54.89.171.65 Open in urlscan Pro
54.89.171.65 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://54.89.171.65/
Submission: On December 12 via manual (December 12th 2022, 3:33:53 am UTC) from IN — Scanned from DE

Summary HTTP 70 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 46 IPs in 8 countries across 42 domains to perform 70 HTTP transactions. The main IP is 54.89.171.65, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is 54.89.171.65.

This is the only time 54.89.171.65 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
17	54.89.171.65 54.89.171.65	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	13.225.84.38 13.225.84.38	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:9000:20e... 2600:9000:20eb:1000:0:ee2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:20e... 2600:9000:20eb:a800:0:ee2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
5	2a03:2880:f08... 2a03:2880:f080:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a02:26f0:170... 2a02:26f0:1700:5::5f65:1b67	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:1901:0:a... 2600:1901:0:a5e4::	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	13.225.78.69 13.225.78.69	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f17... 2a03:2880:f173:81:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4 5	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:400c:c03::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
1 2	54.93.177.113 54.93.177.113	16509 (AMAZON-02) (AMAZON-02)
2 2	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
2	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	185.89.211.132 185.89.211.132	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	172.64.154.237 172.64.154.237	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	52.31.244.189 52.31.244.189	16509 (AMAZON-02) (AMAZON-02)
1	184.30.20.22 184.30.20.22	16625 (AKAMAI-AS) (AKAMAI-AS)
1	64.202.112.159 64.202.112.159	23352 (SERVERCEN...) (SERVERCENTRAL)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	35.157.59.48 35.157.59.48	16509 (AMAZON-02) (AMAZON-02)
1	185.86.139.113 185.86.139.113	201081 (SMARTADSE...) (SMARTADSERVER)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	23.218.209.56 23.218.209.56	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1	3.71.169.66 3.71.169.66	16509 (AMAZON-02) (AMAZON-02)
1	37.157.5.142 37.157.5.142	198622 (ADFORM) (ADFORM)
1	185.255.84.153 185.255.84.153	200271 (IGUANE-) (IGUANE-)
1 2	54.72.53.159 54.72.53.159	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.118 162.19.138.118	16276 (OVH) (OVH)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.28.183.187 52.28.183.187	16509 (AMAZON-02) (AMAZON-02)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2600:1f18:612... 2600:1f18:612b:4200:4221:38a7:d65:6c93	14618 (AMAZON-AES) (AMAZON-AES)
1	85.215.5.31 85.215.5.31	6786 (CRONON-BE...) (CRONON-BERLIN-AS)
1	184.31.94.14 184.31.94.14	16625 (AKAMAI-AS) (AKAMAI-AS)
1	54.155.179.95 54.155.179.95	16509 (AMAZON-02) (AMAZON-02)
1	54.194.57.229 54.194.57.229	16509 (AMAZON-02) (AMAZON-02)
1	3.136.99.143 3.136.99.143	16509 (AMAZON-02) (AMAZON-02)
70	46

17 54.89.171.65 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-89-171-65.compute-1.amazonaws.com

54.89.171.65	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.84.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-38.fra2.r.cloudfront.net

d2wy8f7a9ursnm.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:1000:0:ee2:240:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

selo.siteblindado.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:a800:0:ee2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

selo.siteblindado.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f080:9:face:b00c:0:3 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:1700:5::5f65:1b67 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

api.siteblindado.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:a5e4:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

notify.bugsnag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-69.fra2.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f173:81:face:b00c:0:25de (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638:1::13 (France) 4 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c03::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.93.177.113 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-177-113.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.98 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.211.132 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.154.237 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.31.244.189 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-244-189.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.20.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-22.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.159 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.157.59.48 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-59-48.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.113 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.218.209.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-209-56.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.71.169.66 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-169-66.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.5.142 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.153 (France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.72.53.159 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-53-159.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.118 (France)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.183.187 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-183-187.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4200:4221:38a7:d65:6c93 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.215.5.31 (Berlin, Germany)

ASN6786 (CRONON-BERLIN-AS, DE)

a.twiago.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.31.94.14 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-94-14.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.155.179.95 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-179-95.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.57.229 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-57-229.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.136.99.143 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-136-99-143.us-east-2.compute.amazonaws.com

s.thebrighttag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	criteo.com 5 redirects gum.criteo.com — Cisco Umbrella Rank: 399 mug.criteo.com — Cisco Umbrella Rank: 3032 sslwidget.criteo.com — Cisco Umbrella Rank: 1722 widget.us.criteo.com — Cisco Umbrella Rank: 22535 dis.criteo.com — Cisco Umbrella Rank: 700	13 KB
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 152	202 KB
3	doubleclick.net 2 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 81 cm.g.doubleclick.net — Cisco Umbrella Rank: 215	1 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	218 B
3	siteblindado.com 1 redirects selo.siteblindado.com — Cisco Umbrella Rank: 242828 api.siteblindado.com — Cisco Umbrella Rank: 128210	2 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 206	2 KB
2	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 287	506 B
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 684	854 B
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1317	2 KB
2	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 218	2 KB
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 290	874 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 28	20 KB
2	googletagmanager.com 1 redirects www.googletagmanager.com — Cisco Umbrella Rank: 47	65 KB
1	thebrighttag.com s.thebrighttag.com — Cisco Umbrella Rank: 1795	268 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 549	337 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 1924	220 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 5106	525 B
1	twiago.com a.twiago.com — Cisco Umbrella Rank: 41808	153 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2306	183 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 657	574 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1294	882 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 2571	274 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 448	1 KB
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 827	235 B
1	adform.net cm.adform.net — Cisco Umbrella Rank: 1537	162 B
1	emxdgt.com e1.emxdgt.com — Cisco Umbrella Rank: 770	55 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 350	140 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 1872	172 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1270	99 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 563	163 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 506	35 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 321	239 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 737	145 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 553	786 B
1	google.de www.google.de — Cisco Umbrella Rank: 7952	501 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	501 B
1	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 652	431 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 662	14 KB
1	bugsnag.com notify.bugsnag.com — Cisco Umbrella Rank: 1191	139 B
1	cloudfront.net d2wy8f7a9ursnm.cloudfront.net	3 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 311	29 KB
0	verisign.com Failed seal.verisign.com Failed
70	42

	Domain	Requested by
5	gum.criteo.com	4 redirects static.criteo.net
5	connect.facebook.net	54.89.171.65 connect.facebook.net
3	www.facebook.com	54.89.171.65
2	dpm.demdex.net	1 redirects
2	ups.analytics.yahoo.com	1 redirects
2	ad.360yield.com	1 redirects
2	r.casalemedia.com	1 redirects
2	ib.adnxs.com	2 redirects
2	dis.criteo.com
2	cm.g.doubleclick.net	2 redirects
2	x.bidswitch.net	1 redirects
2	www.google-analytics.com	54.89.171.65
2	www.googletagmanager.com	1 redirects 54.89.171.65
2	selo.siteblindado.com	1 redirects 54.89.171.65
1	s.thebrighttag.com
1	beacon.krxd.net
1	sync-criteo.ads.yieldmo.com
1	ad.yieldlab.net
1	a.twiago.com
1	criteo-partners.tremorhub.com
1	simage2.pubmatic.com
1	exchange.mediavine.com
1	matching.ivitrack.com
1	id5-sync.com
1	visitor.omnitagjs.com
1	cm.adform.net
1	e1.emxdgt.com
1	eb2.3lift.com
1	criteo-sync.teads.tv
1	sync-t1.taboola.com
1	rtb-csync.smartadserver.com
1	match.sharethrough.com
1	pixel.rubiconproject.com
1	sync.outbrain.com
1	contextual.media.net
1	widget.us.criteo.com	54.89.171.65
1	sslwidget.criteo.com	1 redirects
1	mug.criteo.com	54.89.171.65
1	www.google.de	54.89.171.65
1	www.google.com	54.89.171.65
1	stats.g.doubleclick.net	www.google-analytics.com
1	static.hotjar.com	54.89.171.65
1	static.criteo.net	www.googletagmanager.com
1	notify.bugsnag.com	54.89.171.65
1	api.siteblindado.com	selo.siteblindado.com
1	d2wy8f7a9ursnm.cloudfront.net	54.89.171.65
1	ajax.googleapis.com	54.89.171.65
0	seal.verisign.com Failed	54.89.171.65
70	48

This site contains links to these domains. Also see Links.

Domain
twitter.com
facebook.com
www.youtube.com
bluebox.inf.br

Subject Issuer	Validity	Valid
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-09-20` - `2022-12-19`	3 months	crt.sh
api.siteblindado.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-07-25`	a year	crt.sh
*.bugsnag.com Sectigo RSA Domain Validation Secure Server CA	`2022-04-26` - `2023-04-26`	a year	crt.sh
*.hotjar.com Amazon	`2022-10-25` - `2023-11-23`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-31` - `2023-01-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2022-11-06` - `2023-11-28`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.sharethrough.com Amazon	`2022-07-14` - `2023-08-12`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
teads.tv R3	`2022-10-27` - `2023-01-25`	3 months	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2022-05-18` - `2023-06-19`	a year	crt.sh
*.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-05-18` - `2023-06-16`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-21` - `2023-07-21`	a year	crt.sh
*.id5-sync.com R3	`2022-11-09` - `2023-02-07`	3 months	crt.sh
itm.ivitrack.com R3	`2022-12-05` - `2023-03-05`	3 months	crt.sh
exchange.mediavine.com Amazon	`2022-07-06` - `2023-08-04`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.tremorhub.com Amazon	`2022-03-24` - `2023-04-22`	a year	crt.sh
*.twiago.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-28` - `2023-12-29`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-15`	a year	crt.sh
*.ads.yieldmo.com Amazon	`2022-06-02` - `2023-07-01`	a year	crt.sh

This page contains 3 frames:

Primary Page: http://54.89.171.65/
Frame ID: 2AC97C36CDA5B5C6A806842BA381518E
Requests: 40 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=54.89.171.65&origin=onetag
Frame ID: C9565FF891F7A75DA8829667B99B3657
Requests: 2 HTTP requests in this frame

