVS8IM1i0uC1%2BQwRfHonNVs3lGu1DziYzbimhdMHRQvWYKnNqp2OsyDdxT7BBd5fS780MLg9yhhLwnicQEQBZMpaHm9FelBKjUIklgbOhSKJxmwx5tkUXFVA2JhucH1PBk5gxy2bGK588sA%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2678400
cf-ray
84bdaa68ab024bcf-BUF
851d6081c58b4ce8d3e7896ae3e78748.js
www.carpemundi.com.br/wp-content/cache/min/1/ 		845 KB
233 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.carpemundi.com.br/wp-content/cache/min/1/851d6081c58b4ce8d3e7896ae3e78748.js
Requested by
Host: bonus.plata-forma-nova.com
URL: https://bonus.plata-forma-nova.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:ce15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / sundaycooks.com, estudiosunday.com
Resource Hash
4a3025d2ed5553151fc081ab69f3595b9e3e299d14c5e3c404ce779107dfc1b4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.plata-forma-nova.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 02:46:30 GMT
strict-transport-security
max-age=63072000; includeSubdomains
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-powered-by
sundaycooks.com, estudiosunday.com
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 26 Jan 2024 13:36:55 GMT
server
cloudflare
etag
W/"65b3b577-d35d1"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WoXuBjtWfEhOB2WGfSkrndBMDviw7jpSd02D1%2B7QdsPrgcRREkB19BAoKnwnkKzbaiaPfsbYn8qRACCs0txC5ucUuumxNcVEVvYHbwBD9KaVCey0F4LXjAOOWBTufaE0cNML8KA1HjCy6qVhSXFSwbEubyw%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2678400
cf-ray
84bdaa68ab014bcf-BUF
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C400i%2C700%2C700i%7CShadows%20Into%20Light&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bonus.plata-forma-nova.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 05:58:32 GMT
x-content-type-options
nosniff
age
74878
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 Jan 2025 05:58:32 GMT
UqyNK9UOIntux_czAvDQx_ZcHqZXBNQzdcD5.woff2
fonts.gstatic.com/s/shadowsintolight/v19/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/shadowsintolight/v19/UqyNK9UOIntux_czAvDQx_ZcHqZXBNQzdcD5.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C400i%2C700%2C700i%7CShadows%20Into%20Light&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2498c027559c4ae9a920e18e30031193148983e7ea195416d62c5d0ea2eaa3ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bonus.plata-forma-nova.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 18:36:24 GMT
x-content-type-options
nosniff
age
115806
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16296
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 17:21:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Jan 2025 18:36:24 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C400i%2C700%2C700i%7CShadows%20Into%20Light&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bonus.plata-forma-nova.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 01:10:29 GMT
x-content-type-options
nosniff
age
264961
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Jan 2025 01:10:29 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/ 		405 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5604719799704952&host=ca-host-pub-2644536267352236
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2c81d879db2e17e16278cd197b81719661bb8f8c9e113d6bd76fae48cde9bed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.plata-forma-nova.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 02:46:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140708
x-xss-protection
0
server
cafe
etag
12073257192342279281
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Jan 2024 02:46:30 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/ Frame ED8B 		9 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5604719799704952&host=ca-host-pub-2644536267352236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bonus.plata-forma-nova.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
75345
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 26 Jan 2024 05:50:45 GMT
etag
3890843268177463596
expires
Fri, 09 Feb 2024 05:50:45 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-69391223-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.plata-forma-nova.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 27 Jan 2024 01:51:43 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
3287
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 27 Jan 2024 03:51:43 GMT
js
www.googletagmanager.com/gtag/ 		197 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-5547554714&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-69391223-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2008 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
407e045f28cf74f9e1cad5d97ba3403e267117e161dfeaecdc009285f8fd476f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.plata-forma-nova.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 02:46:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72905
x-xss-protection
0
last-modified
Sat, 27 Jan 2024 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 27 Jan 2024 02:46:30 GMT
js
www.googletagmanager.com/gtag/ 		223 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-XHB8GF35Q4&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-69391223-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2008 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1238ba04406c0c14e0aca071df26837c71ead0666be284a9da0a501646c2ce80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.plata-forma-nova.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 02:46:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
80721
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 27 Jan 2024 02:46:30 GMT
css
fonts.googleapis.com/ 		4 KB
744 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500&display=swap
Requested by
Host: www.carpemundi.com.br
URL: https://www.carpemundi.com.br/wp-content/cache/min/1/8e40d5cc2ebb546bdc7c96efa133fbb2.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::200a Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c4ec171d8f202fb90c55007f2dc8ab43a7d089d5e7b717eb03b41fdb3907b261
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.carpemundi.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 27 Jan 2024 02:46:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 27 Jan 2024 02:24:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 27 Jan 2024 02:46:30 GMT
fontawesome-webfont.woff2
www.carpemundi.com.br/wp-content/themes/carpemundi/fonts/ 		0
0
bg-foliage-dark_v2.jpg
www.carpemundi.com.br/wp-content/themes/carpemundi/img/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.carpemundi.com.br/wp-content/themes/carpemundi/img/bg-foliage-dark_v2.jpg
Requested by
Host: www.carpemundi.com.br
URL: https://www.carpemundi.com.br/wp-content/cache/min/1/8e40d5cc2ebb546bdc7c96efa133fbb2.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:ce15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / sundaycooks.com, estudiosunday.com
Resource Hash
c55359a9cd8b600dbbf91214cafa1c209b14df4a99ea7748b938f5464948f457
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.carpemundi.com.br/wp-content/cache/min/1/8e40d5cc2ebb546bdc7c96efa133fbb2.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 02:46:30 GMT
strict-transport-security
max-age=63072000; includeSubdomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
292241
x-powered-by
sundaycooks.com, estudiosunday.com
alt-svc
h3=":443"; ma=86400
content-length
39815
last-modified
Fri, 10 Jul 2020 13:14:00 GMT
server
cloudflare
etag
"5f086998-9b87"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H3zSSPPCR46oZnStHfiMJAHxHJ%2BXDu8QTODQfnHIDRG76wAZ%2B1n9QZztmr4Zxbx%2BZ%2FhsSUxNFVKekeV0pcPm7Ln%2FMbP9KmIsyjxg7sVCZiUX6qzsO8XJ7dQ9PQr0aN%2BVo%2B%2F0AjVcYf6vlwFFZwqSSjei7%2F0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
84bdaa6a5b894bcf-BUF
expires
Thu, 31 Dec 2037 23:55:55 GMT
bg-sustentavel-cropped.jpg
www.carpemundi.com.br/wp-content/themes/carpemundi/img/ 		182 KB
183 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.carpemundi.com.br/wp-content/themes/carpemundi/img/bg-sustentavel-cropped.jpg
Requested by
Host: www.carpemundi.com.br
URL: https://www.carpemundi.com.br/wp-content/cache/min/1/8e40d5cc2ebb546bdc7c96efa133fbb2.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:ce15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / sundaycooks.com, estudiosunday.com
Resource Hash
f29e1b27aa3363f288a4739c2ddb471dc7c7e388092bf85d9ed08f206f2c1caf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.carpemundi.com.br/wp-content/cache/min/1/8e40d5cc2ebb546bdc7c96efa133fbb2.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 02:46:30 GMT
strict-transport-security
max-age=63072000; includeSubdomains
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
sundaycooks.com, estudiosunday.com
alt-svc
h3=":443"; ma=86400
content-length
186428
last-modified
Wed, 20 Jan 2021 18:59:06 GMT
server
cloudflare
etag
"60087d7a-2d83c"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3N%2FssoClakd0usN5M%2BzVHN8DBHXN35vE2U9EbRRsqN7tYZC8D0fWlpE1tZSlvUfF1%2FT6Z9vERViDAvlnnDDWFWcDtV6e5ra4oRPmFpQC%2FoyWJM1XuSc8lIW96cxW4BGxKD2TV3wq3eqnqGXWLDpbtlQtAFI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
84bdaa6a5b8b4bcf-BUF
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/5547554714/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/5547554714/?random=1706323590844&cv=11&fst=1706323590844&bg=ffffff&guid=ON&async=1&gtm=45be41o0&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fbonus.plata-forma-nova.com%2F&hn=www.googleadservices.com&frm=0&tiba=Carpe%20Mundi%20-%20Blog%20de%20viagens%20e%20experi%C3%AAncias%20pelo%20mundo&did=dZTNiMT&gdid=dZTNiMT&pscdl=noapi&auid=637107850.1706323591&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-5547554714&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
33b2be560b1439c61e93123dc0f783f149bdba6bde76b68ad867c137bacf60e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.plata-forma-nova.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 02:46:30 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1285
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401220101/ 		431 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401220101/pubads_impl.js
Requested by
Host: www.carpemundi.com.br
URL: https://www.carpemundi.com.br/wp-content/cache/min/1/851d6081c58b4ce8d3e7896ae3e78748.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
69a53ae8e402a25abc88acf3fba1840ae7e371df38eee6dc6fc319462f7c2a88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bonus.plata-forma-nova.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Sat, 27 Jan 2024 01:47:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
3545
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138344
x-xss-protection
0
server
cafe
etag
5355839101460123655
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 26 Jan 2025 01:47:26 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		71 B
598 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=bonus.plata-forma-nova.com
Requested by
Host: www.carpemundi.com.br
URL: https://www.carpemundi.com.br/wp-content/cache/min/1/851d6081c58b4ce8d3e7896ae3e78748.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0fbbe5bf3c8bf48e47d77eb1e1686b25f36db46112a3666985ac2a8fdc1e0dd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.plata-forma-nova.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 02:46:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
x-xss-protection
0
expires
Sat, 27 Jan 2024 02:46:31 GMT
fontawesome-webfont.woff
www.carpemundi.com.br/wp-content/themes/carpemundi/fonts/ 		0
0
carpemundi_logo-2x.png
www.carpemundi.com.br/wp-content/uploads/2019/08/ 		74 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.carpemundi.com.br/wp-content/uploads/2019/08/carpemundi_logo-2x.png
Requested by
Host: bonus.plata-forma-nova.com
URL: https://bonus.plata-forma-nova.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:ce15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / sundaycooks.com, estudiosunday.com
Resource Hash
ccf948ea0efd67d5d0c952dd7e6e38ca1337620e2cee9c8b24345174965b1cfc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.plata-forma-nova.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 02:46:31 GMT
strict-transport-security
max-age=63072000; includeSubdomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
292241
x-powered-by
sundaycooks.com, estudiosunday.com
alt-svc
h3=":443"; ma=86400
content-length
75961
last-modified
Wed, 13 May 2020 02:09:47 GMT
server
cloudflare
etag
"5ebb56eb-128b9"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Unasq3HLFmUUv3YNJi4OBRtNyi3Kgn1H9wLTYpP8QewNLK%2B4SUoeOK9sawPZUr9Al5sdYkfbK8shO6ysLBDWU3o2fzyoX2q56DN3TbDO%2BPQ2NetHGz2c%2BmB9KJQUwZvb6a%2Bq0Xp1ZRd8nxtxO3Sk4WH3kHQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
84bdaa6be82c4bbb-BUF
expires
Thu, 31 Dec 2037 23:55:55 GMT
para-onde-viajar-em-janeiro-costa-rica.jpg
www.carpemundi.com.br/wp-content/uploads/2019/04/
Redirect Chain
  • https://www.carpemundi.com.br/wp-content/uploads/2019/04/para-onde-viajar-em-janeiro-costa-rica-150x150.jpg
  • https://www.carpemundi.com.br/wp-content/uploads/2019/04/para-onde-viajar-em-janeiro-costa-rica.jpg
211 KB
212 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.carpemundi.com.br/wp-content/uploads/2019/04/para-onde-viajar-em-janeiro-costa-rica.jpg
Requested by
Host: bonus.plata-forma-nova.com
URL: https://bonus.plata-forma-nova.com/
Protocol
H3
Server
2606:4700:3035::ac43:ce15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / sundaycooks.com, estudiosunday.com
Resource Hash
61884a0b6bdc3ad0afa346246b74be988abb05384316fb3f48484cff4ab4084a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.plata-forma-nova.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 02:46:31 GMT
strict-transport-security
max-age=63072000; includeSubdomains
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
sundaycooks.com, estudiosunday.com
alt-svc
h3=":443"; ma=86400
content-length
216327
last-modified
Wed, 13 May 2020 02:08:34 GMT
server
cloudflare
etag
"5ebb56a2-34d07"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JoD5%2Fl7xVYEq2YVk2JKym1CDC49gFXMom%2BNwP2vLn5dTZ4KrbLBeh%2BXty1HBk1npivhSKXiZyuMIrWSlqmH438WswYE5bHh5I9fW539pYbxSJNg34GzyM7aVWRFIiyz%2Fz29ETpVx9HGgjQLy38EIU62ncsQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
84bdaa6d68ff4bbb-BUF
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date
Sat, 27 Jan 2024 02:46:31 GMT
strict-transport-security
max-age=63072000; includeSubdomains
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
sundaycooks.com, estudiosunday.com
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LJdCHoNS3Ld2YlG0xv9KKhs%2FaM760NnSb1JOieEkrx2%2Bq9bHBTQTYH8SBJIaalfRsLbjHTybN3%2F5czcVQ81dsbK8dBj6wgdFJ%2FCBAJinU9nk3HaL9EOmq98nyjr40wTsbIYtSlBDZdZ34V2nSpyVm%2FltUPM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://www.carpemundi.com.br/wp-content/uploads/2019/04/para-onde-viajar-em-janeiro-costa-rica.jpg
cache-control
max-age=2678400
vary
Accept-Encoding
cf-ray
84bdaa6be82e4bbb-BUF
alt-svc
h3=":443"; ma=86400
para-onde-viajar-em-fevereiro-filipinas.jpg
www.carpemundi.com.br/wp-content/uploads/2019/04/
Redirect Chain
  • https://www.carpemundi.com.br/wp-content/uploads/2019/04/para-onde-viajar-em-fevereiro-filipinas-150x150.jpg
  • https://www.carpemundi.com.br/wp-content/uploads/2019/04/para-onde-viajar-em-fevereiro-filipinas.jpg
201 KB
201 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.carpemundi.com.br/wp-content/uploads/2019/04/para-onde-viajar-em-fevereiro-filipinas.jpg
Requested by
Host: bonus.plata-forma-nova.com
URL: https://bonus.plata-forma-nova.com/
Protocol
H3
Server
2606:4700:3035::ac43:ce15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / sundaycooks.com, estudiosunday.com
Resource Hash
34b8c3101be713e3235b6ddeec9510258486da835ea11494edd90e941cbc7165
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.plata-forma-nova.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 02:46:31 GMT
strict-transport-security
max-age=63072000; includeSubdomains
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
sundaycooks.com, estudiosunday.com
alt-svc
h3=":443"; ma=86400
content-length
205518
last-modified
Wed, 13 May 2020 02:08:33 GMT
server
cloudflare
etag
"5ebb56a1-322ce"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AGquDE4mVmgQ%2BUVJ2Mj1uXE3ODqlSBgOCxJ1Iee4iPnDufuqMejmNVyJOnrDZSF6GLuy2ELitG9OhIDklikLNUjDMfcKDJkm3id8k87mPNBAYoBKhcXHpu8OAUTJ5OoDdpuEJYpuLvbk5w1xuBWTObKO6Dc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
84bdaa6d69004bbb-BUF
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date
Sat, 27 Jan 2024 02:46:31 GMT
strict-transport-security
max-age=63072000; includeSubdomains
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
sundaycooks.com, estudiosunday.com
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p5Nyj9Ze1h5kQwLwbBCO5kPP3BXj3w2h7QNCr%2BqiqPijv5x50QPwGrRPUqi5BapTgdXbx3TtzyCMnM%2BQlvoLtPTVaaXLTib1bay2ep0Hu9fKdDy7NPkhMS94TOPIwljo2yUyVHGzrWW5vyEfgKv6chXioNg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://www.carpemundi.com.br/wp-content/uploads/2019/04/para-onde-viajar-em-fevereiro-filipinas.jpg
cache-control
max-age=2678400
vary
Accept-Encoding
cf-ray
84bdaa6be82f4bbb-BUF
alt-svc
h3=":443"; ma=86400
para-onde-viajar-em-marco-atacama.jpg
www.carpemundi.com.br/wp-content/uploads/2019/04/
Redirect Chain
  • https://www.carpemundi.com.br/wp-content/uploads/2019/04/para-onde-viajar-em-marco-atacama-150x150.jpg
  • https://www.carpemundi.com.br/wp-content/uploads/2019/04/para-onde-viajar-em-marco-atacama.jpg
