151.80.19.172 Open in urlscan Pro
151.80.19.172 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://151.80.19.172/
Submission Tags: krdprod
Submission: On September 01 via api (September 1st 2022, 10:18:47 am UTC) from JP — Scanned from JP

Summary HTTP 107 Redirects Links 26 Behaviour Indicators

Summary

This website contacted 34 IPs in 5 countries across 32 domains to perform 107 HTTP transactions. The main IP is 151.80.19.172, located in Roubaix, France and belongs to OVH, FR. The main domain is 151.80.19.172.
TLS certificate: Issued by R3 on August 21st 2022. Valid for: 3 months.

This is the only time 151.80.19.172 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
29	151.80.19.172 151.80.19.172	16276 (OVH) (OVH)
7	2404:6800:400... 2404:6800:4004:81f::2002	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4004:801::200e	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:801::200a	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f00... 2a03:2880:f00f:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
1	2404:6800:400... 2404:6800:4004:810::2008	15169 (GOOGLE) (GOOGLE)
3	2606:4700:20:... 2606:4700:20::ac43:4a15	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2404:6800:400... 2404:6800:4004:81e::2002	15169 (GOOGLE) (GOOGLE)
2	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
3	2404:6800:400... 2404:6800:4004:80c::2003	15169 (GOOGLE) (GOOGLE)
1 3	99.84.140.70 99.84.140.70	16509 (AMAZON-02) (AMAZON-02)
1	142.250.206.194 142.250.206.194	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:81d::2002	15169 (GOOGLE) (GOOGLE)
6	2404:6800:400... 2404:6800:4004:801::2002	15169 (GOOGLE) (GOOGLE)
3	103.43.90.54 103.43.90.54	29990 (ASN-APPNEX) (ASN-APPNEX)
2	139.99.49.250 139.99.49.250	16276 (OVH) (OVH)
1	182.161.74.18 182.161.74.18	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
2	185.86.138.32 185.86.138.32	201081 (SMARTADSE...) (SMARTADSERVER)
1	54.179.139.189 54.179.139.189	16509 (AMAZON-02) (AMAZON-02)
3	2404:6800:400... 2404:6800:4004:813::2001	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:827::2004	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:81c::2001	15169 (GOOGLE) (GOOGLE)
2	2406:2600:4::1 2406:2600:4::1	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
2 4	2406:2600:4::b 2406:2600:4::b	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
3	182.161.74.11 182.161.74.11	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
7	2606:4700::68... 2606:4700::6810:df3	() ()
1	23.45.57.118 23.45.57.118	() ()
3 9	52.223.2.229 52.223.2.229	() ()
1	151.101.65.108 151.101.65.108	() ()
1	23.45.61.118 23.45.61.118	() ()
2 2	35.71.131.137 35.71.131.137	() ()
3 4	142.250.207.34 142.250.207.34	() ()
2 2	2620:1ec:21::14 2620:1ec:21::14	() ()
1 2	104.18.100.194 104.18.100.194	() ()
3 3	35.213.12.39 35.213.12.39	() ()
2 2	185.84.60.29 185.84.60.29	() ()
1	2620:1ec:c11:... 2620:1ec:c11::200	() ()
1 1	2406:da18:929... 2406:da18:929:5a03:ee44:5cd6:3730:1ae1	() ()
1 1	23.45.56.250 23.45.56.250	() ()
1 1	106.10.236.147 106.10.236.147	() ()
107	34

29 151.80.19.172 (Roubaix, France)

ASN16276 (OVH, FR)
PTR: ns395207.ip-151-80-19.eu

151.80.19.172	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
catiororeflexivo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2404:6800:4004:81f::2002 (Australia)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:801::200e (Australia)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:801::200a (Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f00f:8:face:b00c:0:1 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:810::2008 (Australia)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::ac43:4a15 (United States)

ASN13335 (CLOUDFLARENET, US)

tags.premiumads.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:81e::2002 (Australia)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:80c::2003 (Australia)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.84.140.70 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-84-140-70.nrt57.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.206.194 (United States)