Frame: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-JXcwB9CiqrDiab1Ogu6x5PoKNsnuiGuV14sp-A&expires=30
Frame ID: 6C813B15675C32D3E6115C2EA20C0383
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

BugSnag (Analytics) Expand

Overall confidence: 100%
Detected patterns

/bugsnag.*\.js

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//static\.criteo\.net/js/ld/ld\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

70
Requests

46 %
HTTPS

31 %
IPv6

42
Domains

48
Subdomains

46
IPs

8
Countries

859 kB
Transfer

1625 kB
Size

44
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: http://twitter.com/hotmilhas

Search URL Search Domain Scan URL

URL: http://facebook.com/hotmilhasbrasil

Search URL Search Domain Scan URL

URL: http://www.youtube.com/user/hotmilhas

Search URL Search Domain Scan URL

URL: http://bluebox.inf.br/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

http://selo.siteblindado.com/aw.js HTTP 301
https://selo.siteblindado.com/aw.js

Request Chain 13

http://www.googletagmanager.com/gtm.js?id=GTM-HLTK HTTP 302
https://www.googletagmanager.com/gtm.js?id=GTM-HLTK

Request Chain 14

http://connect.facebook.net/pt_BR/all.js HTTP 307
https://connect.facebook.net/pt_BR/all.js

Request Chain 25

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 26

http://connect.facebook.net/en_US/fbds.js HTTP 307
https://connect.facebook.net/en_US/fbds.js

Request Chain 34

http://www.google-analytics.com/collect?v=1&_v=j98&a=1537569104&t=pageview&_s=1&dl=http%3A%2F%2F54.89.171.65%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=1754991920&gjid=1474107593&cid=1377435495.1670816028&tid=UA-20989104-1&_gid=566715448.1670816028&gtm=2wgbu0HLTK&z=2088922704 HTTP 307
https://www.google-analytics.com/collect?v=1&_v=j98&a=1537569104&t=pageview&_s=1&dl=http%3A%2F%2F54.89.171.65%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=1754991920&gjid=1474107593&cid=1377435495.1670816028&tid=UA-20989104-1&_gid=566715448.1670816028&gtm=2wgbu0HLTK&z=2088922704

Request Chain 38

https://gum.criteo.com/sid/json?origin=onetag&domain=54.89.171.65&sn=ChromeSyncframe&so=0&topUrl=54.89.171.65&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=H7oxMXxLUUFCUFZQa3cwdkRHcitFamFmQk5rK3BzRVNJOFhIUFJzY2VCdit2SWxVTmh0UUtoUFJNVGZyekRzbG05QUl0d3l4V2w3M0NNVElaUnNidm9HWXpadHBrb1ZlV3BYckdjMXc2VERycWN6UVVhVlFuQnhBdXlrbGFuYXczSG1FZTBvRFppa3dQZ2w1ZjFtQmJFWGxzVTRlZWozRXlGeCtScndYQlEzRzJoMHBqQlcxSWxqeTJNTmVMRXFnRytWZDBrVlliNDN2dk5XemJZdUxtbHhQMktaREdiMXUwRVpWUE80SzRscTNwYmlMbXBqT3V0SGxhalRxbXBNNmd5RForWUJ2MFplaGFmTVgrdDQ4K2tiaEZWdz09fA&cppv=2

Request Chain 39

https://sslwidget.criteo.com/event?a=11517&v=5.12.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh%26si%3D1&p3=e%3Ddis&adce=1&bundle=LVKby19JYWJ2U3NVQTdIVzJyU0t0JTJCcFlrTE5XMXdLZGFHVVhMWVlENkZ4MXBKREVYd0lDdlUlMkJsOXFFY1g2Wjk1cklpSnAzQlYlMkJ6VFhyNVZHa0NQNTV0d29JYnpPUVpiYktEQ2wlMkZqUVdxcCUyQmZCJTJGd29EMmRFNFVGSFZ4M2ZIOEN1R3FWN05oSXhQeGFNeTdtczB2eGtoZFBFY1ElM0QlM0Q&tld=54.89.171.65&fu=http%253A%252F%252F54.89.171.65%252F&dtycbr=95490 HTTP 302
https://widget.us.criteo.com/event?a=11517&v=5.12.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh%26si%3D1&p3=e%3Ddis&adce=1&bundle=LVKby19JYWJ2U3NVQTdIVzJyU0t0JTJCcFlrTE5XMXdLZGFHVVhMWVlENkZ4MXBKREVYd0lDdlUlMkJsOXFFY1g2Wjk1cklpSnAzQlYlMkJ6VFhyNVZHa0NQNTV0d29JYnpPUVpiYktEQ2wlMkZqUVdxcCUyQmZCJTJGd29EMmRFNFVGSFZ4M2ZIOEN1R3FWN05oSXhQeGFNeTdtczB2eGtoZFBFY1ElM0QlM0Q&tld=54.89.171.65&fu=http%253A%252F%252F54.89.171.65%252F&dtycbr=95490

Request Chain 40

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-JXcwB9CiqrDiab1Ogu6x5PoKNsnuiGuV14sp-A&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-JXcwB9CiqrDiab1Ogu6x5PoKNsnuiGuV14sp-A&expires=30

Request Chain 41

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-7yJendCiqrDiab1Ogu6x5PoKNsnbraOSg0cb1Q&google_cm&google_hm=ay03eUplbmRDaXFyRGlhYjFPZ3U2eDVQb0tOc25icmFPU2cwY2IxUQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-7yJendCiqrDiab1Ogu6x5PoKNsnbraOSg0cb1Q&google_cm=&google_hm=ay03eUplbmRDaXFyRGlhYjFPZ3U2eDVQb0tOc25icmFPU2cwY2IxUQ&google_tc= HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-7yJendCiqrDiab1Ogu6x5PoKNsnbraOSg0cb1Q&google_gid=CAESEAze3UcytX60nx29snQNKGI&google_cver=1&google_ula=913071,0

Request Chain 42

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8421027678996459715

Request Chain 43

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-6KQVL9CiqrDiab1Ogu6x5PoKNsltWJmEw39GQA HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-6KQVL9CiqrDiab1Ogu6x5PoKNsltWJmEw39GQA&C=1

Request Chain 44

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-ABlI2dCiqrDiab1Ogu6x5PoKNskKx1nePbP8LA HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-ABlI2dCiqrDiab1Ogu6x5PoKNskKx1nePbP8LA

Request Chain 53

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-zsO9htCiqrDiab1Ogu6x5PoKNsmeUPSzVCrWew HTTP 302
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-zsO9htCiqrDiab1Ogu6x5PoKNsmeUPSzVCrWew&verify=true

Request Chain 57

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=aNp8EvxK5A4lO4y1EJwgi0IYxQ2hpPcR HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=aNp8EvxK5A4lO4y1EJwgi0IYxQ2hpPcR

Request Chain 66

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=IRWCQ74AIBPf5gDYroNTTFUwMlFblHgz

Request Chain 68

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=cO-Qr3ZqrX-xghrEMNr1Q5mp2p_K0_b8

70 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
54.89.171.65/ 34 KB
10 KB 292ms
184ms Document
text/html 54.89.171.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://54.89.171.65/
Protocol: HTTP/1.1
Server: 54.89.171.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-89-171-65.compute-1.amazonaws.com
Software: nginx/1.11.9 /
Resource Hash: 5f4c033e62805a8e8d2e6c82154293150d175a41696f32e4758b4b17b733c50c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 12 Dec 2022 03:33:46 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: nginx/1.11.9
Transfer-Encoding: chunked
X-Pingback: /xmlrpc.php

GET
H/1.1 200
OK bootstrap.min.css
54.89.171.65/wp-content/themes/hotmilhas/ 78 KB
78 KB 108ms
107ms Stylesheet
text/css 54.89.171.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://54.89.171.65/wp-content/themes/hotmilhas/bootstrap.min.css
Requested by: Host: 54.89.171.65
URL: http://54.89.171.65/
Protocol: HTTP/1.1
Server: 54.89.171.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-89-171-65.compute-1.amazonaws.com
Software: nginx/1.11.9 /
Resource Hash: 76f562f245cd41c0b60096ff52bab9c1ac789cc85c8a4d9de3cbd55b3f803100

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://54.89.171.65/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Mon, 12 Dec 2022 03:33:47 GMT
Last-Modified: Mon, 24 Jul 2017 13:26:06 GMT
Server: nginx/1.11.9
ETag: "5975f56e-13665"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 79461

GET
H/1.1 200
OK style.css
54.89.171.65/wp-content/themes/hotmilhas/css/ 20 KB
20 KB 218ms
107ms Stylesheet
text/css 54.89.171.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://54.89.171.65/wp-content/themes/hotmilhas/css/style.css
Requested by: Host: 54.89.171.65
URL: http://54.89.171.65/
Protocol: HTTP/1.1
Server: 54.89.171.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-89-171-65.compute-1.amazonaws.com
Software: nginx/1.11.9 /
Resource Hash: 11c2d663d4fdcddd4948990b31deebcf06eaff82b79d909a869352a1f79f024b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://54.89.171.65/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Mon, 12 Dec 2022 03:33:47 GMT
Last-Modified: Mon, 24 Jul 2017 13:26:06 GMT
Server: nginx/1.11.9
ETag: "5975f56e-4f87"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20359

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.0.0/ 81 KB
29 KB 76ms
38ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/2.0.0/jquery.min.js

Requested by

Host: 54.89.171.65
URL: http://54.89.171.65/

Protocol

HTTP/1.1

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d482871a5e948cb4884fa0972ea98a81abca057b6bd3f8c995a18c12487e761c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://54.89.171.65/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 06 Dec 2022 14:20:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 479614
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 29195
X-XSS-Protection: 0
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Vary: Accept-Encoding
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Wed, 06 Dec 2023 14:20:13 GMT