138 KB
138 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.carpemundi.com.br/wp-content/uploads/2019/04/para-onde-viajar-em-marco-atacama.jpg
Requested by
Host: bonus.plata-forma-nova.com
URL: https://bonus.plata-forma-nova.com/
Protocol
H3
Server
2606:4700:3035::ac43:ce15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / sundaycooks.com, estudiosunday.com
Resource Hash
27cc56f66496107570b99426f973d5ceae66a57740d3259e0536b69f59714fdf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.plata-forma-nova.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 02:46:31 GMT
strict-transport-security
max-age=63072000; includeSubdomains
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
sundaycooks.com, estudiosunday.com
alt-svc
h3=":443"; ma=86400
content-length
141087
last-modified
Wed, 13 May 2020 02:08:34 GMT
server
cloudflare
etag
"5ebb56a2-2271f"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cXlTyi5LZRG1x8%2FGOomhnqnKIvhM9oPMM8NU90LJxDf%2BByAyGZlp0K69x9M3aRtM6S5oZC4dOeLgjha6Z0YEg0CvbvPkb8j5WawO5EqPUpjTvO9QFyUG7iNJGoHZrV7%2BPE92wffv3Lq7C%2BJgJ37WxVan2%2FU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
84bdaa6d69014bbb-BUF
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date
Sat, 27 Jan 2024 02:46:31 GMT
strict-transport-security
max-age=63072000; includeSubdomains
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
sundaycooks.com, estudiosunday.com
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4f3PqA5jKZ2YA%2B39XryibILfiPh1v8%2FWxuWMKrArusH5pCtRvWlfAjfmurvxsjcXdVloysrh8Jd2elfqs2bZSV3RJjMm5ZmD2H779ru9Ng5KHVDvM0KrGODmdeX3ZhTbVxF9NFSXBSDOSWHqYdWp32l8ze8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://www.carpemundi.com.br/wp-content/uploads/2019/04/para-onde-viajar-em-marco-atacama.jpg
cache-control
max-age=2678400
vary
Accept-Encoding
cf-ray
84bdaa6be8304bbb-BUF
alt-svc
h3=":443"; ma=86400
vertical_rio.jpg
www.carpemundi.com.br/wp-content/uploads/2017/03/
Redirect Chain
  • https://www.carpemundi.com.br/wp-content/uploads/2017/03/vertical_rio-150x150.jpg
  • https://www.carpemundi.com.br/wp-content/uploads/2017/03/vertical_rio.jpg
219 KB
220 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.carpemundi.com.br/wp-content/uploads/2017/03/vertical_rio.jpg
Requested by
Host: bonus.plata-forma-nova.com
URL: https://bonus.plata-forma-nova.com/
Protocol
H3
Server
2606:4700:3035::ac43:ce15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / sundaycooks.com, estudiosunday.com
Resource Hash
a3752a2949557fce1c16be8f11e0fe710ecb1753b13554f51f9501e6f7525102
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.plata-forma-nova.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 02:46:31 GMT
strict-transport-security
max-age=63072000; includeSubdomains
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
sundaycooks.com, estudiosunday.com
alt-svc
h3=":443"; ma=86400
content-length
224326
last-modified
Wed, 13 May 2020 02:11:06 GMT
server
cloudflare
etag
"5ebb573a-36c46"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qq6dAw7BeMLOM9OTP4HGMNM0EoABnpClLvEPYPgcX4riOXWaUOtoQOV9pjM3WdnICUMHYsC9xrO%2FM9VPNu5cehcYcCXoGvITKXhNw9lxYxd8vZFoMzb9Rrr98YNnVk0qei2f1G6rtmHl7Rmhe%2FKxGgKfRxY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
84bdaa6d69024bbb-BUF
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date
Sat, 27 Jan 2024 02:46:31 GMT
strict-transport-security
max-age=63072000; includeSubdomains
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
sundaycooks.com, estudiosunday.com
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h%2B9U%2Fc2A1tCEw1ISK2B9wSfzObJbqv%2B7pVWxY2t2QeP%2BjyyldkBIOFz5LTflIu1sIOMSczGWO2%2BomiTsWTVbs0ddUElaoLWufrEjQqqcNIakbxSB%2Btd4zVKz1X9enY2TAk3t%2FdbC77Isbm5hW12hJXFYGM4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://www.carpemundi.com.br/wp-content/uploads/2017/03/vertical_rio.jpg
cache-control
max-age=2678400
vary
Accept-Encoding
cf-ray
84bdaa6be8314bbb-BUF
alt-svc
h3=":443"; ma=86400
para-onde-viajar-em-maio-belgica.jpg
www.carpemundi.com.br/wp-content/uploads/2019/04/
Redirect Chain
  • https://www.carpemundi.com.br/wp-content/uploads/2019/04/para-onde-viajar-em-maio-belgica-150x150.jpg
  • https://www.carpemundi.com.br/wp-content/uploads/2019/04/para-onde-viajar-em-maio-belgica.jpg
129 KB
130 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.carpemundi.com.br/wp-content/uploads/2019/04/para-onde-viajar-em-maio-belgica.jpg
Requested by
Host: bonus.plata-forma-nova.com
URL: https://bonus.plata-forma-nova.com/
Protocol
H3
Server
2606:4700:3035::ac43:ce15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / sundaycooks.com, estudiosunday.com
Resource Hash
b23e59d27002fea044f5a4fad4e292f163c0fbaf3f4d379390a61e13154da55c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.plata-forma-nova.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 02:46:31 GMT
strict-transport-security
max-age=63072000; includeSubdomains
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
sundaycooks.com, estudiosunday.com
alt-svc
h3=":443"; ma=86400
content-length
132375
last-modified
Wed, 13 May 2020 02:08:34 GMT
server
cloudflare
etag
"5ebb56a2-20517"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bx7Bg9Vx3BZREw1apypS%2Fj%2FTQMMiLxevZthsIlQsj97KNWLQbqe9e%2BOqKdOhgC6S9UFVORmCi%2Bapd87Jxammh3R4PQzLuLnkLadJylWk9mMuoNNVnM7insYaGIIIbc7AJoqN2l81d9YVHsmQI6cTCwEiNZo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
84bdaa6d69034bbb-BUF
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date
Sat, 27 Jan 2024 02:46:31 GMT
strict-transport-security
max-age=63072000; includeSubdomains
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
sundaycooks.com, estudiosunday.com
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i4MUnpW%2BnbQ3xhWgnreWqjL2U8mBAO4I6ltcu7qW4ka2N7sSIQ7bpCN977XKBBK4Vn0YLeFBZR9FKsouO3%2FVgbiZnx9wlByLmdk3R1RDlprhNQMt95wsRKlplG7LdcbvUdjhLgaCNYEMHrExm0SgB0ddRCY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://www.carpemundi.com.br/wp-content/uploads/2019/04/para-onde-viajar-em-maio-belgica.jpg
cache-control
max-age=2678400
vary
Accept-Encoding
cf-ray
84bdaa6be8324bbb-BUF
alt-svc
h3=":443"; ma=86400
para-onde-viajar-em-junho-cambara-do-sul.jpg
www.carpemundi.com.br/wp-content/uploads/2019/04/
Redirect Chain
  • https://www.carpemundi.com.br/wp-content/uploads/2019/04/para-onde-viajar-em-junho-cambara-do-sul-150x150.jpg
  • https://www.carpemundi.com.br/wp-content/uploads/2019/04/para-onde-viajar-em-junho-cambara-do-sul.jpg
148 KB
148 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.carpemundi.com.br/wp-content/uploads/2019/04/para-onde-viajar-em-junho-cambara-do-sul.jpg
Requested by
Host: bonus.plata-forma-nova.com
URL: https://bonus.plata-forma-nova.com/
Protocol
H3
Server
2606:4700:3035::ac43:ce15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / sundaycooks.com, estudiosunday.com
Resource Hash
b64f72a3a3030520eb1f4de8e7857a2d4ad02565414a6d6e8509379fbb2aff4e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.plata-forma-nova.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 02:46:31 GMT
strict-transport-security
max-age=63072000; includeSubdomains
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
sundaycooks.com, estudiosunday.com
alt-svc
h3=":443"; ma=86400
content-length
151167
last-modified
Wed, 13 May 2020 02:08:34 GMT
server
cloudflare
etag
"5ebb56a2-24e7f"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iZqW7a88YIXir0X3LNXgc%2BYAPPUxgjJdufcs7nSLfqDwLsiZOM9b3iODA5Y07XyFg34CdGlEvl3Y7U3BR1K92JgQ7sPc9%2F9%2FQL5zZKUKQ2KX%2BiFVdcbgJdHKak72L%2B7MrxH8zZaowgln8KKf20n3lhPFae8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
84bdaa6d69044bbb-BUF
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date
Sat, 27 Jan 2024 02:46:31 GMT
strict-transport-security
max-age=63072000; includeSubdomains
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
sundaycooks.com, estudiosunday.com
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Kx%2Fd0iQr9akzrwXRrGIB7iRRNg8v1fhCMOysoCcj%2FkoQdtQ4t4nzncAXvUvxmgQpDsnyU9knau6ct6vTQIyLWyRWYoGPe73KE9n98l5pZEoNL7XY93T9gvdHF8IKQQ9sl877wcvj9GmavLLd6nikww5B4Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://www.carpemundi.com.br/wp-content/uploads/2019/04/para-onde-viajar-em-junho-cambara-do-sul.jpg
cache-control
max-age=2678400
vary
Accept-Encoding
cf-ray
84bdaa6be8334bbb-BUF
alt-svc
h3=":443"; ma=86400
para-onde-viajar-em-junho-suica.jpg
www.carpemundi.com.br/wp-content/uploads/2019/04/
Redirect Chain
  • https://www.carpemundi.com.br/wp-content/uploads/2019/04/para-onde-viajar-em-junho-suica-150x150.jpg
  • https://www.carpemundi.com.br/wp-content/uploads/2019/04/para-onde-viajar-em-junho-suica.jpg
155 KB
156 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.carpemundi.com.br/wp-content/uploads/2019/04/para-onde-viajar-em-junho-suica.jpg
Requested by
Host: bonus.plata-forma-nova.com
URL: https://bonus.plata-forma-nova.com/
Protocol
H3
Server
2606:4700:3035::ac43:ce15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / sundaycooks.com, estudiosunday.com
Resource Hash
19fc2fb876cc79b24bc11abaf2a8627866ed5594dd1294fdbf4b05c809bd6c51
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.plata-forma-nova.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 02:46:31 GMT
strict-transport-security
max-age=63072000; includeSubdomains
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
sundaycooks.com, estudiosunday.com
alt-svc
h3=":443"; ma=86400
content-length
159098
last-modified
Wed, 13 May 2020 02:08:34 GMT
server
cloudflare
etag
"5ebb56a2-26d7a"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XZ7CWophd8a0a2RzAoXuUOlE5sIoDm1zpApBIqRfid%2F3yhIlpohmCqsXlmVMsAV9PoaaRtkhP1rrnphyrna2SpE7IWcFU1cN7k84ZBAUP1ZzUZmA%2FJnotVKr969plo12efit21gchiqDAlvQjxVeQkX15eA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
84bdaa6d69054bbb-BUF
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date
Sat, 27 Jan 2024 02:46:31 GMT
strict-transport-security
max-age=63072000; includeSubdomains
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
sundaycooks.com, estudiosunday.com
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R%2FYOKJopTpekILhTgrESr4Yx5sCIfXeHm%2Fsqv2mJN8YbwJd2hTRxdhpfm5yFsn0k%2FHekVvMLle%2Bpj7ylPi5kSsD94GRYtCUVEhldCG4kVhn9Amt4WwTnMYc1HXw1tknMWHxUCXlmz%2FOnN5BzkJkr75lIAmA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://www.carpemundi.com.br/wp-content/uploads/2019/04/para-onde-viajar-em-junho-suica.jpg
cache-control
max-age=2678400
vary
Accept-Encoding
cf-ray
84bdaa6be8354bbb-BUF
alt-svc
h3=":443"; ma=86400
para-onde-viajar-em-agosto-namibia.jpg
www.carpemundi.com.br/wp-content/uploads/2019/04/
Redirect Chain
  • https://www.carpemundi.com.br/wp-content/uploads/2019/04/para-onde-viajar-em-agosto-namibia-150x150.jpg
  • https://www.carpemundi.com.br/wp-content/uploads/2019/04/para-onde-viajar-em-agosto-namibia.jpg
129 KB
130 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.carpemundi.com.br/wp-content/uploads/2019/04/para-onde-viajar-em-agosto-namibia.jpg
Requested by
Host: bonus.plata-forma-nova.com
URL: https://bonus.plata-forma-nova.com/
Protocol
H3
Server
2606:4700:3035::ac43:ce15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / sundaycooks.com, estudiosunday.com
Resource Hash
299f4b47fd667056f364ee7d834f149f46b322cb4840717a039cdd5048ced4f0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.plata-forma-nova.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 02:46:31 GMT
strict-transport-security
max-age=63072000; includeSubdomains
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
sundaycooks.com, estudiosunday.com
alt-svc
h3=":443"; ma=86400
content-length
132545
last-modified
Wed, 13 May 2020 02:08:34 GMT
server
cloudflare
etag
"5ebb56a2-205c1"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1GBofqHEm8JTIRDJZoG0AnawFwKPBIkIPPrhxeaSp6zYhC2g1fWuPQ9VcN78gzSSOuypX1OPwDoLLw%2F%2FIcyPs%2BwTZC17bRDseV2%2Bi4HR2hy4el7yOUNLaqVN8PHtW3vCvQrRZHfylMpaedeAAM6NFlc36rs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
84bdaa6d69074bbb-BUF
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date
Sat, 27 Jan 2024 02:46:31 GMT
strict-transport-security
max-age=63072000; includeSubdomains
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
sundaycooks.com, estudiosunday.com
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2FVe58D0K3qvJCo3G05kqeuRb7D566GGpD0Zwt%2B6UgB5A0fFNWjRQ6wL1cEpLX3spc%2B8mdKfyjcmWvs0hoxS7pYGGDEK0hwBTwrqOOsHaoo41X9y90WNBSb5sL5%2BgwTAXsoormerkX0OczbbAaHj4W%2BZDK8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://www.carpemundi.com.br/wp-content/uploads/2019/04/para-onde-viajar-em-agosto-namibia.jpg
cache-control
max-age=2678400
vary
Accept-Encoding
cf-ray
84bdaa6be8364bbb-BUF
alt-svc
h3=":443"; ma=86400
torreeeeeeeee-scaled.jpg
www.carpemundi.com.br/wp-content/uploads/2015/08/
Redirect Chain
  • https://www.carpemundi.com.br/wp-content/uploads/2015/08/torreeeeeeeee-scaled-150x150.jpg
  • https://www.carpemundi.com.br/wp-content/uploads/2015/08/torreeeeeeeee-scaled.jpg
359 KB
360 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.carpemundi.com.br/wp-content/uploads/2015/08/torreeeeeeeee-scaled.jpg
Requested by
Host: bonus.plata-forma-nova.com
URL: https://bonus.plata-forma-nova.com/
Protocol
H3
Server
2606:4700:3035::ac43:ce15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / sundaycooks.com, estudiosunday.com
Resource Hash
fdb6bbcf9ed555da2d286f7323550b223b163dc67d7772e673e23bd22440e45c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.plata-forma-nova.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 02:46:31 GMT
strict-transport-security
max-age=63072000; includeSubdomains
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
sundaycooks.com, estudiosunday.com
alt-svc
h3=":443"; ma=86400
content-length
368099
last-modified
Wed, 20 May 2020 19:40:35 GMT
server
cloudflare
etag
"5ec587b3-59de3"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kZKiLmDjKSufEJxjFSCML4taePGHYSdjIZHc97XL4B79mLvnOrbl38x66WzH4x%2BG5hQ2sN6PHY%2FavWds0vN8BDBHg2AwcrTQ8WzB2KVV2LCiTbgMqE847NJE%2F7JSDH%2FPoOL6EQ2WRrNXsF2dy2H7Gph%2BCqw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
84bdaa6d69084bbb-BUF
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date
Sat, 27 Jan 2024 02:46:31 GMT
strict-transport-security
max-age=63072000; includeSubdomains
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
sundaycooks.com, estudiosunday.com
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i0gOFqV6kM4DDHldm6zZzCV4D0u7oKcIOmEZhDbNQMdJFEXueOENzRvAWDX0G1X8DDNIztT0tv8u53sk%2FJgve%2B7rCxFsQiRJAHzRhIfyrr5MLaixjYvnLg%2FJfOnzzg8A52x6WmUTv8K6NCTAoDZv0yO3rJk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://www.carpemundi.com.br/wp-content/uploads/2015/08/torreeeeeeeee-scaled.jpg
cache-control
max-age=2678400
vary
Accept-Encoding
cf-ray
84bdaa6be8374bbb-BUF
alt-svc
h3=":443"; ma=86400
collect
www.google-analytics.com/g/ 		0
178 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-XHB8GF35Q4&gtm=45je41o0v9116361815&_p=1706323590343&gcd=11l1l1l1l1&dma=0&gdid=dZTNiMT&cid=1312026962.1706323591&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1706323591&sct=1&seg=0&dl=https%3A%2F%2Fbonus.plata-forma-nova.com%2F&dt=Carpe%20Mundi%20-%20Blog%20de%20viagens%20e%20experi%C3%AAncias%20pelo%20mundo&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2373
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XHB8GF35Q4&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.plata-forma-nova.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 02:46:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bonus.plata-forma-nova.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame E8A2 		603 B
68 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5604719799704952&output=html&adk=1812271804&adf=3025194257&lmt=1706323591&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x675_l%7C308x675_r&format=0x0&url=https%3A%2F%2Fbonus.plata-forma-nova.com%2F&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.7&asamct=0.7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706323590583&bpp=5&bdt=396&idt=492&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=317533220682&frm=20&pv=2&ga_vid=1312026962.1706323591&ga_sid=1706323591&ga_hid=1333840735&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31080589%2C31080591%2C95322183%2C95320890%2C95321626%2C95322164%2C95323007&oid=2&pvsid=1143235603038385&tmod=1630422537&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=569
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bonus.plata-forma-nova.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 02:46:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1333840735&t=pageview&_s=1&dl=https%3A%2F%2Fbonus.plata-forma-nova.com%2F&ul=en-us&de=UTF-8&dt=Carpe%20Mundi%20-%20Blog%20de%20viagens%20e%20experi%C3%AAncias%20pelo%20mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAACAAI~&jid=688865484&gjid=978636339&cid=1312026962.1706323591&tid=UA-69391223-1&_gid=16178844.1706323591&_r=1&gtm=457e41o0&gcd=11l1l1l1l1&dma=0&did=dZTNiMT&gdid=dZTNiMT&jsscut=1&z=681852902
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://bonus.plata-forma-nova.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 02:46:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bonus.plata-forma-nova.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
fontawesome-webfont.ttf
www.carpemundi.com.br/wp-content/themes/carpemundi/fonts/ 		0
0
ads
googleads.g.doubleclick.net/pagead/ Frame A8AB 		603 B