ASN15169 (GOOGLE, US)
PTR: kix07s07-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:81d::2002 (Australia)

ASN15169 (GOOGLE, US)

adservice.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2404:6800:4004:801::2002 (Australia)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 103.43.90.54 (Singapore, Singapore)

ASN29990 (ASN-APPNEX, US)
PTR: 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.99.49.250 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: ip250.ip-139-99-49.net

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.161.74.18 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.138.32 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.179.139.189 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-179-139-189.ap-southeast-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:813::2001 (Australia)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:827::2004 (Australia)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:81c::2001 (Australia)

ASN15169 (GOOGLE, US)

f7b9189fc07fcd3f160b6dfc4ec31f66.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2406:2600:4::1 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2406:2600:4::b (Japan) 2 redirects

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 182.161.74.11 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6810:df3 (None, )

ASN- ()

tag.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
usr.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync2.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.45.57.118 (None, )

ASN- ()

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 52.223.2.229 (None, ) 3 redirects

ASN- ()

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.108 (None, )

ASN- ()

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.45.61.118 (None, )

ASN- ()

at.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (None, ) 2 redirects

ASN- ()

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.207.34 (None, ) 3 redirects

ASN- ()

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:21::14 (None, ) 2 redirects

ASN- ()

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.100.194 (None, ) 1 redirects

ASN- ()

p.adsymptotic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.213.12.39 (None, ) 3 redirects

ASN- ()

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.84.60.29 (None, ) 2 redirects

ASN- ()

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (None, )

ASN- ()

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2406:da18:929:5a03:ee44:5cd6:3730:1ae1 (None, ) 1 redirects

ASN- ()

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.45.56.250 (None, ) 1 redirects

ASN- ()

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 106.10.236.147 (None, ) 1 redirects

ASN- ()

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	catiororeflexivo.com catiororeflexivo.com	464 KB
11	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 112 tpc.googlesyndication.com — Cisco Umbrella Rank: 145 f7b9189fc07fcd3f160b6dfc4ec31f66.safeframe.googlesyndication.com	275 KB
10	3lift.com 3 redirects tlx.3lift.com — Cisco Umbrella Rank: 552 eb2.3lift.com	4 KB
10	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 44 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184 cm.g.doubleclick.net	164 KB
8	criteo.com 2 redirects bidder.criteo.com — Cisco Umbrella Rank: 742 gum.criteo.com — Cisco Umbrella Rank: 387 mug.criteo.com — Cisco Umbrella Rank: 2794	9 KB
7	navdmp.com tag.navdmp.com usr.navdmp.com cdn.navdmp.com sync2.navdmp.com sync.navdmp.com	6 KB
4	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 225 acdn.adnxs.com	20 KB
3	bidswitch.net 3 redirects x.bidswitch.net	2 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 78 www.google.com — Cisco Umbrella Rank: 2	2 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 152	3 KB
3	gstatic.com fonts.gstatic.com	44 KB
3	premiumads.com.br tags.premiumads.com.br — Cisco Umbrella Rank: 227950	134 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
2	yahoo.com 2 redirects pr-bh.ybp.yahoo.com cms.analytics.yahoo.com	2 KB
2	adform.net 2 redirects c1.adform.net	953 B
2	adsymptotic.com 1 redirects p.adsymptotic.com	477 B
2	linkedin.com 2 redirects px.ads.linkedin.com	1023 B
2	adsrvr.org 2 redirects match.adsrvr.org	949 B
2	teads.tv a.teads.tv at.teads.tv	5 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 658	57 KB
2	smartadserver.com prg.smartadserver.com — Cisco Umbrella Rank: 1411	670 B
2	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 749	1 KB
2	google.co.jp adservice.google.co.jp — Cisco Umbrella Rank: 68898	914 B
2	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 971	170 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 154	88 KB
1	mathtag.com 1 redirects pixel.mathtag.com	609 B
1	bing.com c.bing.com	667 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 872	695 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 66	41 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43	1 KB
0	zemanta.com Failed b1sync.zemanta.com Failed
0	amazon-adsystem.com Failed s.amazon-adsystem.com Failed
107	32