GET
H/1.1 200
OK jquery.validate.min.js Show response
54.89.171.65/wp-content/themes/hotmilhas/js/ 34 KB
35 KB 218ms
107ms Script
application/javascript 54.89.171.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://54.89.171.65/wp-content/themes/hotmilhas/js/jquery.validate.min.js
Requested by: Host: 54.89.171.65
URL: http://54.89.171.65/
Protocol: HTTP/1.1
Server: 54.89.171.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-89-171-65.compute-1.amazonaws.com
Software: nginx/1.11.9 /
Resource Hash: d899e7a3f2f2f97d327993076307781b6b7bd5ba6c726debd00f33b5f4868abc

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://54.89.171.65/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Mon, 12 Dec 2022 03:33:47 GMT
Last-Modified: Mon, 24 Jul 2017 13:26:06 GMT
Server: nginx/1.11.9
ETag: "5975f56e-8995"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35221

GET
H/1.1 200
OK javascript.js Show response
54.89.171.65/wp-content/themes/hotmilhas/js/ 3 KB
3 KB 218ms
108ms Script
application/javascript 54.89.171.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://54.89.171.65/wp-content/themes/hotmilhas/js/javascript.js
Requested by: Host: 54.89.171.65
URL: http://54.89.171.65/
Protocol: HTTP/1.1
Server: 54.89.171.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-89-171-65.compute-1.amazonaws.com
Software: nginx/1.11.9 /
Resource Hash: 88fb2f40aa5aadc3e50072ee76c0df24c99995f33f996cfea8653502a2de38d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://54.89.171.65/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Mon, 12 Dec 2022 03:33:47 GMT
Last-Modified: Mon, 24 Jul 2017 13:26:06 GMT
Server: nginx/1.11.9
ETag: "5975f56e-be1"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3041

GET
H/1.1 200
OK admin-bar.css
54.89.171.65/wp-includes/css/ 11 KB
12 KB 217ms
107ms Stylesheet
text/css 54.89.171.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://54.89.171.65/wp-includes/css/admin-bar.css?ver=3.4.2
Requested by: Host: 54.89.171.65
URL: http://54.89.171.65/
Protocol: HTTP/1.1
Server: 54.89.171.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-89-171-65.compute-1.amazonaws.com
Software: nginx/1.11.9 /
Resource Hash: 89f5f72946aa1eb59edc1369a9b1f30a2909b856478440ff21e90197b35e3aed

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://54.89.171.65/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Mon, 12 Dec 2022 03:33:47 GMT
Last-Modified: Mon, 24 Jul 2017 13:26:07 GMT
Server: nginx/1.11.9
ETag: "5975f56f-2d1b"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11547

GET
H/1.1 200
OK bugsnag-2.min.js Show response
d2wy8f7a9ursnm.cloudfront.net/ 6 KB
3 KB 35ms
7ms Script
application/javascript 13.225.84.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://d2wy8f7a9ursnm.cloudfront.net/bugsnag-2.min.js
Requested by: Host: 54.89.171.65
URL: http://54.89.171.65/
Protocol: HTTP/1.1
Server: 13.225.84.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-84-38.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://54.89.171.65/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id: null
Content-Encoding: gzip
Via: 1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
Date: Sun, 11 Dec 2022 05:11:37 GMT
X-Amz-Cf-Pop: FRA2-C2
Age: 80531
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 2962
Last-Modified: Wed, 10 Aug 2016 00:30:49 GMT
Server: AmazonS3
ETag: "6103bb5e4ec6141e19e1100caafc780c"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=604800
Accept-Ranges: bytes
X-Amz-Cf-Id: XejhQywULh9mM5F7jq4xhtOcI5yU9cPq075FDIO3jbKp3tj_PFEjSA==

GET
H/1.1 200
OK logo.png
54.89.171.65/wp-content/themes/hotmilhas/images/ 5 KB
5 KB 108ms
107ms Image
image/png 54.89.171.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://54.89.171.65/wp-content/themes/hotmilhas/images/logo.png
Requested by: Host: 54.89.171.65
URL: http://54.89.171.65/
Protocol: HTTP/1.1
Server: 54.89.171.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-89-171-65.compute-1.amazonaws.com
Software: nginx/1.11.9 /
Resource Hash: dae61997696481be5f7c2e05b4460e815af9295d681e159f9a3e77b28709b142

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://54.89.171.65/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Mon, 12 Dec 2022 03:33:47 GMT
Last-Modified: Mon, 24 Jul 2017 13:26:06 GMT
Server: nginx/1.11.9
ETag: "5975f56e-148d"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5261
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1

200
OK

aw.js Show response
selo.siteblindado.com/
Redirect Chain

http://selo.siteblindado.com/aw.js
https://selo.siteblindado.com/aw.js

2 KB
2 KB

26ms
8ms

Script
application/javascript

2600:9000:20eb:a800:0:ee2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://selo.siteblindado.com/aw.js
Requested by: Host: 54.89.171.65
URL: http://54.89.171.65/
Protocol: HTTP/1.1
Server: 2600:9000:20eb:a800:0:ee2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 081b26433bd1ca389f3dca19b907a78a7c66075f9bd920e42d707bfcbc0bc976

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://54.89.171.65/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Sun, 11 Dec 2022 23:59:33 GMT
Content-Encoding: gzip
Via: 1.1 cb33a7a4640adbb55df3e0d143601558.cloudfront.net (CloudFront)
Last-Modified: Tue, 22 Mar 2022 14:30:37 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA2-C1
Age: 12855
ETag: W/"e038fbe38f630f9ab40b1177a5cad5cb"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: ImbXBoA9kQAHvEvFhuAAv3l0eITqzeyUWGCqqZGyng0I1jvW4ntQRA==

Redirect headers

Date: Mon, 12 Dec 2022 03:33:47 GMT
Via: 1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: FRA2-C1
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://selo.siteblindado.com/aw.js
Connection: keep-alive
Content-Length: 167
X-Amz-Cf-Id: YjHXZAkx7zAdpZtM9TcK0wQWSnZYbiQ8ZGogZVtoXaHXEDiwpGI7bg==

GET getseal
seal.verisign.com/ 0
0

GET
H/1.1 200
OK faixa-site-hotmilhas.png
54.89.171.65/wp-content/themes/hotmilhas/images/ 114 KB
115 KB 108ms
108ms Image
image/png 54.89.171.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://54.89.171.65/wp-content/themes/hotmilhas/images/faixa-site-hotmilhas.png
Requested by: Host: 54.89.171.65
URL: http://54.89.171.65/
Protocol: HTTP/1.1
Server: 54.89.171.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-89-171-65.compute-1.amazonaws.com
Software: nginx/1.11.9 /
Resource Hash: 997df60a252b320f79393c768669ede850666a1c6d9317c26a80f966024ec2a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://54.89.171.65/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Mon, 12 Dec 2022 03:33:47 GMT
Last-Modified: Mon, 24 Jul 2017 13:26:06 GMT
Server: nginx/1.11.9
ETag: "5975f56e-1c91d"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 117021
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK logobaixo.png
54.89.171.65/wp-content/themes/hotmilhas/images/ 1 KB
2 KB 108ms
108ms Image
image/png 54.89.171.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://54.89.171.65/wp-content/themes/hotmilhas/images/logobaixo.png
Requested by: Host: 54.89.171.65
URL: http://54.89.171.65/
Protocol: HTTP/1.1
Server: 54.89.171.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-89-171-65.compute-1.amazonaws.com
Software: nginx/1.11.9 /
Resource Hash: 05a7527b88662f71a033cb69e1f093cb42a5c3a928cfe4f2dc4bdb2772729f35

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://54.89.171.65/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Mon, 12 Dec 2022 03:33:47 GMT
Last-Modified: Mon, 24 Jul 2017 13:26:06 GMT
Server: nginx/1.11.9
ETag: "5975f56e-593"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1427
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK load-scripts.php Show response
54.89.171.65/wp-admin/ 5 KB
5 KB 110ms
109ms Script
application/x-javascript 54.89.171.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://54.89.171.65/wp-admin/load-scripts.php?c=0&load=admin-bar&ver=3.4.2
Requested by: Host: 54.89.171.65
URL: http://54.89.171.65/
Protocol: HTTP/1.1
Server: 54.89.171.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-89-171-65.compute-1.amazonaws.com
Software: nginx/1.11.9 /
Resource Hash: 1cd0c9d5a1e5ed078d612bc6fd0325affae014d769c6d146154a38063804efcb

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://54.89.171.65/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: application/x-javascript; charset=UTF-8
Date: Mon, 12 Dec 2022 03:33:47 GMT
Cache-Control: public, max-age=31536000
Server: nginx/1.11.9
Connection: keep-alive
Transfer-Encoding: chunked
Expires: Tue, 12 Dec 2023 03:33:47 GMT

GET
H2

200

gtm.js Show response
www.googletagmanager.com/
Redirect Chain

http://www.googletagmanager.com/gtm.js?id=GTM-HLTK
https://www.googletagmanager.com/gtm.js?id=GTM-HLTK

189 KB
65 KB

135ms
55ms

Script
application/javascript

2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-HLTK

Requested by

Host: 54.89.171.65
URL: http://54.89.171.65/

Protocol

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a45d51c153cf96db9d27accc9b28a01b4612e58d9c1a22ee4899cec2b563505c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://54.89.171.65/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 03:33:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66265
x-xss-protection: 0
last-modified: Mon, 12 Dec 2022 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 12 Dec 2022 03:33:47 GMT

Redirect headers

Location: https://www.googletagmanager.com/gtm.js?id=GTM-HLTK
Date: Mon, 12 Dec 2022 03:33:47 GMT
Cross-Origin-Resource-Policy: cross-origin
Server: Google Tag Manager
Content-Length: 248
X-XSS-Protection: 0
Content-Type: text/html; charset=UTF-8

GET
H2

200

all.js Show response
connect.facebook.net/pt_BR/
Redirect Chain

http://connect.facebook.net/pt_BR/all.js
https://connect.facebook.net/pt_BR/all.js