68 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5604719799704952&output=html&h=50&slotname=4686316025&adk=2458788269&adf=777406876&pi=t.ma~as.4686316025&w=320&lmt=1706323591&format=320x50&url=https%3A%2F%2Fbonus.plata-forma-nova.com%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706323590589&bpp=2&bdt=403&idt=615&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=317533220682&frm=20&pv=1&ga_vid=1312026962.1706323591&ga_sid=1706323591&ga_hid=1333840735&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31080589%2C31080591%2C95322183%2C95320890%2C95321626%2C95322164%2C95323007&oid=2&pvsid=1143235603038385&tmod=1630422537&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfnEr%7C&abl=CF&pfx=0&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=640
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bonus.plata-forma-nova.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 02:46:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
stats.g.doubleclick.net/j/ 		1 B
353 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-69391223-1&cid=1312026962.1706323591&jid=688865484&gjid=978636339&_gid=16178844.1706323591&_u=YCDACUAABAAAACAAI~&z=1908136389
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bonus.plata-forma-nova.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 27 Jan 2024 02:46:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bonus.plata-forma-nova.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/5547554714/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/5547554714/?random=1706323590844&cv=11&fst=1706320800000&bg=ffffff&guid=ON&async=1&gtm=45be41o0&u_w=1600&u_h=1200&url=https%3A%2F%2Fbonus.plata-forma-nova.com%2F&frm=0&tiba=Carpe%20Mundi%20-%20Blog%20de%20viagens%20e%20experi%C3%AAncias%20pelo%20mundo&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_c_szGYlYxuG7fcF8z3j2NWBB_Sro2w&random=1165075531&rmt_tld=0&ipr=y
Requested by
Host: bonus.plata-forma-nova.com
URL: https://bonus.plata-forma-nova.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2004 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.plata-forma-nova.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 02:46:31 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		59 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1143235603038385&correlator=3464662279280791&output=ldjh&gdfp_req=1&vrg=202401220101&ptt=17&impl=fifs&iu_parts=21879377213%2Cbloco_300x250%2Cbloco_728x90%2Cbloco_728x90_home_2%2Cbloco_728x90_home_3&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=300x250%2C728x90%2C728x90%2C728x90&ifi=3&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1706323591419&lmt=1706323591&adxs=375%2C436%2C436%2C436&adys=2389%2C5899%2C9198%2C12640&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C2%7C3%7C4&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fbonus.plata-forma-nova.com%2F&vis=1&psz=300x250%7C728x90%7C728x90%7C728x90&msz=300x-1%7C728x-1%7C728x-1%7C728x-1&fws=4%2C4%2C4%2C4&ohw=1600%2C1600%2C1600%2C1600&ga_vid=1312026962.1706323591&ga_sid=1706323591&ga_hid=1333840735&ga_fc=true&dlt=1706323590187&idt=1180&adks=2724142512%2C619977898%2C2802849995%2C1134499257&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401220101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
db3cbc3643a80f4fe16bf76f793014a895b356269e01260f4cc76659a5f734b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.plata-forma-nova.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 02:46:31 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13876
x-xss-protection
0
google-lineitem-id
5243390334,5243390334,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138297453739,138297454237,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://bonus.plata-forma-nova.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
cf79cfae7bb2dd32cb36c1e0fa90ec92.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2F07 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cf79cfae7bb2dd32cb36c1e0fa90ec92.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401220101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bonus.plata-forma-nova.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 02:46:31 GMT
expires
Sun, 26 Jan 2025 02:46:31 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
main.js
bonus.plata-forma-nova.com/cdn-cgi/challenge-platform/scripts/jsd/ Frame EC96 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://bonus.plata-forma-nova.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Requested by
Host: bonus.plata-forma-nova.com
URL: https://bonus.plata-forma-nova.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:13:901:0:61b:9d50:3 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 02:46:31 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Thu, 26 May 2022 03:14:50 GMT
server
LiteSpeed
etag
"999-628ef0aa-4e876615e02724c4;br"
vary
Accept-Encoding
content-type
text/html
accept-ranges
bytes
platform
hostinger
content-length
912
355425602_265986836033897_8628423707188596851_nlow.jpg
www.carpemundi.com.br/wp-content/uploads/sb-instagram-feed-images/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.carpemundi.com.br/wp-content/uploads/sb-instagram-feed-images/355425602_265986836033897_8628423707188596851_nlow.jpg
Requested by
Host: bonus.plata-forma-nova.com
URL: https://bonus.plata-forma-nova.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:ce15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / sundaycooks.com, estudiosunday.com
Resource Hash
e6c6ee9e51b6887434eec83dd4fbd2d7ec4a18f89ac46ad6eebd9b4c17ee700b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.plata-forma-nova.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 02:46:31 GMT
strict-transport-security
max-age=63072000; includeSubdomains
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
sundaycooks.com, estudiosunday.com
alt-svc
h3=":443"; ma=86400
content-length
31948
last-modified
Sat, 24 Jun 2023 16:00:53 GMT
server
cloudflare
etag
"64971335-7ccc"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gThiY911IAQOeBvtd9oAKLF8cccGk7IvHNm1QkrdYXYwjcovZRCaPXn1EAVOOkyuixoCrIDmiqoDGU5hbhDKqxj%2BGLeO30I882yaaIf6q9CLzuQNxpv1E9I4asnwu0h0K2Sj1R3%2F1%2F3TdigUrBkNixafamQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
84bdaa702a144bbb-BUF
expires
Thu, 31 Dec 2037 23:55:55 GMT
280913526_118205067551991_1676008223418285697_nlow.jpg
www.carpemundi.com.br/wp-content/uploads/sb-instagram-feed-images/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.carpemundi.com.br/wp-content/uploads/sb-instagram-feed-images/280913526_118205067551991_1676008223418285697_nlow.jpg
Requested by
Host: bonus.plata-forma-nova.com
URL: https://bonus.plata-forma-nova.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:ce15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / sundaycooks.com, estudiosunday.com
Resource Hash
13787f66cc3a64d86b025d85c2c3e450fa4b9fb829b152e3ae0b079ca4130163
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.plata-forma-nova.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 02:46:31 GMT
strict-transport-security
max-age=63072000; includeSubdomains
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
sundaycooks.com, estudiosunday.com
alt-svc
h3=":443"; ma=86400
content-length
24899
last-modified
Mon, 16 May 2022 04:00:35 GMT
server
cloudflare
etag
"6281cc63-6143"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YJwuMZ6zNVbySR9iGw0qbEqlTe%2Frdmw%2BX4dkYEodIgAstdUBMeVc697JrYZRAGrV3pwHRG64VZWI7sWepm6EGiAeaAw%2BM6pcyGNcZcxxGxy1eQmea7GQXAMN%2BTNeE3lnPvmc5IMhzKQcA0TZcP7ieWzzlE8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
84bdaa702a174bbb-BUF
expires
Thu, 31 Dec 2037 23:55:55 GMT
280505822_3321066084788610_1981821227938627110_nlow.jpg
www.carpemundi.com.br/wp-content/uploads/sb-instagram-feed-images/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.carpemundi.com.br/wp-content/uploads/sb-instagram-feed-images/280505822_3321066084788610_1981821227938627110_nlow.jpg
Requested by
Host: bonus.plata-forma-nova.com
URL: https://bonus.plata-forma-nova.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:ce15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / sundaycooks.com, estudiosunday.com
Resource Hash
e4d3b79de35a2e0eb774f6408befe7560a5d549d3d82023ca5d04a5d70cfce3a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.plata-forma-nova.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 02:46:31 GMT
strict-transport-security
max-age=63072000; includeSubdomains
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
sundaycooks.com, estudiosunday.com
alt-svc
h3=":443"; ma=86400
content-length
22293
last-modified
Wed, 11 May 2022 10:44:16 GMT
server
cloudflare
etag
"627b9380-5715"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nfv6%2Bxtw0Z5cEq3NwYlbjec6uEB%2FTVkMUsGyMYtMI3m611NY%2Bf6iKjnUgRxDqPU1qDew4MjReNuLsMpZSM8Db%2BaTF%2BhCK1tYP%2BuBj3M6GmWXZdx1inKkEP9MuBW78LLnRSjmAg6rPCe4ugTSf%2FsAYesw1Fk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
84bdaa702a1a4bbb-BUF
expires
Thu, 31 Dec 2037 23:55:55 GMT
279964179_369093568614964_2304994208165426683_nlow.jpg
www.carpemundi.com.br/wp-content/uploads/sb-instagram-feed-images/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.carpemundi.com.br/wp-content/uploads/sb-instagram-feed-images/279964179_369093568614964_2304994208165426683_nlow.jpg
Requested by
Host: bonus.plata-forma-nova.com
URL: https://bonus.plata-forma-nova.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:ce15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / sundaycooks.com, estudiosunday.com
Resource Hash
421a8c09b9830ecc9fff59051d9e4fc4fc3e120a6dc6397bef54cc211b214259
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.plata-forma-nova.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 02:46:31 GMT
strict-transport-security
max-age=63072000; includeSubdomains
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
sundaycooks.com, estudiosunday.com
alt-svc
h3=":443"; ma=86400
content-length
26920
last-modified
Fri, 06 May 2022 04:25:23 GMT
server
cloudflare
etag
"6274a333-6928"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YEJsTZrXXu71rzjjC2M%2B6vpzBvm4y%2FaOPgWBdt9nSZO2LpUH8UsQ6uSFCeEtcXOAOKGs6ObaLZDtKPrvKSV7NCrOtQnHJykotRWx1pF1mR%2Ff6rYJUee8w1NRHlyPvJhXLY7Jmra7UDH2ndskBKcCGQi9DKE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
84bdaa703a1f4bbb-BUF
expires
Thu, 31 Dec 2037 23:55:55 GMT
279359211_951345179601163_2246462103500353621_nlow.jpg
www.carpemundi.com.br/wp-content/uploads/sb-instagram-feed-images/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.carpemundi.com.br/wp-content/uploads/sb-instagram-feed-images/279359211_951345179601163_2246462103500353621_nlow.jpg
Requested by
Host: bonus.plata-forma-nova.com
URL: https://bonus.plata-forma-nova.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:ce15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / sundaycooks.com, estudiosunday.com
Resource Hash
a46e7a88c12cb586f913ce211b11888c9b6bc9ca5dde35c67ff5e7612d079989
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.plata-forma-nova.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 02:46:31 GMT
strict-transport-security
max-age=63072000; includeSubdomains
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
sundaycooks.com, estudiosunday.com
alt-svc
h3=":443"; ma=86400
content-length
21041
last-modified
Fri, 29 Apr 2022 04:39:49 GMT
server
cloudflare
etag
"626b6c15-5231"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gCMEg8XPSXMhBP1FJFgWDtLUgkVxbJVJYlOLlPl%2FViSEw%2BuU13osplFQSgfGPNtOGxkK8udUeg7sxXEVwtALhlI5OH%2BuO3wpjnnG4B0Yxq3B6XXSaN5vnuEUFAExfhydraVAcZeyQF5Iu5ZD24tvx4NOe2g%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
84bdaa703a204bbb-BUF
expires
Thu, 31 Dec 2037 23:55:55 GMT
278800779_3194207054132272_4373706051244901284_nlow.jpg
www.carpemundi.com.br/wp-content/uploads/sb-instagram-feed-images/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.carpemundi.com.br/wp-content/uploads/sb-instagram-feed-images/278800779_3194207054132272_4373706051244901284_nlow.jpg
Requested by
Host: bonus.plata-forma-nova.com
URL: https://bonus.plata-forma-nova.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:ce15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / sundaycooks.com, estudiosunday.com
Resource Hash
7a3ceb60e0a1511f6b960bff0927c945915b1829fe62f82802e444dbacccdcee
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.plata-forma-nova.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 02:46:31 GMT
strict-transport-security
max-age=63072000; includeSubdomains
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
sundaycooks.com, estudiosunday.com
alt-svc
h3=":443"; ma=86400
content-length
14995
last-modified
Fri, 22 Apr 2022 04:57:17 GMT
server
cloudflare
etag
"626235ad-3a93"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8NAYUL2TVK3GbWAKAOrVef355ngNwYswlTqnYZI9xrm0eDFjXpjxbXu6%2FxFjoJ5Wcm1Dq3AgPO2eAnvCzPxWo7Fmy6B4B%2FFcaYOFJTZbFmH9eir8s6ebg4Id5uIPU%2FXl3udIKoKlH9rsr2mzX%2B4QWDw1wPo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
84bdaa703a214bbb-BUF
expires
Thu, 31 Dec 2037 23:55:55 GMT
278573896_667382714372997_6378124463802050868_nlow.jpg
www.carpemundi.com.br/wp-content/uploads/sb-instagram-feed-images/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.carpemundi.com.br/wp-content/uploads/sb-instagram-feed-images/278573896_667382714372997_6378124463802050868_nlow.jpg
Requested by
Host: bonus.plata-forma-nova.com
URL: https://bonus.plata-forma-nova.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:ce15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / sundaycooks.com, estudiosunday.com
Resource Hash
6f8d91d4c25ac9b9eeb9123dbdec4e3513aecf826c4d9b6a7e37854ef2c242ca
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.plata-forma-nova.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 02:46:31 GMT
strict-transport-security
max-age=63072000; includeSubdomains
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
sundaycooks.com, estudiosunday.com
alt-svc
h3=":443"; ma=86400
content-length
23203
last-modified
Sat, 16 Apr 2022 01:46:03 GMT
server
cloudflare
etag
"625a1fdb-5aa3"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BmQmUGEDwVD%2Fehzirn0V1xCjo9p%2FV0yXh%2BSnB83jjpV5f%2BBI5HtEEXCiBunBbeYOzlcUrnqw9JLf%2BeEMhXWBXkEODayBPmlAJL%2Bi5123bg1Y163MBqhd%2FjmtPqNOkRPUWoo1ynV93lLQEAK9BYOep8OY0Vw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
84bdaa703a224bbb-BUF
expires
Thu, 31 Dec 2037 23:55:55 GMT
278069044_523235732643819_3791869417364810356_nlow.jpg
www.carpemundi.com.br/wp-content/uploads/sb-instagram-feed-images/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.carpemundi.com.br/wp-content/uploads/sb-instagram-feed-images/278069044_523235732643819_3791869417364810356_nlow.jpg
Requested by
Host: bonus.plata-forma-nova.com
URL: https://bonus.plata-forma-nova.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:ce15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / sundaycooks.com, estudiosunday.com
Resource Hash
888c4ef4efa206954bcf0c9496ba33a2e5a8b860df2332fe39bb642a309df5af
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.plata-forma-nova.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 02:46:31 GMT
strict-transport-security
max-age=63072000; includeSubdomains
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
sundaycooks.com, estudiosunday.com
alt-svc
h3=":443"; ma=86400
content-length
17205
last-modified
Mon, 11 Apr 2022 05:40:58 GMT
server
cloudflare
etag
"6253bf6a-4335"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y2%2B48Bs18R8wXiyde8V1EyugM5%2B2cPtSGcVmMAZyJ%2BERaExEjMTlqZiaefDi59%2FFg2py91bHhWZwcNd5PBw0YMBZx4hN8Op%2FxOWAK1%2FkmNPVzcGl7yFnotpwmv6JkHD%2FRkG5Szx2cwQExiwxF5e4ATykzkw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
84bdaa703a234bbb-BUF
expires
Thu, 31 Dec 2037 23:55:55 GMT
277253224_672279627225497_2430261598191328489_nlow.jpg
www.carpemundi.com.br/wp-content/uploads/sb-instagram-feed-images/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.carpemundi.com.br/wp-content/uploads/sb-instagram-feed-images/277253224_672279627225497_2430261598191328489_nlow.jpg
Requested by
Host: bonus.plata-forma-nova.com
URL: https://bonus.plata-forma-nova.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:ce15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / sundaycooks.com, estudiosunday.com
Resource Hash
2ce35fa23b98a1b0ee32169e340bb98e39934b87ee0eb802b53ed49a39258ad8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.plata-forma-nova.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 02:46:31 GMT
strict-transport-security
max-age=63072000; includeSubdomains
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
sundaycooks.com, estudiosunday.com
alt-svc
h3=":443"; ma=86400
content-length
17886
last-modified
Fri, 25 Mar 2022 12:36:12 GMT
server
cloudflare
etag
"623db73c-45de"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h0H0eDv66ijEOddhHn8B27nmlBNpm%2B84Gxn5FNgbkZK6twpSwMvVVR%2FBVBBgGA1Oz0m0YEfqr%2B6MOSyD4GekhF7p9bDkEZlxMuXrQn1AqKo%2FKVXfQC%2BMP6%2BC4XrbYrMqz9It%2Fo8fFcVsTnp9ddy4%2FGvJNao%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
84bdaa703a294bbb-BUF
expires
Thu, 31 Dec 2037 23:55:55 GMT
world_high.svg
bonus.plata-forma-nova.com/wp-content/plugins/mapsvg/maps/not-calibrated/ 		2 KB
941 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bonus.plata-forma-nova.com/wp-content/plugins/mapsvg/maps/not-calibrated/world_high.svg?v=1
Requested by
Host: www.carpemundi.com.br
URL: https://www.carpemundi.com.br/wp-content/cache/min/1/851d6081c58b4ce8d3e7896ae3e78748.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:13:901:0:61b:9d50:3 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
3d70ce95eb1eb78620cc57fe1a6a479e6f2d70508bf813238e573863df000d6e