3 KB
2 KB

48ms
16ms

Script
application/x-javascript

2a03:2880:f080:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/all.js

Requested by

Host: 54.89.171.65
URL: http://54.89.171.65/

Protocol

Server

2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6eb5d6c3f6739e2b5cfbb93f4151b56203ed85fe129e2dce0bb8a1b447179c82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://54.89.171.65/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 12 Dec 2022 03:33:47 GMT
content-md5: yf6wwo2uHsOvRWBJue1WXA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: Btn33Z1lZF4hRfaxOl83TprBSfuDP5TiTph9KrWfEfp7GJhfCti6gIjXfab4UfPLB6ABnOjDf8knRyuOHFnlHw==
x-fb-trip-id: 1679558926
x-fb-content-md5: c1d773c8da2628619c8d0889038058f3
cross-origin-opener-policy: same-origin-allow-popups
etag: "8284da5bf461776730e4e682b467cd43"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 12 Dec 2022 03:51:09 GMT

Redirect headers

Location: https://connect.facebook.net/pt_BR/all.js#xfbml=1
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK btn_vermelho.png
54.89.171.65/wp-content/themes/hotmilhas/images/ 60 KB
60 KB 107ms
107ms Image
image/png 54.89.171.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://54.89.171.65/wp-content/themes/hotmilhas/images/btn_vermelho.png
Requested by: Host: 54.89.171.65
URL: http://54.89.171.65/wp-content/themes/hotmilhas/css/style.css
Protocol: HTTP/1.1
Server: 54.89.171.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-89-171-65.compute-1.amazonaws.com
Software: nginx/1.11.9 /
Resource Hash: b7d8718f4220f433ee17f591ab8410d4302ac57fbfb8586eda22c2dbf0a80c02

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://54.89.171.65/wp-content/themes/hotmilhas/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Mon, 12 Dec 2022 03:33:47 GMT
Last-Modified: Mon, 24 Jul 2017 13:26:06 GMT
Server: nginx/1.11.9
ETag: "5975f56e-ee46"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 60998
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 all.js Show response
connect.facebook.net/pt_BR/ 308 KB
86 KB 33ms
15ms Script
application/x-javascript 2a03:2880:f080:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/all.js?hash=dddd701e3a25b5550f383bbdf0eb071f

Requested by

Host: connect.facebook.net
URL: http://connect.facebook.net/pt_BR/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cc4dd6098a998320f68ce1e0fe0eb954f88706472b747a41752a0d95992350da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://54.89.171.65/
Origin: http://54.89.171.65
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 12 Dec 2022 03:33:47 GMT
content-md5: EY1G8aDN8bSZnaMWFufVbw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88356
x-fb-rlafr: 0
x-fb-debug: Arl0/9vPA9OHZ4dE8D84scMhBcAVTF9eYT4b/xQB3DUoRMZIpFk3MX6ZBypM2ELIDMSBVAMphmRxLTgq4E+GYA==
x-fb-content-md5: eb282f74a1f17a5d77184a2d32983952
cross-origin-opener-policy: same-origin-allow-popups
etag: "d4e90aefe54a0790563fc6bd879e637a"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 12 Dec 2023 02:50:51 GMT

GET
H2 404 info Show response
api.siteblindado.com/54.89.171.65/ 0
327 B 411ms
369ms Fetch
application/json 2a02:26f0:1700:5::5f65:1b67
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://api.siteblindado.com/54.89.171.65/info
Requested by: Host: selo.siteblindado.com
URL: http://selo.siteblindado.com/aw.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:5::5f65:1b67 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://54.89.171.65/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 03:33:47 GMT
x-amzn-remapped-content-length: 0
x-amz-cf-pop: FRA60-P1
x-amzn-trace-id: Root=1-6396a11b-766a08372f0ccac345448732
x-amzn-requestid: 8dbbf30c-db0a-4ef3-8922-b2b04d115bd3
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: application/json
access-control-allow-origin: *
x-amz-apigw-id: dA4cXGinIAMFeBQ=
content-length: 0
x-amz-cf-id: yp69MvycxUxeSr6D_nyJ-J7VtFPMTYt-NVurFbOLC245r24sYXnzMw==

GET
H/1.1 200
OK sprite.jpg
54.89.171.65/wp-content/themes/hotmilhas/images/ 103 KB
103 KB 242ms
107ms Image
image/jpeg 54.89.171.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://54.89.171.65/wp-content/themes/hotmilhas/images/sprite.jpg
Requested by: Host: 54.89.171.65
URL: http://54.89.171.65/wp-content/themes/hotmilhas/css/style.css
Protocol: HTTP/1.1
Server: 54.89.171.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-89-171-65.compute-1.amazonaws.com
Software: nginx/1.11.9 /
Resource Hash: c7c010374d5d7b4e17da7e3bc163f2ee60d57df9b18190ff780af65d6aa53400

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://54.89.171.65/wp-content/themes/hotmilhas/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Mon, 12 Dec 2022 03:33:47 GMT
Last-Modified: Mon, 24 Jul 2017 13:26:06 GMT
Server: nginx/1.11.9
ETag: "5975f56e-19a3d"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 105021
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 404
Not Found glyphicons-halflings.png
54.89.171.65/wp-content/themes/images/ 9 KB
9 KB 284ms
189ms Image
text/html 54.89.171.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://54.89.171.65/wp-content/themes/images/glyphicons-halflings.png
Requested by: Host: 54.89.171.65
URL: http://54.89.171.65/wp-content/themes/hotmilhas/bootstrap.min.css
Protocol: HTTP/1.1
Server: 54.89.171.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-89-171-65.compute-1.amazonaws.com
Software: nginx/1.11.9 /
Resource Hash: f6e0daa7e79c6a69c2fb74520dd3e384fd665af064fa121593530d89764ef389

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://54.89.171.65/wp-content/themes/hotmilhas/bootstrap.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Dec 2022 03:33:47 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Dec 2022 03:33:47 GMT
Server: nginx/1.11.9
Transfer-Encoding: chunked
X-Pingback: /xmlrpc.php
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK degrade_fundo.png
54.89.171.65/wp-content/themes/hotmilhas/images/ 3 KB
4 KB 124ms
107ms Image
image/png 54.89.171.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://54.89.171.65/wp-content/themes/hotmilhas/images/degrade_fundo.png
Requested by: Host: 54.89.171.65
URL: http://54.89.171.65/wp-content/themes/hotmilhas/css/style.css
Protocol: HTTP/1.1
Server: 54.89.171.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-89-171-65.compute-1.amazonaws.com
Software: nginx/1.11.9 /
Resource Hash: fcc0faf06284bed93832588df3dc6dbb26eef427e6c70c3fd46507bbef05a5f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://54.89.171.65/wp-content/themes/hotmilhas/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Mon, 12 Dec 2022 03:33:47 GMT
Last-Modified: Mon, 24 Jul 2017 13:26:06 GMT
Server: nginx/1.11.9
ETag: "5975f56e-d45"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3397
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK cifrao.png
54.89.171.65/wp-content/themes/hotmilhas/images/ 6 KB
7 KB 125ms
107ms Image
image/png 54.89.171.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://54.89.171.65/wp-content/themes/hotmilhas/images/cifrao.png
Requested by: Host: 54.89.171.65
URL: http://54.89.171.65/wp-content/themes/hotmilhas/css/style.css
Protocol: HTTP/1.1
Server: 54.89.171.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-89-171-65.compute-1.amazonaws.com
Software: nginx/1.11.9 /
Resource Hash: e58b2e7582816d8053e22f830e4c5d9d9d3808ffbe12c5e83f336d7a3efda190

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://54.89.171.65/wp-content/themes/hotmilhas/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Mon, 12 Dec 2022 03:33:47 GMT
Last-Modified: Mon, 24 Jul 2017 13:26:06 GMT
Server: nginx/1.11.9
ETag: "5975f56e-198d"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6541
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK balao.png
54.89.171.65/wp-content/themes/hotmilhas/images/ 5 KB
6 KB 125ms
107ms Image
image/png 54.89.171.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://54.89.171.65/wp-content/themes/hotmilhas/images/balao.png
Requested by: Host: 54.89.171.65
URL: http://54.89.171.65/wp-content/themes/hotmilhas/css/style.css
Protocol: HTTP/1.1
Server: 54.89.171.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-89-171-65.compute-1.amazonaws.com
Software: nginx/1.11.9 /
Resource Hash: c096538b906044137762f4805f1a1f1b4b7e094b259f4caa3dc24102c32f839f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://54.89.171.65/wp-content/themes/hotmilhas/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Mon, 12 Dec 2022 03:33:47 GMT
Last-Modified: Mon, 24 Jul 2017 13:26:06 GMT
Server: nginx/1.11.9
ETag: "5975f56e-1524"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5412
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK logos.jpg
54.89.171.65/wp-content/themes/hotmilhas/images/ 29 KB
29 KB 107ms
107ms Image
image/jpeg 54.89.171.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://54.89.171.65/wp-content/themes/hotmilhas/images/logos.jpg
Requested by: Host: 54.89.171.65
URL: http://54.89.171.65/wp-content/themes/hotmilhas/css/style.css
Protocol: HTTP/1.1
Server: 54.89.171.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-89-171-65.compute-1.amazonaws.com
Software: nginx/1.11.9 /
Resource Hash: c0700be2cf4f4c0aef6502f2550825acc7a2f2838677cd1e5899871521c4d02a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://54.89.171.65/wp-content/themes/hotmilhas/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Mon, 12 Dec 2022 03:33:47 GMT
Last-Modified: Mon, 24 Jul 2017 13:26:06 GMT
Server: nginx/1.11.9
ETag: "5975f56e-72bc"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29372
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js
notify.bugsnag.com/ 0
139 B 360ms
182ms Image
image/jpeg 2600:1901:0:a5e4::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notify.bugsnag.com/js?notifierVersion=2.5.0&apiKey=7e98df550619c0fc7f4a81f19d711425&projectRoot=http%3A%2F%2F54.89.171.65&context=%2F&&releaseStage=production&url=http%3A%2F%2F54.89.171.65%2F&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.98%20Safari%2F537.36&language=en-US&severity=error&name=TypeError&message=Uncaught%20TypeError%3A%20%24(...).colorbox%20is%20not%20a%20function&stacktrace=TypeError%3A%20%24(...).colorbox%20is%20not%20a%20function%0A%20%20%20%20at%20HTMLDocument.%3Canonymous%3E%20(http%3A%2F%2F54.89.171.65%2F%3A68%3A19)%0A%20%20%20%20at%20l%20(http%3A%2F%2Fajax.googleapis.com%2Fajax%2Flibs%2Fjquery%2F2.0.0%2Fjquery.min.js%3A4%3A24584)%0A%20%20%20%20at%20Object.fireWith%20%5Bas%20resolveWith%5D%20(http%3A%2F%2Fajax.googleapis.com%2Fajax%2Flibs%2Fjquery%2F2.0.0%2Fjquery.min.js%3A4%3A25405)%0A%20%20%20%20at%20Function.ready%20(http%3A%2F%2Fajax.googleapis.com%2Fajax%2Flibs%2Fjquery%2F2.0.0%2Fjquery.min.js%3A4%3A2897)%0A%20%20%20%20at%20HTMLDocument.S%20(http%3A%2F%2Fajax.googleapis.com%2Fajax%2Flibs%2Fjquery%2F2.0.0%2Fjquery.min.js%3A4%3A550)&file=http%3A%2F%2F54.89.171.65%2F&lineNumber=68&columnNumber=19&payloadVersion=2&ct=img&cb=1670816027501
Requested by: Host: 54.89.171.65
URL: http://54.89.171.65/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:a5e4:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://54.89.171.65/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 12 Dec 2022 03:33:47 GMT
via: 1.1 google
bugsnag-event-id: 6396a11b00a3343b1e3f0000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: image/jpeg

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

49 KB
20 KB

114ms
35ms

Script
text/javascript

2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: 54.89.171.65
URL: http://54.89.171.65/

Protocol

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://54.89.171.65/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 12 Dec 2022 03:15:46 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 1081
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Mon, 12 Dec 2022 05:15:46 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H3

200

fbds.js Show response
connect.facebook.net/en_US/
Redirect Chain

http://connect.facebook.net/en_US/fbds.js
https://connect.facebook.net/en_US/fbds.js

4 KB
2 KB

29ms
15ms

Script
application/x-javascript

2a03:2880:f080:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbds.js

Requested by

Host: 54.89.171.65
URL: http://54.89.171.65/

Protocol

Server

2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3b6ca3d3169da6f83906115929fcbb672fa1adf40853fa4fd1a513e589e8098c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://54.89.171.65/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 12 Dec 2022 03:33:47 GMT
content-md5: hICti76p1/sYotr0HXoHSg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2165
x-fb-rlafr: 0
x-fb-debug: MQ67UaWxnKnhAgKT5Wp4r1JkBi79nbYdokcx10N3I2y0Yub80XU+Gu8c1IUInXPsAbHYd77cy7V0XaTCFF9Org==
x-fb-content-md5: 47651f8daf6436e8e238512bc4b70cca
cross-origin-opener-policy: same-origin-allow-popups
etag: "f83620a4912a65a62509c1607877386f"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
priority: u=3,i
expires: Mon, 12 Dec 2022 03:33:47 GMT

Redirect headers

Location: https://connect.facebook.net/en_US/fbds.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK ld.js Show response
static.criteo.net/js/ld/ 42 KB
14 KB 90ms
16ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

http://static.criteo.net/js/ld/ld.js

Requested by

Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtm.js?id=GTM-HLTK

Protocol

HTTP/1.1

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

d6c1aa198589b0a87b22f515905607c1c11839948491cea44a74b88116b40561

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://54.89.171.65/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 03:33:47 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 08 Nov 2022 15:05:46 GMT
server: nginx
etag: W/"636a704a-a8d9"
transfer-encoding: chunked
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 13 Dec 2022 03:33:47 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
27 KB 33ms
16ms Script
application/x-javascript 2a03:2880:f080:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: 54.89.171.65
URL: http://54.89.171.65/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

737be8d2a2db4d729155190f62d3b1f656cdaec35b42b59eeeda3043246a50cd

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://54.89.171.65/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 12 Dec 2022 03:33:47 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27317
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 4VtHIjnJFdooU3hkwBbvP0zU3yNS9CCHdeMtJhDGCqabcdL/n6g+SMquLRKjdN1RL19UY+CRmTeT0MMaULM7uA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 hotjar-1667030.js Show response
static.hotjar.com/c/ 0
431 B 75ms
37ms Script
application/javascript 13.225.78.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1667030.js?sv=6

Requested by

Host: 54.89.171.65
URL: http://54.89.171.65/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-69.fra2.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://54.89.171.65/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
date: Mon, 12 Dec 2022 03:33:47 GMT
x-content-type-options: nosniff
via: 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
etag: W/d41d8cd98f00b204e9800998ecf8427e
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
content-length: 0
x-amz-cf-id: mx8JPePfftL8FP-v97JkObHsjDkXBA6YORJd8q3fI-ToRNEG1ZnG8w==

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 49ms
16ms Image
text/plain 2a03:2880:f173:81:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1455539808071761&ev=PixelInitialized&dl=http%3A%2F%2F54.89.171.65%2F&rl=&if=false&ts=1670816027709

Requested by

Host: 54.89.171.65
URL: http://54.89.171.65/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f173:81:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://54.89.171.65/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 12 Dec 2022 03:33:47 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 165602000533893 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 70ms
69ms Script
application/x-javascript 2a03:2880:f080:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/165602000533893?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b6fde08e06c184b997b1d987daaa712bc0267129a6ef9476ed03d7fe040274a8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://54.89.171.65/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 12 Dec 2022 03:33:47 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: Mde5zuvwykrQEuEq+ZLlfaZnWDA6HjppRYQWhC6HpJSPAsQvwjbgyYV2zhGLQoqd1CuE3ts4y+n1HN7OQJQjpQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame C956 15 KB
6 KB 342ms
15ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=54.89.171.65&origin=onetag

Requested by

Host: static.criteo.net
URL: http://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: http://54.89.171.65/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 12 Dec 2022 03:33:47 GMT
server: Kestrel
server-processing-duration-in-ticks: 935248
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
439 B 332ms
18ms XHR
text/plain 2a00:1450:400c:c03::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-20989104-1&cid=1377435495.1670816028&jid=1754991920&gjid=1474107593&_gid=566715448.1670816028&_u=YGBAgAABAAAAAE~&z=1753969071

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c03::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://54.89.171.65/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 12 Dec 2022 03:33:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://54.89.171.65
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

collect
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/collect?v=1&_v=j98&a=1537569104&t=pageview&_s=1&dl=http%3A%2F%2F54.89.171.65%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=175499192...
https://www.google-analytics.com/collect?v=1&_v=j98&a=1537569104&t=pageview&_s=1&dl=http%3A%2F%2F54.89.171.65%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=17549919...

35 B
55 B

117ms
38ms

Image
image/gif

2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1537569104&t=pageview&_s=1&dl=http%3A%2F%2F54.89.171.65%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=1754991920&gjid=1474107593&cid=1377435495.1670816028&tid=UA-20989104-1&_gid=566715448.1670816028&gtm=2wgbu0HLTK&z=2088922704

Requested by

Host: 54.89.171.65
URL: http://54.89.171.65/

Protocol

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://54.89.171.65/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 12:43:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 53418
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/collect?v=1&_v=j98&a=1537569104&t=pageview&_s=1&dl=http%3A%2F%2F54.89.171.65%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=1754991920&gjid=1474107593&cid=1377435495.1670816028&tid=UA-20989104-1&_gid=566715448.1670816028&gtm=2wgbu0HLTK&z=2088922704
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 34ms
15ms Image
text/plain 2a03:2880:f173:81:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=165602000533893&ev=PageView&dl=http%3A%2F%2F54.89.171.65%2F&rl=&if=false&ts=1670816027881&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%222146158922357120%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22BRL%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22811074532694725%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.3.1670816027875.233181615&it=1670816027728&coo=false&rqm=GET

Requested by

Host: 54.89.171.65
URL: http://54.89.171.65/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f173:81:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://54.89.171.65/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 12 Dec 2022 03:33:47 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 130ms
51ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-20989104-1&cid=1377435495.1670816028&jid=1754991920&_u=YGBAgAABAAAAAE~&z=1090505727

Requested by

Host: 54.89.171.65
URL: http://54.89.171.65/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://54.89.171.65/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 03:33:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 133ms
49ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-20989104-1&cid=1377435495.1670816028&jid=1754991920&_u=YGBAgAABAAAAAE~&z=1090505727

Requested by

Host: 54.89.171.65
URL: http://54.89.171.65/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://54.89.171.65/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 03:33:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame C956
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=54.89.171.65&sn=ChromeSyncframe&so=0&topUrl=54.89.171.65&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=H7oxMXxLUUFCUFZQa3cwdkRHcitFamFmQk5rK3BzRVNJOFhIUFJzY2VCdit2SWxVTmh0UUtoUFJNVGZyekRzbG05QUl0d3l4V2w3M0NNVElaUnNidm9HWXpadHBrb1ZlV3BYckdjMXc2VERycWN6UVVhVlFuQnhBdXlrbG...