Request headers

Accept
*/*
Referer
https://bonus.plata-forma-nova.com/
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 02:46:31 GMT
content-encoding
br
last-modified
Thu, 26 May 2022 03:14:50 GMT
server
LiteSpeed
etag
"999-628ef0aa-4e876615e02724c4;br"
vary
Accept-Encoding
content-type
text/html
accept-ranges
bytes
platform
hostinger
content-length
912
container.html
cf79cfae7bb2dd32cb36c1e0fa90ec92.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6881 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cf79cfae7bb2dd32cb36c1e0fa90ec92.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401220101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bonus.plata-forma-nova.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 02:46:31 GMT
expires
Sun, 26 Jan 2025 02:46:31 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
cf79cfae7bb2dd32cb36c1e0fa90ec92.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 522A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cf79cfae7bb2dd32cb36c1e0fa90ec92.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401220101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bonus.plata-forma-nova.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 02:46:31 GMT
expires
Sun, 26 Jan 2025 02:46:31 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 6881 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: cf79cfae7bb2dd32cb36c1e0fa90ec92.safeframe.googlesyndication.com
URL: https://cf79cfae7bb2dd32cb36c1e0fa90ec92.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cf79cfae7bb2dd32cb36c1e0fa90ec92.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 05:57:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
74943
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 25 Jan 2025 05:57:29 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 6881 		146 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: cf79cfae7bb2dd32cb36c1e0fa90ec92.safeframe.googlesyndication.com
URL: https://cf79cfae7bb2dd32cb36c1e0fa90ec92.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b3f41912377796956c80c2f19411206767c6d76277eeca3b6fb503ee3ae54c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cf79cfae7bb2dd32cb36c1e0fa90ec92.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 02:46:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51057
x-xss-protection
0
server
cafe
etag
12723505061791459964
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sat, 27 Jan 2024 02:46:32 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 6881 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: cf79cfae7bb2dd32cb36c1e0fa90ec92.safeframe.googlesyndication.com
URL: https://cf79cfae7bb2dd32cb36c1e0fa90ec92.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cf79cfae7bb2dd32cb36c1e0fa90ec92.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 02:46:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66337
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706100845105677"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 27 Jan 2024 02:46:32 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 522A 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: cf79cfae7bb2dd32cb36c1e0fa90ec92.safeframe.googlesyndication.com
URL: https://cf79cfae7bb2dd32cb36c1e0fa90ec92.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cf79cfae7bb2dd32cb36c1e0fa90ec92.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 05:57:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
74943
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 25 Jan 2025 05:57:29 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 522A 		146 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: cf79cfae7bb2dd32cb36c1e0fa90ec92.safeframe.googlesyndication.com
URL: https://cf79cfae7bb2dd32cb36c1e0fa90ec92.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f99366d9fcf1debcfcb0b12df10ec0d81eae279034992c441e86235a4ba23549
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cf79cfae7bb2dd32cb36c1e0fa90ec92.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 02:46:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51058
x-xss-protection
0
server
cafe
etag
1463869095082326143
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sat, 27 Jan 2024 02:46:32 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 522A 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: cf79cfae7bb2dd32cb36c1e0fa90ec92.safeframe.googlesyndication.com
URL: https://cf79cfae7bb2dd32cb36c1e0fa90ec92.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cf79cfae7bb2dd32cb36c1e0fa90ec92.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 02:46:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66337
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706100845105677"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 27 Jan 2024 02:46:32 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 522A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst9eAdXe_jTLw80LmZXK2klKBvQPgl5Rw9wg26HqYB9w1Rb0x1gmO39_3DlHGKj3VN4P9ZPV-keF5yej8n1Y8c4odxp2OwtzRkTt73fjr-Od1lJwI90aJ5EaVfK__k7BTXEqIZG0qiRW8BECLP93mSxXzBDq21_L4Ew0PGZO3xEzAbnxgc_HYWl0wJAONcXziWrQGk1A8h6n63y7ViF4IVMNO2JqxlWH5WEio_RPgWdA1JD8ughHzcTQ2tvp3M81Ce7MY3k3WSsgs6ADlCIhDdLnGdzJZ6bVGfRdtLO4L_C4XdjrCUj2IEhqtHJQppKLIzh_-P2oHGbL2BDR9KBZKZRcNrif_5EK78&sai=AMfl-YSISR8jqmjl8_K6In-1pnoa5qhFofDgCcQDnAnv4DXuYXdQREH0nks3FLkyj7Pk6xwvTU1HVwjIa4ng57E3puJsCjI6mCflmoeX0a4OPu_wK5FgRNBV0Vj6Ka-RdQ&sig=Cg0ArKJSzGhWU3BB_EJTEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: cf79cfae7bb2dd32cb36c1e0fa90ec92.safeframe.googlesyndication.com
URL: https://cf79cfae7bb2dd32cb36c1e0fa90ec92.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cf79cfae7bb2dd32cb36c1e0fa90ec92.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 02:46:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 6881 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvAASPND6b0YT3FRy8fcHtTQ6RCH4D4JIRUCM_OoDK8r2eYI20Rhz_-0W1i8Y9mECP6RzGOrZb6ocGVIjXZvJWS88UcgHEZrF47R6vxnjZY9lFZGyg5bp4zlJJGoPBrVHALILQHz311dkPJ-WiwQ_dJSwPrzN5vqYizy8JR-e1QZ6kA6F38pZa9URwKRABZjw4Vu0zWvZ-OQmfdb7-vPYvMaSbyq2desMuNdUq-hvncFrnGFBFPmhmd_r7pEJ1uob3YxHOtUf3xD8yit2L2lqHj70AQidRHG9RvnTih7me1xD0UZGEBVgZTANfSMXZwF_8dJxEzamp8vwWT_jDkYr0pnLaRALXYfvzk4SOdeA&sai=AMfl-YQ1dYV7l3ZSLzJtoy9y4wceUczsbYIK4qW9cDjY4ePKjBFtpMOKwZ2bWlow4wu2MRObhDs0OeXbLhE5du6BqI0-DduU5AJgadsNOcp8NxMo1VyVLMnaWcrbVDJm_Q&sig=Cg0ArKJSzDkokkmqGooLEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: cf79cfae7bb2dd32cb36c1e0fa90ec92.safeframe.googlesyndication.com
URL: https://cf79cfae7bb2dd32cb36c1e0fa90ec92.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cf79cfae7bb2dd32cb36c1e0fa90ec92.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 02:46:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/ Frame 6881 		405 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2c81d879db2e17e16278cd197b81719661bb8f8c9e113d6bd76fae48cde9bed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cf79cfae7bb2dd32cb36c1e0fa90ec92.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 02:46:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140708
x-xss-protection
0
server
cafe
etag
12073257192342279281
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Jan 2024 02:46:32 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/ Frame 522A 		405 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2c81d879db2e17e16278cd197b81719661bb8f8c9e113d6bd76fae48cde9bed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cf79cfae7bb2dd32cb36c1e0fa90ec92.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 02:46:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140708
x-xss-protection
0
server
cafe
etag
12073257192342279281
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Jan 2024 02:46:32 GMT
truncated
/ Frame 6881 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
af8491dd3281892dcbf8c6fa2714409ee1ecbe81885f7fcffd70b08f8cead5d0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 522A 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
635fd3db6b2c5b6b2500c0f3f83eb1bcbb41c5ad9f62ef0710468f8336fda467