433 B
656 B

56ms
17ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=H7oxMXxLUUFCUFZQa3cwdkRHcitFamFmQk5rK3BzRVNJOFhIUFJzY2VCdit2SWxVTmh0UUtoUFJNVGZyekRzbG05QUl0d3l4V2w3M0NNVElaUnNidm9HWXpadHBrb1ZlV3BYckdjMXc2VERycWN6UVVhVlFuQnhBdXlrbGFuYXczSG1FZTBvRFppa3dQZ2w1ZjFtQmJFWGxzVTRlZWozRXlGeCtScndYQlEzRzJoMHBqQlcxSWxqeTJNTmVMRXFnRytWZDBrVlliNDN2dk5XemJZdUxtbHhQMktaREdiMXUwRVpWUE80SzRscTNwYmlMbXBqT3V0SGxhalRxbXBNNmd5RForWUJ2MFplaGFmTVgrdDQ4K2tiaEZWdz09fA&cppv=2

Requested by

Host: 54.89.171.65
URL: http://54.89.171.65/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

1d52732c1a8a092aa439cfd6c61ea73ad18665cf94b8ccb817fedeb5980ba02a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 03:33:47 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2106948
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 12 Dec 2022 03:33:48 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=H7oxMXxLUUFCUFZQa3cwdkRHcitFamFmQk5rK3BzRVNJOFhIUFJzY2VCdit2SWxVTmh0UUtoUFJNVGZyekRzbG05QUl0d3l4V2w3M0NNVElaUnNidm9HWXpadHBrb1ZlV3BYckdjMXc2VERycWN6UVVhVlFuQnhBdXlrbGFuYXczSG1FZTBvRFppa3dQZ2w1ZjFtQmJFWGxzVTRlZWozRXlGeCtScndYQlEzRzJoMHBqQlcxSWxqeTJNTmVMRXFnRytWZDBrVlliNDN2dk5XemJZdUxtbHhQMktaREdiMXUwRVpWUE80SzRscTNwYmlMbXBqT3V0SGxhalRxbXBNNmd5RForWUJ2MFplaGFmTVgrdDQ4K2tiaEZWdz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 557465
content-length: 0
expires: 0

GET
H2

200

event Show response
widget.us.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=11517&v=5.12.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh%26si%3D1&p3=e%3Ddis&adce=1&bundle=LVKby19JYWJ2U3NVQTdIVzJyU0t0JTJCcFlrTE5XMXdLZGF...
https://widget.us.criteo.com/event?a=11517&v=5.12.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh%26si%3D1&p3=e%3Ddis&adce=1&bundle=LVKby19JYWJ2U3NVQTdIVzJyU0t0JTJCcFlrTE5XMXdLZGF...

8 KB
4 KB

418ms
190ms

Script
application/x-javascript

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.us.criteo.com/event?a=11517&v=5.12.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh%26si%3D1&p3=e%3Ddis&adce=1&bundle=LVKby19JYWJ2U3NVQTdIVzJyU0t0JTJCcFlrTE5XMXdLZGFHVVhMWVlENkZ4MXBKREVYd0lDdlUlMkJsOXFFY1g2Wjk1cklpSnAzQlYlMkJ6VFhyNVZHa0NQNTV0d29JYnpPUVpiYktEQ2wlMkZqUVdxcCUyQmZCJTJGd29EMmRFNFVGSFZ4M2ZIOEN1R3FWN05oSXhQeGFNeTdtczB2eGtoZFBFY1ElM0QlM0Q&tld=54.89.171.65&fu=http%253A%252F%252F54.89.171.65%252F&dtycbr=95490

Requested by

Host: 54.89.171.65
URL: http://54.89.171.65/

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

48846acd5288dea58b3ce3faa1af4e1dde6110b65d44e30c9f019b0a179b56b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://54.89.171.65/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 03:33:48 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 92786355
timing-allow-origin: *
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 12 Dec 2022 03:33:48 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://widget.us.criteo.com/event?a=11517&v=5.12.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh%26si%3D1&p3=e%3Ddis&adce=1&bundle=LVKby19JYWJ2U3NVQTdIVzJyU0t0JTJCcFlrTE5XMXdLZGFHVVhMWVlENkZ4MXBKREVYd0lDdlUlMkJsOXFFY1g2Wjk1cklpSnAzQlYlMkJ6VFhyNVZHa0NQNTV0d29JYnpPUVpiYktEQ2wlMkZqUVdxcCUyQmZCJTJGd29EMmRFNFVGSFZ4M2ZIOEN1R3FWN05oSXhQeGFNeTdtczB2eGtoZFBFY1ElM0QlM0Q&tld=54.89.171.65&fu=http%253A%252F%252F54.89.171.65%252F&dtycbr=95490
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 4738752
timing-allow-origin: *
content-length: 0
expires: 0

GET
H2

200

sync
x.bidswitch.net/ul_cb/ Frame 6C81
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-JXcwB9CiqrDiab1Ogu6x5PoKNsnuiGuV14sp-A&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-JXcwB9CiqrDiab1Ogu6x5PoKNsnuiGuV14sp-A&expires=30

43 B
344 B

9ms
9ms

Image
image/gif

54.93.177.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-JXcwB9CiqrDiab1Ogu6x5PoKNsnuiGuV14sp-A&expires=30
Protocol: H2
Server: 54.93.177.113 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-93-177-113.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 03:33:48 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-JXcwB9CiqrDiab1Ogu6x5PoKNsnuiGuV14sp-A&expires=30
date: Mon, 12 Dec 2022 03:33:48 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 6C81
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-7yJendCiqrDiab1Ogu6x5PoKNsnbraOSg0cb1Q&google_cm&google_hm=ay03eUplbmRDaXFyRGlhYjFPZ3U2eDVQb0tOc25icmFPU...
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-7yJendCiqrDiab1Ogu6x5PoKNsnbraOSg0cb1Q&google_cm=&google_hm=ay03eUplbmRDaXFyRGlhYjFPZ3U2eDVQb0tOc25icmF...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-7yJendCiqrDiab1Ogu6x5PoKNsnbraOSg0cb1Q&google_gid=CAESEAze3UcytX60nx29snQNKGI&google_cver=1&google_ula=913071,0

43 B
371 B

544ms
16ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-7yJendCiqrDiab1Ogu6x5PoKNsnbraOSg0cb1Q&google_gid=CAESEAze3UcytX60nx29snQNKGI&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 03:33:49 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1291787
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 12 Dec 2022 03:33:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-7yJendCiqrDiab1Ogu6x5PoKNsnbraOSg0cb1Q&google_gid=CAESEAze3UcytX60nx29snQNKGI&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 6C81
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8421027678996459715

43 B
370 B

732ms
17ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8421027678996459715

Protocol

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 03:33:48 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2282980
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 12 Dec 2022 03:33:48 GMT
AN-X-Request-Uuid: 72a2bf7f-4f0c-4ab1-ad55-2d6dc5358fa0
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8421027678996459715
Connection: keep-alive
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

rum
r.casalemedia.com/ Frame 6C81
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-6KQVL9CiqrDiab1Ogu6x5PoKNsltWJmEw39GQA
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-6KQVL9CiqrDiab1Ogu6x5PoKNsltWJmEw39GQA&C=1

43 B
864 B

60ms
41ms

Image
image/gif

172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-6KQVL9CiqrDiab1Ogu6x5PoKNsltWJmEw39GQA&C=1
Protocol: H3
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 03:33:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LhVEetgG1LnzXkAWdbpAWyIsny0OZM9gZ%2BiJphx2kufQAbqy2OvfYMgh9UsmvZTTcggqFROsPTC7WyBaxFbLYLeEcAdYUiR5N5kkCly4iPLwwhtHsR5pzTKvnXP5elyKUaHm"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 778366944a675c0e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 12 Dec 2022 03:33:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rc3SjeR3iNM3JXrAeRjJhbNdJ33TJDlqi3Fwyfvzqm%2B0qJyBNRIjql%2FSuE9zR5dtMWcFEQBA8pB8nNAga3r40JXQWmvR%2BMpZGD6hXo1%2BJ1O6V6EG%2BU6VOPWJEbaOrumt0O8%2F"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=20&external_user_id=k-6KQVL9CiqrDiab1Ogu6x5PoKNsltWJmEw39GQA&C=1
cache-control: no-cache
cf-ray: 778366940ffc9070-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 6C81
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-ABlI2dCiqrDiab1Ogu6x5PoKNskKx1nePbP8LA
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-ABlI2dCiqrDiab1Ogu6x5PoKNskKx1nePbP8LA

43 B
447 B

30ms
30ms

Image
image/gif

52.31.244.189
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-ABlI2dCiqrDiab1Ogu6x5PoKNskKx1nePbP8LA
Protocol: H2
Server: 52.31.244.189 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-244-189.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 12 Dec 2022 03:33:48 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-ABlI2dCiqrDiab1Ogu6x5PoKNskKx1nePbP8LA
date: Mon, 12 Dec 2022 03:33:48 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 cksync.php
contextual.media.net/ Frame 6C81 45 B
786 B 57ms
29ms Image
image/gif 184.30.20.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-8dd_0dCiqrDiab1Ogu6x5PoKNsnAC_VmZz9b0g

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Mon, 12 Dec 2022 03:33:48 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 45
x-mnet-hl2: E
expires: Mon, 12 Dec 2022 03:33:48 GMT

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 6C81 0
145 B 992ms
91ms Image
text/plain 64.202.112.159
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-CCHnPNCiqrDiab1Ogu6x5PoKNsnwBwP2MZUsag
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Mon, 12 Dec 2022 03:33:49 GMT
Cache-Control: no-cache
X-TraceId: a2a72360f7cb45b8fd66d3a19e9e1970
Content-Length: 0

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 6C81 0
239 B 55ms
8ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-RGpM4tCiqrDiab1Ogu6x5PoKNskIIguYdhnpWw&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 v1
match.sharethrough.com/sync/ Frame 6C81 0
35 B 42ms
7ms Image
text/plain 35.157.59.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-5PyfAtCiqrDiab1Ogu6x5PoKNslfbTejDSnOzg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.59.48 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-59-48.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 03:33:48 GMT

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 6C81 43 B
163 B 94ms
17ms Image
image/gif 185.86.139.113
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-G8fjw9CiqrDiab1Ogu6x5PoKNsnLDb8KwsEm7w
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 03:33:48 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 6C81 0
99 B 73ms
15ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-CNQMlNCiqrDiab1Ogu6x5PoKNslkRCZXJ3NHBg
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 03:33:48 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13815

GET
H2 200 um
criteo-sync.teads.tv/ Frame 6C81 23 B
172 B 75ms
34ms Image
image/gif 23.218.209.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-6XP4cNCiqrDiab1Ogu6x5PoKNskjX0B2_uMpkQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.209.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-56.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

expires: Mon, 12 Dec 2022 03:33:48 GMT
pragma: no-cache
date: Mon, 12 Dec 2022 03:33:48 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame 6C81 37 B
140 B 36ms
9ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-eJbuUtCiqrDiab1Ogu6x5PoKNslZxQdQn_yG1A&dongle=013b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 03:33:48 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58301/ Frame 6C81
Redirect Chain

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-zsO9htCiqrDiab1Ogu6x5PoKNsmeUPSzVCrWew
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-zsO9htCiqrDiab1Ogu6x5PoKNsmeUPSzVCrWew&verify=true

0
121 B

11ms
10ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-zsO9htCiqrDiab1Ogu6x5PoKNsmeUPSzVCrWew&verify=true

Protocol

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 03:33:48 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-zsO9htCiqrDiab1Ogu6x5PoKNsmeUPSzVCrWew&verify=true
date: Mon, 12 Dec 2022 03:33:48 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 put
e1.emxdgt.com/ Frame 6C81 0
55 B 729ms
8ms Image
text/html 3.71.169.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d53&uid=k-uoRNE9CiqrDiab1Ogu6x5PoKNslBcy8e72yzkQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.71.169.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-71-169-66.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 03:33:49 GMT
content-length: 0
content-type: text/html

GET
H2 200 pixel
cm.adform.net/ Frame 6C81 43 B
162 B 742ms
22ms Image
image/gif 37.157.5.142
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-J14lU9CiqrDiab1Ogu6x5PoKNsnLZizqL_sWaA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 03:33:49 GMT
last-modified: Mon, 04 Oct 2021 14:04:49 GMT
server: nginx
accept-ranges: bytes
etag: "615b0a01-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame 6C81 49 B
235 B 720ms
17ms Image
image/gif 185.255.84.153
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-dKXBi9CiqrDiab1Ogu6x5PoKNslsNAzOLBo8UA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.153 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 03:33:49 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
content-length: 49
expires: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 6C81
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=aNp8EvxK5A4lO4y1EJwgi0IYxQ2hpPcR
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=aNp8EvxK5A4lO4y1EJwgi0IYxQ2hpPcR

42 B
942 B

31ms
31ms

Image
image/gif

54.72.53.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=aNp8EvxK5A4lO4y1EJwgi0IYxQ2hpPcR

Protocol

HTTP/1.1

Server

54.72.53.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-72-53-159.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v045-02b96ccc8.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: F0WJXq3fQY0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v045-0168100b3.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 5y9oiRaJRMA=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=aNp8EvxK5A4lO4y1EJwgi0IYxQ2hpPcR
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200 9.gif
id5-sync.com/s/966/ Frame 6C81 43 B
1 KB 704ms
7ms Image
image/gif 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-Vg0TltCiqrDiab1Ogu6x5PoKNskzDMPh6_kn3g

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Mon, 12 Dec 2022 03:33:48 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H2 200 sync
matching.ivitrack.com/ Frame 6C81 42 B
274 B 733ms
41ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-0Z0ML9CiqrDiab1Ogu6x5PoKNslTPFz8PXt9sQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 03:33:48 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame 6C81 0
882 B 694ms
9ms Image
text/html 52.28.183.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-Qx-6j9CiqrDiab1Ogu6x5PoKNsni7Vc_og4LnQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.183.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-183-187.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 03:33:49 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 6C81 42 B
574 B 692ms
16ms Image
image/gif 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-Uix0-tCiqrDiab1Ogu6x5PoKNsmKI6u0rsN3Rg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Mon, 12 Dec 2022 03:33:49 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame 6C81 43 B
183 B 320ms
102ms Image
image/gif 2600:1f18:612b:4200:4221:38a7:d65:6c93
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-u3VUZ9CiqrDiab1Ogu6x5PoKNsnTAufj58SPgA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4200:4221:38a7:d65:6c93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Mon, 12 Dec 2022 03:33:49 GMT
server: Apache-Coyote/1.1
content-type: image/gif

GET
H2 200 getusermatch.php
a.twiago.com/rtb/ Frame 6C81 43 B
153 B 76ms
26ms Image
image/gif 85.215.5.31
CRONON-BERLIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-omRhOdCiqrDiab1Ogu6x5PoKNsm9gVWL6YcKCg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.215.5.31 Berlin, Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software: Apache / PHP/7.3.29
Resource Hash: 5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 12 Dec 2022 03:33:49 GMT
server: Apache
x-powered-by: PHP/7.3.29
content-length: 43
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 6C81 0
525 B 41ms
16ms Image
text/plain 184.31.94.14
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=8664&ext_id=k--3secdCiqrDiab1Ogu6x5PoKNskVuD3oefgPBw

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.31.94.14 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-31-94-14.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Dec 2022 03:33:49 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Sun, 11 Dec 2022 03:33:49 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame 6C81 43 B
220 B 228ms
28ms Image
image/gif 54.155.179.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-oXLEOdCiqrDiab1Ogu6x5PoKNslvHC4_tROGGQ&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.155.179.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-155-179-95.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 12 Dec 2022 03:33:49 GMT
content-type: image/gif
content-length: 43
access-control-allow-methods: GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 6C81
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=IRWCQ74AIBPf5gDYroNTTFUwMlFblHgz

0
337 B

634ms
27ms

Image
text/plain

54.194.57.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=IRWCQ74AIBPf5gDYroNTTFUwMlFblHgz
Protocol: H2
Server: 54.194.57.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-57-229.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-served-by: beacon-n010-dub-prod.krxd.net
date: Mon, 12 Dec 2022 03:33:49 GMT
cache-control: private, no-cache, no-store
x-request-time: D=60 t=1670816029
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=IRWCQ74AIBPf5gDYroNTTFUwMlFblHgz
date: Mon, 12 Dec 2022 03:33:48 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 1110987
content-length: 0

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 15ms
15ms Image
text/plain 2a03:2880:f173:81:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=165602000533893&ev=Microdata&dl=http%3A%2F%2F54.89.171.65%2F&rl=&if=false&ts=1670816029383&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.3.1670816027875.233181615&it=1670816027728&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f173:81:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://54.89.171.65/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 12 Dec 2022 03:33:49 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2

200

cs
s.thebrighttag.com/ Frame 6C81
Redirect Chain

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=cO-Qr3ZqrX-xghrEMNr1Q5mp2p_K0_b8

35 B
268 B

370ms
120ms

Image
image/gif

3.136.99.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=cO-Qr3ZqrX-xghrEMNr1Q5mp2p_K0_b8
Protocol: H2
Server: 3.136.99.143 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-136-99-143.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 03:33:49 GMT
x-bt-requestid: cafd2e00-79cd-11ed-aa26-0000ac17006c
server: nginx
content-type: image/gif
access-control-allow-origin
p3p: CP=NOI DSP COR NID
cache-control: private, must-revalidate
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=cO-Qr3ZqrX-xghrEMNr1Q5mp2p_K0_b8
date: Mon, 12 Dec 2022 03:33:49 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 1305594
content-length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: seal.verisign.com
URL: https://seal.verisign.com/getseal?host_name=www.hotmilhas.com.br&size=M&use_flash=YES&use_transparent=YES&lang=pt