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
ads
googleads.g.doubleclick.net/pagead/ Frame FFCF 		603 B
66 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5604719799704952&output=html&h=250&slotname=5936160424&adk=1791241607&adf=3173046727&pi=t.ma~as.5936160424&w=300&lmt=1667502608&format=300x250&url=https%3A%2F%2Fcf79cfae7bb2dd32cb36c1e0fa90ec92.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706323592688&bpp=15&bdt=249&idt=275&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&correlator=1810976650483&frm=22&ife=3&pv=2&ga_vid=1547679496.1706323593&ga_sid=1706323593&ga_hid=872662246&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1867882211&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079266%2C44798934%2C95320378%2C95320870%2C95320891%2C95321627%2C95322162%2C95323004&oid=2&pvsid=2359848741189240&tmod=1359917875&uas=0&nvt=1&top=https%3A%2F%2Fbonus.plata-forma-nova.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.m8k5twkph5ms&fsb=1&dtd=317
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cf79cfae7bb2dd32cb36c1e0fa90ec92.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 02:46:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame AFB4 		603 B
66 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5604719799704952&output=html&h=90&slotname=8132650740&adk=2591520744&adf=3173046726&pi=t.ma~as.8132650740&w=728&format=728x90&url=https%3A%2F%2Fbonus.plata-forma-nova.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706323592760&bpp=13&bdt=308&idt=433&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&correlator=1216494985688&frm=24&ife=3&pv=2&ga_vid=687456110.1706323593&ga_sid=1706323593&ga_hid=941625344&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1867882211&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31080590%2C44798934%2C44809004%2C95320890%2C95321626%2C95322162%2C95323007&oid=2&pvsid=951133427231841&tmod=1286738774&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.bdpcza9v5w9z&fsb=1&dtd=447
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cf79cfae7bb2dd32cb36c1e0fa90ec92.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 02:46:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 6881 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst1NtWrrN3hCCay17BKst1QWFYxJCmMoN-lKSPmL0MgLAsANDfUXfEuXtqeOBHD6ndRYSp0Vca4hS8uWgUD4Yk1OYOLRGdBE2wT_GFL-JtGnZ93Y5Xz_J9Lf_W-fCHX8oCbP6gu1c12rtoZsCO9fuNN1cSjOks2T1ohtLES1VC2d4w61TL1cMdqehUuAA_Ry0GUyqLAMh5GfrmX--cm_NrWF2iCcbby55axCahyIWOUjdtsaMsfxWuUUC-TQ7ZLxnoRweQ7t2EFfnR8DzSlivxiQdOztTWdZWgovumVX8NR7QqHDSbgJEtdrGRJ6VWTkFc-7BH_mLRxyBO78ZfjK1lwt699Z2M7eT4ZvvPa_TTx&sai=AMfl-YQ0z3MQKsGuW9uCWjAPno9KfDN244iqxR4356Y0xJ1IJJuxo4fatgsJuHwpXqLrCUEKp-LrthqfDo_eeUAd63Of79DbLuNEdhCqCWvaKCk9AvmoIg1zd4tKnnXvIg&sig=Cg0ArKJSzJozC990HeHkEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cf79cfae7bb2dd32cb36c1e0fa90ec92.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 02:46:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 27 Jan 2024 02:46:33 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 6881 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240122&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0aeafcb14791a703ad8e3a7d03b3b6a812ba36088893fcb1f05cd9843eac1416
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cf79cfae7bb2dd32cb36c1e0fa90ec92.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 02:46:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12518
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 522A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstYG79O60ECSDsFc7FxbhLYHG2a312EOgj9Hg_BuJrTzvUw3iy2FDAqHmQyqVbUrQnTpRez-dE_7PEq6sL247pwyHUl3uG5Lis1LTbryqEMwx6B2re4hukjC7DwNMx7nOWFgOwC6xvQhcIRYZxZvV3lQp2PAkNh6l-vjFoDgxQLXLogrF4uwiBDDmX9EMlJeE9vX_vtP8M1anSru6w1q2m1bVHaQeXbdt9r8zRXmTLsON-ft7ceBlUVOXqT097U7S3P-zVH1xKlDMiz8_C1aSYXFU8mhdo1eCOxjfhfSPHk3IMJRPQhwXkKkPbd-4vXJN0AB-K-14WIFMinp5lWGVyrpel7ffaxDm4gnQ&sai=AMfl-YQRIQMmEMvpt0ZMjeu-bCVolWsoRQeYesrl__Oa4ElIAQJHEwAGH_MU5QaSFaswb6F47FarO4vkY0FHQ-_wPPRjkk1Lm--JO2k8_1jVKZvu9fWFgtXbm8Zg-DybEA&sig=Cg0ArKJSzEVwZov7fLYPEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cf79cfae7bb2dd32cb36c1e0fa90ec92.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 02:46:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 27 Jan 2024 02:46:33 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 522A 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240122&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bf4333d4e1445ef7aebb1ee5ef2eeef9df95250e4ce3847b72189f2a6023df41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cf79cfae7bb2dd32cb36c1e0fa90ec92.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 02:46:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12315
x-xss-protection
0
/
viagemeturismo.abril.com.br/topo-parceiros/ Frame FC94 		146 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://viagemeturismo.abril.com.br/topo-parceiros/
Requested by
Host: viagemeturismo.abril.com.br
URL: https://viagemeturismo.abril.com.br/script-topo-parceiros/?ver=1.0.0.1616095949
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:42cd , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
f0cef9525bfdcfdb0be1b6c383998415e77420adc017298a5d0a5a7114c139bd
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://bonus.plata-forma-nova.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-methods
POST, GET
access-control-allow-origin
.abril.com.br
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
access-control-max-age
0
age
13749
cache-control
max-age=300, must-revalidate
content-encoding
br
content-length
22211
content-type
text/html; charset=UTF-8
date
Sat, 27 Jan 2024 02:46:33 GMT
host-header
a9130478a60e5f9135f765b23f26593b
link
<https://viagemeturismo.abril.com.br/wp-json/>; rel="https://api.w.org/"
server
nginx
strict-transport-security
max-age=300
vary
Accept-Encoding, Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
x-cache
grace
x-hacker
If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by
WordPress VIP <https://wpvip.com>
x-rq
jfk2 85 187 443
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: viagemeturismo.abril.com.br
URL: https://viagemeturismo.abril.com.br/script-topo-parceiros/?ver=1.0.0.1616095949
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.plata-forma-nova.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 27 Jan 2024 01:51:43 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
3290
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 27 Jan 2024 03:51:43 GMT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1333840735&t=pageview&_s=1&dl=https%3A%2F%2Fbonus.plata-forma-nova.com%2F&ul=en-us&de=UTF-8&dt=Carpe%20Mundi%20-%20Blog%20de%20viagens%20e%20experi%C3%AAncias%20pelo%20mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDACUABBAAAACAAI~&jid=1266945210&gjid=1880281310&cid=1312026962.1706323591&tid=UA-11416880-11&_gid=16178844.1706323591&_r=1&_slc=1&z=930336320
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://bonus.plata-forma-nova.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 02:46:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bonus.plata-forma-nova.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240122&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
98ba12c3910067967f14111964cc4a7fa87a6c65ef840d208969939af0a77f5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.plata-forma-nova.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 02:46:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12269
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 6881 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cf79cfae7bb2dd32cb36c1e0fa90ec92.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 02:46:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 27 Jan 2024 02:46:33 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 522A 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cf79cfae7bb2dd32cb36c1e0fa90ec92.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 02:46:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 27 Jan 2024 02:46:33 GMT
collect
stats.g.doubleclick.net/j/ 		2 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-11416880-11&cid=1312026962.1706323591&jid=1266945210&gjid=1880281310&_gid=16178844.1706323591&_u=aCDACUABBAAAACAAI~&z=1001438976
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bonus.plata-forma-nova.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 27 Jan 2024 02:46:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bonus.plata-forma-nova.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.plata-forma-nova.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 02:46:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 27 Jan 2024 02:46:33 GMT
Tarte-Tatin-Rubaiyat2_credito_Caique-Diniz.jpg
viagemeturismo.abril.com.br/wp-content/uploads/2024/01/ Frame FC94 		124 KB
124 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://viagemeturismo.abril.com.br/wp-content/uploads/2024/01/Tarte-Tatin-Rubaiyat2_credito_Caique-Diniz.jpg?quality=90&strip=info&w=1280&h=720&crop=1
Requested by
Host: viagemeturismo.abril.com.br
URL: https://viagemeturismo.abril.com.br/topo-parceiros/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:42cd , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
dbedd7f99218c9f85f5f7d65c1aed04b8b830c685c3eb0ec4ee489a90c3b746a
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-US,en;q=0.9
Referer
https://viagemeturismo.abril.com.br/topo-parceiros/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 02:46:33 GMT
strict-transport-security
max-age=300
x-rq
jfk2 102 32 443
last-modified
Fri, 26 Jan 2024 18:05:25 GMT
server
nginx
etag
"827bf14c0569b12e"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
127022
/
viagemeturismo.abril.com.br/_static/ Frame FC94 		235 KB
56 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://viagemeturismo.abril.com.br/_static/??-eJyVkNsOgjAMQH/IMVAivhi/ZWwVKt1GaBfl711CJCa+uLdezmna6uesMFhKDlhbZu0Mj2hj4MpjqHLloL+RB2vJ/amPrz3YqawJBNE+qZnSgCHzILOxk2qa6qJ9dInyEAx3DCig2C6R6JOvP4NkBJ950y9IyhsWWI7aMINsyw4LumJpu67U2ho0zK7cJWQplsbo84PACv69LstKUIje/LXp6vOxO9Vt+wa618NK
Requested by
Host: viagemeturismo.abril.com.br
URL: https://viagemeturismo.abril.com.br/topo-parceiros/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:42cd , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
2b7719f517051ba364effe71e81d53d98d9c40bd86a96083056d6f1bcdde154b
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-US,en;q=0.9
Referer
https://viagemeturismo.abril.com.br/topo-parceiros/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 02:46:33 GMT
content-encoding
br
strict-transport-security
max-age=300
last-modified
Fri, 26 Jan 2024 12:44:04 GMT
server
nginx
x-rq
jfk2 85 187 443
vary
Accept-Encoding
x-cache
HIT
content-type
text/css;charset=utf-8
cache-control
max-age=31536000
css
fonts.googleapis.com/ Frame FC94 		3 KB
458 B 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C900&display=swap&ver=6.2.3
Requested by
Host: viagemeturismo.abril.com.br
URL: https://viagemeturismo.abril.com.br/topo-parceiros/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::200a Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
01ceac19d4db649328dab8cb759c7bcba6e3ca9f3605723bc0fdd80c1c4d2c2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://viagemeturismo.abril.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 27 Jan 2024 02:46:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 27 Jan 2024 01:43:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 27 Jan 2024 02:46:33 GMT
css2
fonts.googleapis.com/ Frame FC94 		14 KB
746 B 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat%3Awght%40100%3B300%3B400%3B500%3B600%3B700%3B800%3B900&display=swap&ver=6.2.3
Requested by
Host: viagemeturismo.abril.com.br
URL: https://viagemeturismo.abril.com.br/topo-parceiros/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::200a Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8695ffba4c0e2365c1552c59667310e0fedcf146cbdf7de784e649f2210688dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://viagemeturismo.abril.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 27 Jan 2024 02:46:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 27 Jan 2024 02:46:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 27 Jan 2024 02:46:33 GMT
css2
fonts.googleapis.com/ Frame FC94 		2 KB
426 B 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Red+Hat+Display%3Awght%40400%3B700&display=swap&ver=6.2.3
Requested by
Host: viagemeturismo.abril.com.br
URL: https://viagemeturismo.abril.com.br/topo-parceiros/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::200a Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b9debcbf6dc127c66b8fec7262985158eb093cff674af9bbabfa2155f45fb9ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://viagemeturismo.abril.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 27 Jan 2024 02:46:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 27 Jan 2024 02:46:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 27 Jan 2024 02:46:33 GMT
/
viagemeturismo.abril.com.br/_static/ Frame FC94 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://viagemeturismo.abril.com.br/_static/??-eJzTLy/QzcxLzilNSS3WzyrWz01NyUxMzUnNTc0rQeEU5CRWphbp5qSmJyZX6uVm5uklFxfr6OPTDpRD5sM02efaGpobGFoamBoYmwIARI4u2g==
Requested by
Host: viagemeturismo.abril.com.br
URL: https://viagemeturismo.abril.com.br/topo-parceiros/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:42cd , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
3d2c10cf69410c10177fc6e56937d05151b182841fa6aee36f651d587d91fbb8
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-US,en;q=0.9
Referer
https://viagemeturismo.abril.com.br/topo-parceiros/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 02:46:33 GMT
content-encoding
br
strict-transport-security
max-age=300
last-modified
Wed, 06 Dec 2023 23:23:55 GMT
server
nginx
x-rq
jfk2 85 188 443
vary
Accept-Encoding
x-cache
HIT
content-type
text/css;charset=utf-8
cache-control
max-age=31536000
classic-themes.min.css
viagemeturismo.abril.com.br/wp-includes/css/ Frame FC94 		291 B
502 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://viagemeturismo.abril.com.br/wp-includes/css/classic-themes.min.css?m=1701905034g
Requested by
Host: viagemeturismo.abril.com.br
URL: https://viagemeturismo.abril.com.br/topo-parceiros/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:42cd , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-US,en;q=0.9
Referer
https://viagemeturismo.abril.com.br/topo-parceiros/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 02:46:33 GMT
strict-transport-security
max-age=300
x-rq
jfk2 85 187 443
last-modified
Wed, 06 Dec 2023 23:23:54 GMT
server
nginx
etag
"6571028a-123"
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
291
style.css
viagemeturismo.abril.com.br/wp-content/themes/abril-viagemeturismo/custom-posts/searchbox/css/ Frame FC94 		961 B
583 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://viagemeturismo.abril.com.br/wp-content/themes/abril-viagemeturismo/custom-posts/searchbox/css/style.css?m=1669646169g
Requested by
Host: viagemeturismo.abril.com.br
URL: https://viagemeturismo.abril.com.br/topo-parceiros/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:42cd , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ad4934095a0f35a24a0dfd4bb4b28184272713e6d249ef129cd22298a2683e2f
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-US,en;q=0.9
Referer
https://viagemeturismo.abril.com.br/topo-parceiros/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 02:46:33 GMT
content-encoding
br
strict-transport-security
max-age=300
last-modified
Mon, 28 Nov 2022 14:36:09 GMT
server
nginx
x-rq
jfk2 85 188 443
etag
W/"6384c759-3c1"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
/
viagemeturismo.abril.com.br/_static/ Frame FC94 		218 KB
39 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://viagemeturismo.abril.com.br/_static/??-eJydj10OgkAMhC/ksqBEfDGepS4Vq/tDtgXi7V2Mm6ghMfrWzqTzTfXUKxO8oBctZ3TIGo6RrBoJurTKEIld0L0dOvLZ7CGKx8hqFG04q+34aqS5wyK5K/0XA2xKRBbyIBSS/Ab6dJdpOXEkieRRwYksQRtSEDMKa5ab/VLSAQvGdb6YW4TJFgZiGBht4cj/9OUy0g0ql72g9GCuqqqK3QP3FOabg9tXTbldN5uyru+qkqbV
Requested by
Host: viagemeturismo.abril.com.br
URL: https://viagemeturismo.abril.com.br/topo-parceiros/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:42cd , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e680bdcd29f14f250c3300da8fc3955893325d0a867ed1b4481fbc7586ed5b4f
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-US,en;q=0.9
Referer
https://viagemeturismo.abril.com.br/topo-parceiros/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 02:46:33 GMT
content-encoding
br
strict-transport-security
max-age=300
last-modified
Fri, 26 Jan 2024 12:44:04 GMT
server
nginx
x-rq
jfk2 85 187 443
vary
Accept-Encoding
x-cache
HIT
content-type
text/css;charset=utf-8
cache-control
max-age=31536000
jquery-3.7.0.min.js
viagemeturismo.abril.com.br/wp-content/themes/abril-master2/js/vendor/ Frame FC94 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://viagemeturismo.abril.com.br/wp-content/themes/abril-master2/js/vendor/jquery-3.7.0.min.js?ver=2.3.8
Requested by
Host: viagemeturismo.abril.com.br
URL: https://viagemeturismo.abril.com.br/topo-parceiros/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:42cd , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
32b42f9bc813dd6bad1b45129eade1df8dd1463908f79505209fbfa1aa71018a
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-US,en;q=0.9
Referer
https://viagemeturismo.abril.com.br/topo-parceiros/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 02:46:33 GMT
content-encoding
br
strict-transport-security
max-age=300
last-modified
Tue, 12 Sep 2023 21:22:18 GMT
server
nginx
x-rq
jfk2 85 188 443
etag
W/"6500d68a-155a6"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
abril-ga-send.js
viagemeturismo.abril.com.br/wp-content/themes/abril-master2/assets/js/ Frame FC94 		12 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://viagemeturismo.abril.com.br/wp-content/themes/abril-master2/assets/js/abril-ga-send.js?ver=2.3.8
Requested by
Host: viagemeturismo.abril.com.br
URL: https://viagemeturismo.abril.com.br/topo-parceiros/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:42cd , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
af3ff7c00cb16b78db9d132f8b8a86ec4a8eb3a570037fed91180a2e942ffc35
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-US,en;q=0.9
Referer
https://viagemeturismo.abril.com.br/topo-parceiros/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 02:46:33 GMT
content-encoding
br
strict-transport-security
max-age=300
last-modified
Fri, 15 Dec 2023 15:29:41 GMT
server
nginx
x-rq
jfk2 85 188 443
etag
W/"657c70e5-30a3"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
viagemeturismo.abril.com.br.1460678.js
jsc.mgid.com/v/i/ Frame FC94 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/v/i/viagemeturismo.abril.com.br.1460678.js
Requested by
Host: viagemeturismo.abril.com.br
URL: https://viagemeturismo.abril.com.br/topo-parceiros/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0680e5ffd158219b2eda77ada4d5b4eb69afd340722b4b75a9772123b2775de0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://viagemeturismo.abril.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 02:46:34 GMT
x-amz-version-id
CXIaNm09WTwggAUMGxI0Jo.KtvWucN3Q
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
Q5RXBT3T7NFA9V82
cf-polished
origSize=3777
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
GXXEMQRKkEZugGaA88XrTrLL489ve3n9LwnDdEBX4n8JSPAnfZtVH5zeNeNGoz9dW8JS19Cmkqg=
cf-bgj
minify
last-modified
Tue, 23 Jan 2024 09:13:19 GMT
server
cloudflare
etag
W/"265e7c0d3250c3d565641b50ce4a5730"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=10800
cf-ray
84bdaa7e5bce4bd2-BUF
expires
Sat, 27 Jan 2024 05:46:34 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-11416880-11&cid=1312026962.1706323591&jid=1266945210&_u=aCDACUABBAAAACAAI~&z=1328085768
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2004 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.plata-forma-nova.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 02:46:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7978 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cf79cfae7bb2dd32cb36c1e0fa90ec92.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
51850
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 26 Jan 2024 12:22:23 GMT
expires
Sat, 25 Jan 2025 12:22:23 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 211E 		829 B
982 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2004 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
270d5d47752cb5afe51fce9a7d8af0c341afa72408df9f6e4cb74f2345af5998
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-8zOsE7DVAiqmyhf-P5KBlg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cf79cfae7bb2dd32cb36c1e0fa90ec92.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-8zOsE7DVAiqmyhf-P5KBlg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 02:46:33 GMT
expires
Sat, 27 Jan 2024 02:46:33 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5E3A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cf79cfae7bb2dd32cb36c1e0fa90ec92.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
51850
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 26 Jan 2024 12:22:23 GMT
expires
Sat, 25 Jan 2025 12:22:23 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 49CD 		829 B
770 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2004 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8beb06cb50c263e6adca4918781cfba2f783745c3a8336161d34a746c8d0a78a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-5oJ90ympxGKIbBme-k63qg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cf79cfae7bb2dd32cb36c1e0fa90ec92.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-5oJ90ympxGKIbBme-k63qg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 02:46:33 GMT
expires
Sat, 27 Jan 2024 02:46:33 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7E4A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bonus.plata-forma-nova.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
51850
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 26 Jan 2024 12:22:23 GMT
expires
Sat, 25 Jan 2025 12:22:23 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 2793 		829 B
770 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2004 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9f71ad748a7714b924f1e831a18fbdca2ccdce485a99b73aff9f61ef1df13b41
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-yIFZFWkcsqywIGlCL07ZIg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bonus.plata-forma-nova.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-yIFZFWkcsqywIGlCL07ZIg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 02:46:33 GMT
expires
Sat, 27 Jan 2024 02:46:33 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 211E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240122&jk=2359848741189240&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 7978 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 06:10:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
74158
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 25 Jan 2025 06:10:35 GMT
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 5E3A 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 06:10:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
74158
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 25 Jan 2025 06:10:35 GMT
marfeel-sdk.js
sdk.mrf.io/statics/ Frame FC94 		165 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.mrf.io/statics/marfeel-sdk.js?id=3166
Requested by
Host: viagemeturismo.abril.com.br
URL: https://viagemeturismo.abril.com.br/topo-parceiros/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:325a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04928c593fd749c9d672b66b1a2369e85e9aebe7c15179cfb9f47a72486ca2d5

Request headers

Referer
https://viagemeturismo.abril.com.br/
Origin
https://viagemeturismo.abril.com.br
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-response-time
24ms
date
Sat, 27 Jan 2024 02:46:34 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Tue, 23 Jan 2024 17:30:34 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=1800
x-envoy-upstream-service-time
32
accept-ranges
bytes
cf-ray
84bdaa7e7f064bc0-BUF
alt-svc
h3=":443"; ma=86400
content-length
47750
sodar
pagead2.googlesyndication.com/pagead/ Frame 49CD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240122&jk=951133427231841&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 2793 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240122&jk=1143235603038385&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 7E4A 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 06:10:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
74158
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 25 Jan 2025 06:10:35 GMT
generate_204
tpc.googlesyndication.com/ Frame 7978 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?n868aQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 02:46:34 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 5E3A 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?lnlmIg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 02:46:34 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 7E4A 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?M6hGeA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 02:46:34 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
viagemeturismo.abril.com.br.1460678.es6.js
jsc.mgid.com/v/i/ Frame FC94 		728 KB
183 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/v/i/viagemeturismo.abril.com.br.1460678.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/v/i/viagemeturismo.abril.com.br.1460678.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbd0a505d54460fd42c23674011bf2682ad001256e8f7f5ff9bc2b53ed214cd9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://viagemeturismo.abril.com.br/
Origin
https://viagemeturismo.abril.com.br
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 02:46:34 GMT
x-amz-version-id
wNYpIWi29m8xfx3woha_DZdArhpbt.hd
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
MWSEPZNRF11SJAM2
cf-polished
origSize=745039
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
5ED/9AKMyIorw/AcTMD+iU7suhDk18Q1AcllrPNMu3R4MQRGnZQkE4gRLACkuIkxTBxtYN+RYG7pjzGZZJBYMhY/1TrxSLdNiHjBwg2xU2s=
cf-bgj
minify
last-modified
Tue, 23 Jan 2024 09:13:19 GMT
server
cloudflare
etag
W/"d4ad5312b001c054bbb57f79278b9a4b"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=10800
cf-ray
84bdaa802c7f4bd2-BUF
expires
Sat, 27 Jan 2024 05:46:34 GMT
ingest.php
events.newsroom.bi/ Frame FC94 		126 B
883 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=3166
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.19.96.32 , France, ASN16276 (OVH, FR),
Reverse DNS
haproxy05.cl13.ovh.mrf.io
Software
istio-envoy /
Resource Hash
c4866c723c789cf04a4900008e83e9a923d0209e0ee11f32a679c3ece024e103