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

44 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
54.89.171.65/	1969-12-31 23:59:59	Name: PHPSESSID Value: j8k88emi69bkpuhh6tvqlnour1
54.89.171.65/	1970-01-20 08:06:57	Name: hotmilhasTrackVisitaID Value: 0
54.89.171.65/	1970-01-20 08:06:57	Name: hotmilhasTrackCodVisita Value: 4f522202019929b0c6416d4573cac2c3
54.89.171.65/	1970-01-20 10:16:32	Name: _gcl_au Value: 1.1.1472508915.1670816028
54.89.171.65/	1970-01-20 17:42:56	Name: _ga Value: GA1.4.1377435495.1670816028
54.89.171.65/	1970-01-20 08:08:22	Name: _gid Value: GA1.4.566715448.1670816028
54.89.171.65/	1970-01-20 08:06:56	Name: _dc_gtm_UA-20989104-1 Value: 1
54.89.171.65/	1970-01-20 10:16:32	Name: _fbp Value: fb.3.1670816027875.233181615
.criteo.com/	1970-01-20 17:28:32	Name: uid Value: 84984d96-e1c3-40de-85b6-ddefe69b9d0d
54.89.171.65/	1970-01-20 17:36:20	Name: cto_bundle Value: LVKby19JYWJ2U3NVQTdIVzJyU0t0JTJCcFlrTE5XMXdLZGFHVVhMWVlENkZ4MXBKREVYd0lDdlUlMkJsOXFFY1g2Wjk1cklpSnAzQlYlMkJ6VFhyNVZHa0NQNTV0d29JYnpPUVpiYktEQ2wlMkZqUVdxcCUyQmZCJTJGd29EMmRFNFVGSFZ4M2ZIOEN1R3FWN05oSXhQeGFNeTdtczB2eGtoZFBFY1ElM0QlM0Q
.bidswitch.net/	1970-01-20 16:52:32	Name: tuuid Value: ec8979d3-865c-4b1a-a613-7c55dabc976b
.bidswitch.net/	1970-01-20 16:52:32	Name: c Value: 1670816028
.bidswitch.net/	1970-01-20 16:52:32	Name: tuuid_lu Value: 1670816028
.media.net/	1970-01-20 16:52:32	Name: visitor-id Value: 3138176288397496000V10
.media.net/	1970-01-20 08:50:08	Name: data-c-ts Value: 1670816028
.media.net/	1970-01-20 08:50:08	Name: data-c Value: k-8dd_0dCiqrDiab1Ogu6x5PoKNsnAC_VmZz9b0g~~3
.adnxs.com/	1970-01-20 10:16:32	Name: uuid2 Value: 8421027678996459715
.casalemedia.com/	1970-01-20 16:52:32	Name: CMID Value: Y5ahHLVzCb79nHSkPl4ePwAA
.casalemedia.com/	1970-01-20 10:16:32	Name: CMPS Value: 1117
.casalemedia.com/	1970-01-20 10:16:32	Name: CMPRO Value: 1117
.360yield.com/	1970-01-20 10:16:32	Name: tuuid Value: 6f1158ae-ac5d-436d-9fb6-858b9688da4d
.360yield.com/	1970-01-20 10:16:32	Name: tuuid_lu Value: 1670816028
.yahoo.com/	1970-01-20 16:52:53	Name: A3 Value: d=AQABBByhlmMCEFV90JfJm0R-WJup4yu24XYFEgEBAQHyl2OgYwAAAAAA_eMAAA&S=AQAAApAbWFW1wfI7JiBAjIbZeIc
.analytics.yahoo.com/	1970-01-20 16:52:32	Name: IDSYNC Value: 18zh~28sr
.casalemedia.com/	1970-01-20 10:16:32	Name: CMTS Value: 2155
.360yield.com/	1970-01-20 10:16:32	Name: um Value: !38,i5OkPbBF29kRZLmVH-CU4jyF6rUApF47OmJ8Q39XmXZ9rutDzNai65OzBridciWIGycPwRCs,1678592028
.360yield.com/	1970-01-20 10:16:32	Name: umeh Value: !38,0,1733024028,-1
.demdex.net/	1970-01-20 12:26:08	Name: demdex Value: 69631066619549626584478841120013828380
.dpm.demdex.net/	1970-01-20 12:26:08	Name: dpm Value: 69631066619549626584478841120013828380
.doubleclick.net/	1970-01-20 17:28:32	Name: IDE Value: AHWqTUkXO7bnQ5rzGjFuku2H-LrZOXwkP0LH_M61Ns_fKD2Kn2hZcQyeH0jz_1TS8Uo
.id5-sync.com/	1970-01-20 08:06:56	Name: cf Value:
.id5-sync.com/	1970-01-20 08:06:56	Name: cip Value:
.id5-sync.com/	1970-01-20 08:06:56	Name: cnac Value:
.id5-sync.com/	1970-01-20 08:06:56	Name: car Value:
.id5-sync.com/	1970-01-20 08:06:56	Name: gdpr Value:
.id5-sync.com/	1970-01-20 08:06:56	Name: callback Value:
exchange.mediavine.com/	1970-01-20 08:27:05	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%22cac86260-79cd-11ed-94bc-f7dc54b1448d%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 08:27:05	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22cac86260-79cd-11ed-94bc-f7dc54b1448d%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 08:27:05	Name: am_tokens Value: %7B%22mv_uuid%22%3A%22cac86260-79cd-11ed-94bc-f7dc54b1448d%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 08:27:05	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22cac86260-79cd-11ed-94bc-f7dc54b1448d%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 08:27:05	Name: criteo Value: %7B%22id%22%3A%22k-Qx-6j9CiqrDiab1Ogu6x5PoKNsni7Vc_og4LnQ%22%2C%22version%22%3A%22criteo%22%7D
.pubmatic.com/	1970-01-20 08:50:08	Name: KRTBCOOKIE_97 Value: 3385-uid:k-Uix0-tCiqrDiab1Ogu6x5PoKNsmKI6u0rsN3Rg&KRTB&23144-uid:k-Uix0-tCiqrDiab1Ogu6x5PoKNsmKI6u0rsN3Rg&KRTB&23286-uid:k-Uix0-tCiqrDiab1Ogu6x5PoKNsmKI6u0rsN3Rg&KRTB&23287-uid:k-Uix0-tCiqrDiab1Ogu6x5PoKNsmKI6u0rsN3Rg
.pubmatic.com/	1970-01-20 08:50:08	Name: PugT Value: 1670816029
.krxd.net/	1970-01-20 12:26:08	Name: _kuid_ Value: PQKnHYCn

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://seal.verisign.com/getseal?host_name=www.hotmilhas.com.br&size=M&use_flash=YES&use_transparent=YES&lang=pt Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: http://54.89.171.65/wp-content/themes/images/glyphicons-halflings.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://api.siteblindado.com/54.89.171.65/info Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.twiago.com
ad.360yield.com
ad.yieldlab.net
ajax.googleapis.com
api.siteblindado.com
beacon.krxd.net
cm.adform.net
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
d2wy8f7a9ursnm.cloudfront.net
dis.criteo.com
dpm.demdex.net
e1.emxdgt.com
eb2.3lift.com
exchange.mediavine.com
gum.criteo.com
ib.adnxs.com
id5-sync.com
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
notify.bugsnag.com
pixel.rubiconproject.com
r.casalemedia.com
rtb-csync.smartadserver.com
s.thebrighttag.com
seal.verisign.com
selo.siteblindado.com
simage2.pubmatic.com
sslwidget.criteo.com
static.criteo.net
static.hotjar.com
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
ups.analytics.yahoo.com
visitor.omnitagjs.com
widget.us.criteo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
x.bidswitch.net
seal.verisign.com
13.225.78.69
13.225.84.38
13.248.245.213
141.226.228.48
162.19.138.118
172.217.23.98
172.64.154.237
178.250.0.157
178.250.0.163
178.250.2.151
184.30.20.22
184.31.94.14
185.255.84.153
185.64.190.80
185.86.139.113
185.89.211.132
23.218.209.56
2600:1901:0:a5e4::
2600:1f18:612b:4200:4221:38a7:d65:6c93
2600:9000:20eb:1000:0:ee2:240:93a1
2600:9000:20eb:a800:0:ee2:240:93a1
2a00:1450:4001:806::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2004
2a00:1450:4001:831::2008
2a00:1450:4001:831::200e
2a00:1450:400c:c03::9d
2a02:2638:1::13
2a02:2638:1::3
2a02:26f0:1700:5::5f65:1b67
2a03:2880:f080:9:face:b00c:0:3
2a03:2880:f173:81:face:b00c:0:25de
3.126.56.137
3.136.99.143
3.71.169.66
34.117.157.22
35.157.59.48
37.157.5.142
52.28.183.187
52.31.244.189
54.155.179.95
54.194.57.229
54.72.53.159
54.89.171.65
54.93.177.113
64.202.112.159
69.173.144.165
74.119.119.150
85.215.5.31
05a7527b88662f71a033cb69e1f093cb42a5c3a928cfe4f2dc4bdb2772729f35
081b26433bd1ca389f3dca19b907a78a7c66075f9bd920e42d707bfcbc0bc976
11c2d663d4fdcddd4948990b31deebcf06eaff82b79d909a869352a1f79f024b
1cd0c9d5a1e5ed078d612bc6fd0325affae014d769c6d146154a38063804efcb
1d52732c1a8a092aa439cfd6c61ea73ad18665cf94b8ccb817fedeb5980ba02a
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3b6ca3d3169da6f83906115929fcbb672fa1adf40853fa4fd1a513e589e8098c
48846acd5288dea58b3ce3faa1af4e1dde6110b65d44e30c9f019b0a179b56b2
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
5f4c033e62805a8e8d2e6c82154293150d175a41696f32e4758b4b17b733c50c
6eb5d6c3f6739e2b5cfbb93f4151b56203ed85fe129e2dce0bb8a1b447179c82
737be8d2a2db4d729155190f62d3b1f656cdaec35b42b59eeeda3043246a50cd
76f562f245cd41c0b60096ff52bab9c1ac789cc85c8a4d9de3cbd55b3f803100
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88fb2f40aa5aadc3e50072ee76c0df24c99995f33f996cfea8653502a2de38d1
89f5f72946aa1eb59edc1369a9b1f30a2909b856478440ff21e90197b35e3aed
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
997df60a252b320f79393c768669ede850666a1c6d9317c26a80f966024ec2a8
9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a45d51c153cf96db9d27accc9b28a01b4612e58d9c1a22ee4899cec2b563505c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b6fde08e06c184b997b1d987daaa712bc0267129a6ef9476ed03d7fe040274a8
b7d8718f4220f433ee17f591ab8410d4302ac57fbfb8586eda22c2dbf0a80c02
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c0700be2cf4f4c0aef6502f2550825acc7a2f2838677cd1e5899871521c4d02a
c096538b906044137762f4805f1a1f1b4b7e094b259f4caa3dc24102c32f839f
c7c010374d5d7b4e17da7e3bc163f2ee60d57df9b18190ff780af65d6aa53400
cc4dd6098a998320f68ce1e0fe0eb954f88706472b747a41752a0d95992350da
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d482871a5e948cb4884fa0972ea98a81abca057b6bd3f8c995a18c12487e761c
d6c1aa198589b0a87b22f515905607c1c11839948491cea44a74b88116b40561
d899e7a3f2f2f97d327993076307781b6b7bd5ba6c726debd00f33b5f4868abc
dae61997696481be5f7c2e05b4460e815af9295d681e159f9a3e77b28709b142
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e58b2e7582816d8053e22f830e4c5d9d9d3808ffbe12c5e83f336d7a3efda190
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6e0daa7e79c6a69c2fb74520dd3e384fd665af064fa121593530d89764ef389
fcc0faf06284bed93832588df3dc6dbb26eef427e6c70c3fd46507bbef05a5f2

54.89.171.65 Open in urlscan Pro 54.89.171.65 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

70 Requests

46 %HTTPS

31 %IPv6

42 Domains

48 Subdomains

46 IPs

8 Countries

859 kBTransfer

1625 kBSize

44 Cookies

4 Outgoing links

Redirected requests

70 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

54.89.171.65 Open in urlscan Pro
54.89.171.65 Public Scan

Screenshot
Live screenshot

Full Image

70
Requests

46 %
HTTPS

31 %
IPv6

42
Domains

48
Subdomains

46
IPs

8
Countries

859 kB
Transfer

1625 kB
Size

44
Cookies

70 HTTP transactions
0 data transactions