Request headers

Referer
https://viagemeturismo.abril.com.br/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 27 Jan 2024 02:46:34 GMT
content-encoding
gzip
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://viagemeturismo.abril.com.br
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
86
sodar
pagead2.googlesyndication.com/pagead/ Frame 6881 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240122&jk=2359848741189240&bg=!mJulm9TNAAa8BdJLnAU7ADQBe5WfOLbGhnjb7XqrUkvHijlQfyJZd28o3C-GwW0-Q3RBt4uCaIcG-itKx5HcapkFIIiZAgAAAXlSAAAABGgBBwoAYXQ-hfOanSHDp7ARllM-HzV9o3Mqw14uXCeELSW5wtoaLNoVy48s2DhSPVwio4BerJfyE-ws3ZK4tB7EB_hxY1HjFLONrFGbyc8G9-O6gANkewoAM0zUabXjwbiPhpLyw7-ZAxjSSZqOx15Apncp6ShlAA8KRNlslCrKpqTxgJb2BmB9lB6hlS7_-AICy4pSQEpzJe3QhUP9mVo7Tn-Xf3TWNhiWiqlujWOtOwabbzx8l4mRH6vDmHNeAG2oJDbkr6KlO7J1qTee83mJmrRZfExYa80zxCZ3r9uHXvRqDsQwNvEnCHdhFy0LOjBLlOmMag16Ct_FaTuVv9Jp44O8vAY3G0Vc3e40Nx-nLsteh3n7ezmh5v1OtZdXuv47QPI8w8HkmofcaAriwnzCoAGEIPuCE-vSbC-tiexzRIKGgT7UNVQddIQIcyriZkMy2PUS5TMNXODe7U7BX9d7f0_ofy1DVIn7YITJHGqc7NtkcdgJ9GSeDEnCRj3sdOqfgvkkmg_GGaGd_emsYdVIG3k3DBWAycF5y3rdXhXNBNhGoJrFcI2N2eCQ4MegDwBxDF8ivU1WXj-OAahamLjnGHYftSKyfNuW38kGvddQQxyGYLPjmtGqlYr7vcDyNsJr6kbKo13ac_UkaOzbrOO2JYkLpDfD4EhJYqAbckLqw0142_pMEOb3OYBcOmkNsvHWMa1HuEwqwwHCtjVZNBA_zsWngpge_90M61Dcc4UGb2pWwAhdf2bsQTA-G5-px_hQQBNZ5xDEQakHaLRhJz8thxA5CSShoK5S5zHid0vHcRfNL5DWllrDmlO7nvGfhRA86D_wb-m2a9U6axMLtdFOAfaMJN62wx-5pLh_RuRL4clW-hdVIudUIxh7PYt_3PHqc94P0DccGpv5R3HNWOA0xeH9WJBbxX99BFu_pk6qr1iVjtLDbRFu3z0zWiZEtqa7jkrDum3Q-lHPfGokXWy6aFYfn23_KR-jem9ompXOA3_I9xvd_trOmPp7CsqoYe4u4z3VF1xKhFb_bP9JZ--IAE3P7c8et7rwfyVN8Nx1paWrn-NhI_kWujztAWKM87L1DAdfgFSsrBXCSX8_ZoeQAI7DCe6cURJ_YBmTOFGnRM3w8TCOnv0wCza-jJKKlDbqrDvrsmXOnjv2WJNFio_yOe5TA0rDGIIdq78Nwil9Uq4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cf79cfae7bb2dd32cb36c1e0fa90ec92.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 522A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240122&jk=951133427231841&bg=!8fKl8r3NAAa8BdJLnAU7ADQBe5WfOAV3nExhO7rKM3ienCdxB6LtRpOrkcCsIgq4NoVInQW-eGnJH6p7UOmQOb3yA592AgAAAXlSAAAAA2gBBwoAZ3fN6hImmidwE-cqkRaGpk0yNwq3B-HoO8cfwq_Ki0mlyQXZqJRV3L6o5MIpHfoVuIqV-hyHbyz658pGpr47ZtYBjeFpoGG-gcwDEBMKZgiiqe5cY8c5zEPf3H1U7bms3z6MgE7Cs4iZAx00kjxYTV2Kn-QSPefA8-KUcjJGfBNYhqVW2okl9WixmT7UH-35SJsgx4A33N3rJH5D7qYFODI96Hcb_IIaVb3-zSVXDwru46PqOXl3fYnpsykkH7YEh2HBUph5EIr1ulz-VOR7FnRI-COlPfM2uAJsVeNIohvU2uZAFROJ6nR7bby6QbHP5A308Gyd9PfHxIMQ5H0OmwbORzw3St479CVCEQQgmkGlgpZJWQe3LZCXKz9e8cWJHl5oTz2TDDO-8UQIgCw3J9N_GPf1d7L5c1CFLP1fg5QkMXtwUM7fYix0d8FNso5dAR_O-KycpHET196__30uENOQtu0i4B-eTHwwd-nB4sdl1yhYlOx7-vvgTRIykrHPoXluN6CJgfbLP967-SrP2WQD0d3sSG4jN6UTz2EBNxOU0MDenfYqrftlNkckImd71RUfGBKpMVCqsorFWOU4I7FwULiR1ewAhTxRGS0IGjShr5A35MkuDxxZ5JJ9zpvPvYuL5rAHqTQbFEWQjcKZva0w1goOMDhhdm5KUBQ9saFvYd0fguyg6_XJh6FSAHxXoIRbsvDtt3eKBX4wt2A2SrzdRslYdXTSzsRxqeRRTOJiQj6Pn3KguS_1JBIoWV8y1d_3XrIRw7LMs_6X_8zIJIHvbwiO7J136dumGvSQn0wxIaaoihU_cBWVwBoHpORbTSjyOIlz_oM12lJPeISShtTxulXK9_j8wd_AqUtRx8torLNptgPLwFBNHHMnT2CNJmDnR_gdV6ZXlMNtKWmjUWPdd9cDAtZxcQXTZfWu5OSz80-KlTOkqQHGhhmQck-B13TzdcDVCsI7ecfV9xJo26zDIBeyD3-li8Rdm4DRovXz-1kaG2KJjO_u4PU9qekmopKeZzdMp15BoWKBVFu3CVveOzwFHljGVTROcI3M4tIWFYn6niYFOt91LlJ0bVKOcv95WGkFhhD-vDq5j3rXzHNicSPcfwwKOFoe91HabcoiLzESlPMQk3ds23SrzWWcU6Qre0-qe9P7i2XBriiXysxOWP1gKUZd06UR91TLCSNn83v2Awr5fA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cf79cfae7bb2dd32cb36c1e0fa90ec92.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240122&jk=1143235603038385&bg=!MzClMH_NAAa8BdJLnAU7ADQBe5WfOF02eL-RP1-zhIGXAVchsX0CjVKJa2aCuzrKoIdd9AC3SXiQL_JDxo8o0n9vvZd5AgAAAT1SAAAAA2gBB5kCyHM5cyXiQpM8lAlPC_Kd_Ui06Pw7P3dVCnThMdEkhPfEFKxfTyecwgA6chbYqPPFviofft_ykb-UXr-lDhh9WQzL95eKc06jtvWJOny9Nr_P2x2n1pyCEIUxMxlEUYBEaDSHhgTltW2URblkSiOdzhJuQLBZgt1COyiL01OPproTjoVZ_3PjitmUg4fp6sjHDFh_QxDaQBSeQYr0rDfX9zOQRfVTA2gQU1f7JmZ_QC4IOndQYKbVUiFRlpOs7HGCD1BvAj2VAQ6BCqvf3fMB_pJ0O-quzmUDWrHny2VDYFgQa81cL1gxSrN9rdfbuLg02Cfjzym5lVFGheetEmGGc-YBVz9CxpL-qGHnPwunEPUXW3FOtjdN_JDbf9bVYXS2C8nR1bfo0tGJqSz5PtS0qrnrI0PQ5zMTJN8fj1v4XYswn9DzRc2rjXGSJjYOO4f4O-MB_a1TTDveuArLN-4ASd0IzyCY1b-IZnnn0AJk_pA1OUdSKv8X1NihoYUDclCp9w5K1PXrnISBkgYXlQ2058wse_oN9LszM4dIYyeSZ3BSvzN1Hm2qb5fViVUYTsTjNbQbVg-1swqswJIN05UsQplwfEl-TZ5dU_7VwyKRnRcPFcLQ6YjT_m2HQGzyCMK7w-cMycqgmW06ezwhYby1YGgGJRFJUSZ3O0t0C5JkTdkxcoJ5VZT2bt6fqhNWdfjDBwRI40m14GXFIU6xfDEDk0Kahrxcy4iuo0NhAZyw0VSwkKZUOoPITgtcmKT8G8chfSYfPeA7UFEr167QwjlUmMa6d8T845BMuJd4vUG5vh0gd-EjKIJmJ-HRiJwJc5a9zXJaAPorgDj_RSwzMDyQS6UqxLiKP-RwMsX01sJCC1s43GH6VunrV7rLC22wLJ425uzpSqZXbMMEpV09OvfbFPISj81DFcnqXd9Z4P9BqXjj1jwe7assAfk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.plata-forma-nova.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
recirculation.php
events.newsroom.bi/ Frame FC94 		12 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/recirculation.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=3166
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.19.96.32 , France, ASN16276 (OVH, FR),
Reverse DNS
haproxy05.cl13.ovh.mrf.io
Software
istio-envoy /
Resource Hash

Request headers

Referer
https://viagemeturismo.abril.com.br/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 27 Jan 2024 02:46:35 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://viagemeturismo.abril.com.br
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
12
dw-check.html
experiences.mrf.io/passexperience/ Frame B643 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://experiences.mrf.io/passexperience/dw-check.html?v=6
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=3166
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:325a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fc487a75eea98b11319aafde13f978f28438e37cd8bcf0fca3ac4f86812a607
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://viagemeturismo.abril.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
1613643
alt-svc
h3=":443"; ma=86400
cache-control
max-age=86400, s-maxage=2592000
cf-cache-status
HIT
cf-ray
84bdaa860e8c4bbd-BUF
content-encoding
gzip
content-type
text/html
date
Sat, 27 Jan 2024 02:46:35 GMT
last-modified
Mon, 08 Jan 2024 08:31:32 GMT
server
cloudflare
strict-transport-security
max-age=31536000 ; includeSubDomains
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
2
ingest.php
events.newsroom.bi/ Frame FC94 		2 B
791 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=3166
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.19.96.32 , France, ASN16276 (OVH, FR),
Reverse DNS
haproxy05.cl13.ovh.mrf.io
Software
istio-envoy /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://viagemeturismo.abril.com.br/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 27 Jan 2024 02:46:35 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://viagemeturismo.abril.com.br
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
2
9a77e50f-d71b-444b-931f-a6850aaa1d6b
https://viagemeturismo.abril.com.br/ Frame FC94 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://viagemeturismo.abril.com.br/9a77e50f-d71b-444b-931f-a6850aaa1d6b
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
0
Content-Type
text/javascript
ff52e309-7e06-43fc-88e6-27265983e9d4
https://viagemeturismo.abril.com.br/ Frame FC94 		250 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://viagemeturismo.abril.com.br/ff52e309-7e06-43fc-88e6-27265983e9d4
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
250
Content-Type
text/javascript
/
c.mgid.com/pv/ Frame FC94 		43 B
138 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/pv/?pr=bonus.plata-forma-nova.com&lu=https%3A%2F%2Fviagemeturismo.abril.com.br%2Ftopo-parceiros%2F&cbuster=1706323595123548794629&pvid=18d48cfcf7393eb1257&implVersion=16&cxurl=https%3A%2F%2Fviagemeturismo.abril.com.br%2Ftopo-parceiros%2F&site=884294&i=1&scum=%3F0&scuw=%3F0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://viagemeturismo.abril.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 02:46:35 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
cf-ray
84bdaa85ce664bd2-BUF
alt-svc
h3=":443"; ma=86400
content-length
43
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-XHB8GF35Q4&gtm=45je41o0v9116361815&_p=1706323590343&gcd=11l1l1l1l1&dma=0&gdid=dZTNiMT&cid=1312026962.1706323591&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1706323591&sct=1&seg=0&dl=https%3A%2F%2Fbonus.plata-forma-nova.com%2F&dt=Carpe%20Mundi%20-%20Blog%20de%20viagens%20e%20experi%C3%AAncias%20pelo%20mundo&_s=2&tfd=8270
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XHB8GF35Q4&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bonus.plata-forma-nova.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 02:46:36 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bonus.plata-forma-nova.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.carpemundi.com.br
URL
https://www.carpemundi.com.br/wp-content/themes/carpemundi/fonts/fontawesome-webfont.woff2?v=4.7.0
Domain
www.carpemundi.com.br
URL
https://www.carpemundi.com.br/wp-content/themes/carpemundi/fonts/fontawesome-webfont.woff?v=4.7.0
Domain
www.carpemundi.com.br
URL
https://www.carpemundi.com.br/wp-content/themes/carpemundi/fonts/fontawesome-webfont.ttf?v=4.7.0
Domain
www.carpemundi.com.br
URL
https://www.carpemundi.com.br/wp-content/themes/carpemundi/fonts/fontawesome-webfont.svg?v=4.7.0
Domain
www.carpemundi.com.br
URL
https://www.carpemundi.com.br/wp-content/themes/carpemundi/fonts/fontawesome-webfont.woff2?v=4.7.0
Domain
www.carpemundi.com.br
URL
https://www.carpemundi.com.br/wp-content/themes/carpemundi/fonts/fontawesome-webfont.woff?v=4.7.0
Domain
www.carpemundi.com.br
URL
https://www.carpemundi.com.br/wp-content/themes/carpemundi/fonts/fontawesome-webfont.ttf?v=4.7.0

Verdicts & Comments Add Verdict or Comment

96 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 function| gtag object| dataLayer function| loadCSS object| adsbygoogle object| seguros_promo function| _createClass function| _classCallCheck function| RocketBrowserCompatibilityChecker object| RocketPreloadLinksConfig object| google_tag_manager object| google_tag_data object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| GoogleAnalyticsObject function| ga string| google_user_agent_client_hint function| initFramePartner object| mapsvg_paths object| mapsvg_ini_vars object| sb_instagram_js_options object| lazyLoadOptions function| wprRemoveCPCSS function| LazyLoad object| GooglebQhCsO string| ajaxurl function| cmBackToTop string| sbiajaxurl function| MapSVG function| getDistanceFromLatLonInKm function| deg2rad object| scripts object| myScript string| pluginRootURL boolean| sbi_js_exists function| lazyLoadThumb function| lazyLoadYoutubeIframe undefined| $ function| jQuery object| googletag object| mc4wp object| bootstrap function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Flickity function| Unipointer function| Unidragger function| imagesLoaded object| Handlebars function| SearchIndex function| Bloodhound function| sbi_init object| images boolean| is_image object| iframes boolean| is_iframe object| rocket_lazy object| gaGlobal function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| gaplugins object| gaData object| $window object| sbi number| sbiWindowWidth number| sbi_photo_width_manual string| $contName object| GoogleGcLKhOms object| google_image_requests

14 Cookies

Domain/Path Name / Value
.plata-forma-nova.com/ Name: _gcl_au
Value: 1.1.637107850.1706323591
.plata-forma-nova.com/ Name: _ga
Value: GA1.2.1312026962.1706323591
.plata-forma-nova.com/ Name: _gid
Value: GA1.2.16178844.1706323591
.plata-forma-nova.com/ Name: _gat_gtag_UA_69391223_1
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUm3H3kwyhLIfFYoWz70DQPcT7H3Aw25d_PuNA6C7WykDwvrq9DkgvZ82tfsxuU
.plata-forma-nova.com/ Name: __gads
Value: ID=79b37cd2f8099000:T=1706323591:RT=1706323591:S=ALNI_MZkvMaQ1QnY9jMljUpOQNSdck2d8A
.plata-forma-nova.com/ Name: __gpi
Value: UID=00000a098a79bedd:T=1706323591:RT=1706323591:S=ALNI_MYs7_hIZ9z12zvQhE1tgd0JE76guQ
.plata-forma-nova.com/ Name: _ga_XHB8GF35Q4
Value: GS1.1.1706323591.1.0.1706323591.0.0.0
.plata-forma-nova.com/ Name: _gat_gaParceirosAbril
Value: 1
.mgid.com/ Name: __cf_bm
Value: gBXeb2ybBfFv9gMaOkYp35NBAxP0bvJ_rFlWf7ly5.E-1706323594-1-AS/2tduR804eIoXzU4as1HTz5SzC8czn6LaeaPvzO4DGlM8k0rmaRgBmJ6RyN4/RBj+92FT7viNnJNdX8sR/cK4=
events.newsroom.bi/ Name: 3166_u
Value: 5f704e98-2965-4c32-9096-deb9c1a17ec4
events.newsroom.bi/ Name: 3166_s
Value: 68127aa9-a4b0-4336-97e1-b062724a4df4
events.newsroom.bi/ Name: 3166_lv
Value: null
events.newsroom.bi/ Name: 3166_ut
Value: 0

28 Console Messages

Source Level URL
Text
javascript error URL: https://bonus.plata-forma-nova.com/
Message:
Access to font at 'https://www.carpemundi.com.br/wp-content/themes/carpemundi/fonts/fontawesome-webfont.woff?v=4.7.0' from origin 'https://bonus.plata-forma-nova.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.carpemundi.com.br/wp-content/themes/carpemundi/fonts/fontawesome-webfont.woff?v=4.7.0
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://bonus.plata-forma-nova.com/
Message:
Access to font at 'https://www.carpemundi.com.br/wp-content/themes/carpemundi/fonts/fontawesome-webfont.ttf?v=4.7.0' from origin 'https://bonus.plata-forma-nova.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.carpemundi.com.br/wp-content/themes/carpemundi/fonts/fontawesome-webfont.ttf?v=4.7.0
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://bonus.plata-forma-nova.com/
Message:
Access to font at 'https://www.carpemundi.com.br/wp-content/themes/carpemundi/fonts/fontawesome-webfont.woff2?v=4.7.0' from origin 'https://bonus.plata-forma-nova.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.carpemundi.com.br/wp-content/themes/carpemundi/fonts/fontawesome-webfont.woff2?v=4.7.0
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://bonus.plata-forma-nova.com/
Message:
Access to font at 'https://www.carpemundi.com.br/wp-content/themes/carpemundi/fonts/fontawesome-webfont.svg?v=4.7.0#fontawesomeregular' from origin 'https://bonus.plata-forma-nova.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.carpemundi.com.br/wp-content/themes/carpemundi/fonts/fontawesome-webfont.svg?v=4.7.0#fontawesomeregular
Message:
Failed to load resource: net::ERR_FAILED
javascript warning URL: https://www.carpemundi.com.br/wp-content/cache/min/1/851d6081c58b4ce8d3e7896ae3e78748.js(Line 2)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401220101/pubads_impl.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.carpemundi.com.br/wp-content/cache/min/1/851d6081c58b4ce8d3e7896ae3e78748.js(Line 2)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401220101/pubads_impl.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript error URL: https://bonus.plata-forma-nova.com/
Message:
Access to font at 'https://www.carpemundi.com.br/wp-content/themes/carpemundi/fonts/fontawesome-webfont.woff2?v=4.7.0' from origin 'https://bonus.plata-forma-nova.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.carpemundi.com.br/wp-content/themes/carpemundi/fonts/fontawesome-webfont.woff2?v=4.7.0
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://bonus.plata-forma-nova.com/
Message:
Access to font at 'https://www.carpemundi.com.br/wp-content/themes/carpemundi/fonts/fontawesome-webfont.woff?v=4.7.0' from origin 'https://bonus.plata-forma-nova.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.carpemundi.com.br/wp-content/themes/carpemundi/fonts/fontawesome-webfont.woff?v=4.7.0
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://bonus.plata-forma-nova.com/
Message:
Access to font at 'https://www.carpemundi.com.br/wp-content/themes/carpemundi/fonts/fontawesome-webfont.ttf?v=4.7.0' from origin 'https://bonus.plata-forma-nova.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.carpemundi.com.br/wp-content/themes/carpemundi/fonts/fontawesome-webfont.ttf?v=4.7.0
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5604719799704952&output=html&adk=1812271804&adf=3025194257&lmt=1706323591&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x675_l%7C308x675_r&format=0x0&url=https%3A%2F%2Fbonus.plata-forma-nova.com%2F&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.7&asamct=0.7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706323590583&bpp=5&bdt=396&idt=492&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=317533220682&frm=20&pv=2&ga_vid=1312026962.1706323591&ga_sid=1706323591&ga_hid=1333840735&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31080589%2C31080591%2C95322183%2C95320890%2C95321626%2C95322164%2C95323007&oid=2&pvsid=1143235603038385&tmod=1630422537&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=569
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5604719799704952&output=html&h=50&slotname=4686316025&adk=2458788269&adf=777406876&pi=t.ma~as.4686316025&w=320&lmt=1706323591&format=320x50&url=https%3A%2F%2Fbonus.plata-forma-nova.com%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706323590589&bpp=2&bdt=403&idt=615&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=317533220682&frm=20&pv=1&ga_vid=1312026962.1706323591&ga_sid=1706323591&ga_hid=1333840735&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31080589%2C31080591%2C95322183%2C95320890%2C95321626%2C95322164%2C95323007&oid=2&pvsid=1143235603038385&tmod=1630422537&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfnEr%7C&abl=CF&pfx=0&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=640
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://bonus.plata-forma-nova.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://bonus.plata-forma-nova.com/wp-content/plugins/mapsvg/maps/not-calibrated/world_high.svg?v=1
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5604719799704952&output=html&h=250&slotname=5936160424&adk=1791241607&adf=3173046727&pi=t.ma~as.5936160424&w=300&lmt=1667502608&format=300x250&url=https%3A%2F%2Fcf79cfae7bb2dd32cb36c1e0fa90ec92.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706323592688&bpp=15&bdt=249&idt=275&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&correlator=1810976650483&frm=22&ife=3&pv=2&ga_vid=1547679496.1706323593&ga_sid=1706323593&ga_hid=872662246&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1867882211&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079266%2C44798934%2C95320378%2C95320870%2C95320891%2C95321627%2C95322162%2C95323004&oid=2&pvsid=2359848741189240&tmod=1359917875&uas=0&nvt=1&top=https%3A%2F%2Fbonus.plata-forma-nova.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.m8k5twkph5ms&fsb=1&dtd=317
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5604719799704952&output=html&h=90&slotname=8132650740&adk=2591520744&adf=3173046726&pi=t.ma~as.8132650740&w=728&format=728x90&url=https%3A%2F%2Fbonus.plata-forma-nova.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706323592760&bpp=13&bdt=308&idt=433&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&correlator=1216494985688&frm=24&ife=3&pv=2&ga_vid=687456110.1706323593&ga_sid=1706323593&ga_hid=941625344&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1867882211&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31080590%2C44798934%2C44809004%2C95320890%2C95321626%2C95322162%2C95323007&oid=2&pvsid=951133427231841&tmod=1286738774&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.bdpcza9v5w9z&fsb=1&dtd=447
Message:
Failed to load resource: the server responded with a status of 403 ()
violation error URL: https://experiences.mrf.io/passexperience/dw-check.html?v=6(Line 71)
Message:
Permissions policy violation: payment is not allowed in this document.
javascript warning URL: https://viagemeturismo.abril.com.br/topo-parceiros/
Message:
The resource https://fonts.googleapis.com/css2?family=Montserrat%3Awght%40100%3B300%3B400%3B500%3B600%3B700%3B800%3B900&display=swap&ver=6.2.3 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://viagemeturismo.abril.com.br/topo-parceiros/
Message:
The resource https://viagemeturismo.abril.com.br/wp-content/uploads/2024/01/Tarte-Tatin-Rubaiyat2_credito_Caique-Diniz.jpg?quality=90&strip=info&w=1280&h=720&crop=1 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://viagemeturismo.abril.com.br/topo-parceiros/
Message:
The resource https://fonts.googleapis.com/css2?family=Red+Hat+Display%3Awght%40400%3B700&display=swap&ver=6.2.3 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://viagemeturismo.abril.com.br/topo-parceiros/
Message:
The resource https://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C900&display=swap&ver=6.2.3 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://bonus.plata-forma-nova.com/
Message:
The resource https://www.carpemundi.com.br/wp-content/themes/carpemundi/fonts/fontawesome-webfont.svg?v=4.7.0#fontawesomeregular was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bonus.plata-forma-nova.com
c.mgid.com
cf79cfae7bb2dd32cb36c1e0fa90ec92.safeframe.googlesyndication.com
events.newsroom.bi
experiences.mrf.io
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
jsc.mgid.com
pagead2.googlesyndication.com
sdk.mrf.io
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
viagemeturismo.abril.com.br
www.carpemundi.com.br
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.carpemundi.com.br
162.19.96.32
2606:4700:1::6813:824c
2606:4700:3033::6815:325a
2606:4700:3035::ac43:ce15
2607:f8b0:4004:c17::9c
2607:f8b0:4006:807::2002
2607:f8b0:4006:80c::2002
2607:f8b0:4006:80d::200a
2607:f8b0:4006:816::2004
2607:f8b0:4006:81c::2003
2607:f8b0:4006:81d::2001
2607:f8b0:4006:81d::2008
2607:f8b0:4006:81d::200e
2607:f8b0:4006:81e::2002
2607:f8b0:4006:820::2001
2607:f8b0:4006:821::2002
2a02:4780:13:901:0:61b:9d50:3
2a04:fa87:fffd::c000:42cd
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01ceac19d4db649328dab8cb759c7bcba6e3ca9f3605723bc0fdd80c1c4d2c2e
04928c593fd749c9d672b66b1a2369e85e9aebe7c15179cfb9f47a72486ca2d5
05ded66e4e6f8fef626c8bca46680341fed78704119e244366f25660f10faf68
067c25063af7fefa7a34e27f46398a86707af0989dc3a3447574b0687bd60ad3
0680e5ffd158219b2eda77ada4d5b4eb69afd340722b4b75a9772123b2775de0
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0aeafcb14791a703ad8e3a7d03b3b6a812ba36088893fcb1f05cd9843eac1416
0fbbe5bf3c8bf48e47d77eb1e1686b25f36db46112a3666985ac2a8fdc1e0dd1
1238ba04406c0c14e0aca071df26837c71ead0666be284a9da0a501646c2ce80
13787f66cc3a64d86b025d85c2c3e450fa4b9fb829b152e3ae0b079ca4130163
19fc2fb876cc79b24bc11abaf2a8627866ed5594dd1294fdbf4b05c809bd6c51
1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
2498c027559c4ae9a920e18e30031193148983e7ea195416d62c5d0ea2eaa3ac
270d5d47752cb5afe51fce9a7d8af0c341afa72408df9f6e4cb74f2345af5998
27cc56f66496107570b99426f973d5ceae66a57740d3259e0536b69f59714fdf
299f4b47fd667056f364ee7d834f149f46b322cb4840717a039cdd5048ced4f0
2b7719f517051ba364effe71e81d53d98d9c40bd86a96083056d6f1bcdde154b
2c81d879db2e17e16278cd197b81719661bb8f8c9e113d6bd76fae48cde9bed9
2ce35fa23b98a1b0ee32169e340bb98e39934b87ee0eb802b53ed49a39258ad8
32b42f9bc813dd6bad1b45129eade1df8dd1463908f79505209fbfa1aa71018a
33b2be560b1439c61e93123dc0f783f149bdba6bde76b68ad867c137bacf60e2
34b8c3101be713e3235b6ddeec9510258486da835ea11494edd90e941cbc7165
3619664b6a85b0c8a85d1d67d86cbf0b0c610f0f63389d8c7220c2f4a13f317f
376aba408c9fe4c01f4e72805d1657037f68c8255347d95d7eed978f9a297c8b
3d2c10cf69410c10177fc6e56937d05151b182841fa6aee36f651d587d91fbb8
3d70ce95eb1eb78620cc57fe1a6a479e6f2d70508bf813238e573863df000d6e
407e045f28cf74f9e1cad5d97ba3403e267117e161dfeaecdc009285f8fd476f
421a8c09b9830ecc9fff59051d9e4fc4fc3e120a6dc6397bef54cc211b214259
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
471e93bcda3878b64456cda05326feed034173ad4deb3a8d7ba68426555b3e43
4a3025d2ed5553151fc081ab69f3595b9e3e299d14c5e3c404ce779107dfc1b4
4b3f41912377796956c80c2f19411206767c6d76277eeca3b6fb503ee3ae54c6
4da656cd79e55a12a3b3673b04b20e51143a13eb2ce40eda9bc4b6c44e4443ce
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5b5523d1567bfe44515496eece612239cc514967bde2acf11c766c27ffa4fa61
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
61884a0b6bdc3ad0afa346246b74be988abb05384316fb3f48484cff4ab4084a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
635fd3db6b2c5b6b2500c0f3f83eb1bcbb41c5ad9f62ef0710468f8336fda467
69a53ae8e402a25abc88acf3fba1840ae7e371df38eee6dc6fc319462f7c2a88
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f8d91d4c25ac9b9eeb9123dbdec4e3513aecf826c4d9b6a7e37854ef2c242ca
7a3ceb60e0a1511f6b960bff0927c945915b1829fe62f82802e444dbacccdcee
8695ffba4c0e2365c1552c59667310e0fedcf146cbdf7de784e649f2210688dc
888c4ef4efa206954bcf0c9496ba33a2e5a8b860df2332fe39bb642a309df5af
89e274a69e6c678c418e5e8256b414ae7bd93c9d2ffc86f0a2491214171b486d
8beb06cb50c263e6adca4918781cfba2f783745c3a8336161d34a746c8d0a78a
8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6
8db884a803763d69afac285887d37c851961b4b91e824bdd9e2e5068b425f438
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
93a1e8c6b810c63830f3d3e2df06c17cd1e19bf0d406b8d0cb2b023cfded0a51
98ba12c3910067967f14111964cc4a7fa87a6c65ef840d208969939af0a77f5e
9ae848609cccf18610e7c6952fb3b9116e3c4a4d11357e1d71c6ba77abcc5247
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9d3eea5738077a2f0a2284196cf4a8a0caae61859e77001b5805b58b285d9329
9f71ad748a7714b924f1e831a18fbdca2ccdce485a99b73aff9f61ef1df13b41
9fc487a75eea98b11319aafde13f978f28438e37cd8bcf0fca3ac4f86812a607
a14ea03c678fe3a3ac453e1778b500e39bd693d46843141ad49536f0760012d2
a3752a2949557fce1c16be8f11e0fe710ecb1753b13554f51f9501e6f7525102
a46e7a88c12cb586f913ce211b11888c9b6bc9ca5dde35c67ff5e7612d079989
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ad4934095a0f35a24a0dfd4bb4b28184272713e6d249ef129cd22298a2683e2f
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af3ff7c00cb16b78db9d132f8b8a86ec4a8eb3a570037fed91180a2e942ffc35
af8491dd3281892dcbf8c6fa2714409ee1ecbe81885f7fcffd70b08f8cead5d0
b23e59d27002fea044f5a4fad4e292f163c0fbaf3f4d379390a61e13154da55c
b411ecd2fe60b754dee8afef998a6eedaf227996f9fe2d45f075b980e1c29075
b64f72a3a3030520eb1f4de8e7857a2d4ad02565414a6d6e8509379fbb2aff4e
b69a7259e54130c6c0853c3b4630e05d6a718be079f25976196bf5d29fe40f43
b9debcbf6dc127c66b8fec7262985158eb093cff674af9bbabfa2155f45fb9ab
bd534bb39a5f3e606b22603ee0047d6c715d9d9f42786990ec2c929cbf03a397
be0fae7a62c7d80dcf7ce440eed37d8c3bb105a95d2d449a15db575aa09fcab3
bf4333d4e1445ef7aebb1ee5ef2eeef9df95250e4ce3847b72189f2a6023df41
bfcc2143b6f0635117b7354d9c0965778cd10168c10ca661d0ce42af30820951
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c4866c723c789cf04a4900008e83e9a923d0209e0ee11f32a679c3ece024e103
c4ec171d8f202fb90c55007f2dc8ab43a7d089d5e7b717eb03b41fdb3907b261
c55359a9cd8b600dbbf91214cafa1c209b14df4a99ea7748b938f5464948f457
ccf948ea0efd67d5d0c952dd7e6e38ca1337620e2cee9c8b24345174965b1cfc
d6ce66f31110d4b9bb78658c36747004fce44b7c2dcdccaed317fda91ca0eca2
db3cbc3643a80f4fe16bf76f793014a895b356269e01260f4cc76659a5f734b7
dbd0a505d54460fd42c23674011bf2682ad001256e8f7f5ff9bc2b53ed214cd9
dbedd7f99218c9f85f5f7d65c1aed04b8b830c685c3eb0ec4ee489a90c3b746a
dca6351de5a9288d4d6431664599824235fd8d05e0faa5c92329b816c8bc5ce0
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfed60df6dddf414abf15c4a6714e8b558af56ccee0a491a9dafdc7ec637c811
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d3b79de35a2e0eb774f6408befe7560a5d549d3d82023ca5d04a5d70cfce3a
e680bdcd29f14f250c3300da8fc3955893325d0a867ed1b4481fbc7586ed5b4f
e6c6ee9e51b6887434eec83dd4fbd2d7ec4a18f89ac46ad6eebd9b4c17ee700b
e9ad1757eb986ec7d2eb77ebb5ca1a164b2dc229f07386bc7620ddb5d450d69e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0cef9525bfdcfdb0be1b6c383998415e77420adc017298a5d0a5a7114c139bd
f23cb4c67499b9876de26a739e8796e73d36c284d8e321670c6b7d3ca886005f
f29e1b27aa3363f288a4739c2ddb471dc7c7e388092bf85d9ed08f206f2c1caf
f99366d9fcf1debcfcb0b12df10ec0d81eae279034992c441e86235a4ba23549
fcc71ddf7994aa7db1397170a0272d8bf66543a600047021541ee87153455cd6
fdb6bbcf9ed555da2d286f7323550b223b163dc67d7772e673e23bd22440e45c