	Domain	Requested by
28	catiororeflexivo.com	151.80.19.172 catiororeflexivo.com
9	eb2.3lift.com	3 redirects tags.premiumads.com.br eb2.3lift.com
7	pagead2.googlesyndication.com	151.80.19.172 pagead2.googlesyndication.com tpc.googlesyndication.com
4	cm.g.doubleclick.net	3 redirects eb2.3lift.com
4	gum.criteo.com	2 redirects static.criteo.net
4	securepubads.g.doubleclick.net	tags.premiumads.com.br securepubads.g.doubleclick.net
3	x.bidswitch.net	3 redirects
3	mug.criteo.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	ib.adnxs.com	tags.premiumads.com.br acdn.adnxs.com
3	sb.scorecardresearch.com	1 redirects cdn.taboola.com 151.80.19.172
3	fonts.gstatic.com	fonts.googleapis.com
3	tags.premiumads.com.br	151.80.19.172 tags.premiumads.com.br
3	www.google-analytics.com	151.80.19.172 www.google-analytics.com
2	sync.navdmp.com
2	c1.adform.net	2 redirects
2	p.adsymptotic.com	1 redirects eb2.3lift.com
2	px.ads.linkedin.com	2 redirects
2	match.adsrvr.org	2 redirects
2	tag.navdmp.com	tags.premiumads.com.br tag.navdmp.com
2	static.criteo.net	tags.premiumads.com.br static.criteo.net
2	prg.smartadserver.com	tags.premiumads.com.br
2	onetag-sys.com	tags.premiumads.com.br
2	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	adservice.google.co.jp	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	cdn.taboola.com	151.80.19.172 cdn.taboola.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	connect.facebook.net	151.80.19.172 connect.facebook.net
1	cms.analytics.yahoo.com	1 redirects
1	pixel.mathtag.com	1 redirects
1	sync2.navdmp.com
1	cdn.navdmp.com	tag.navdmp.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	c.bing.com	eb2.3lift.com
1	usr.navdmp.com	tag.navdmp.com
1	at.teads.tv	a.teads.tv
1	acdn.adnxs.com	tags.premiumads.com.br
1	a.teads.tv	tags.premiumads.com.br
1	f7b9189fc07fcd3f160b6dfc4ec31f66.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	www.google.com	tpc.googlesyndication.com
1	tlx.3lift.com	tags.premiumads.com.br
1	bidder.criteo.com	tags.premiumads.com.br
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	151.80.19.172
1	fonts.googleapis.com	151.80.19.172
0	b1sync.zemanta.com Failed	eb2.3lift.com
0	s.amazon-adsystem.com Failed	eb2.3lift.com
107	47

This site contains links to these domains. Also see Links.

Domain
catiororeflexivo.com
www.facebook.com
twitter.com
www.youtube.com
www.instagram.com

Subject Issuer	Validity	Valid
catiororeflexivo.com R3	`2022-08-21` - `2022-11-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-06-10` - `2022-09-08`	3 months	crt.sh
premiumads.com.br Cloudflare Inc ECC CA-3	`2022-05-07` - `2023-05-07`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.google.co.jp GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-27` - `2022-11-22`	3 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-01` - `2022-11-30`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-04` - `2023-06-03`	a year	crt.sh
teads.tv R3	`2022-08-17` - `2022-11-15`	3 months	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2022-03-11` - `2023-04-11`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-06-10` - `2022-12-10`	6 months	crt.sh

This page contains 10 frames:

Primary Page: https://151.80.19.172/
Frame ID: BF4CD08EA98A7A3903715EFD3DC5A6EE
Requests: 81 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220829/r20190131/zrt_lookup.html
Frame ID: 2CD3CB2AB6A7B14981AF317A3F036A00
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1376237005157464&output=html&adk=318159125&adf=2184669829&lmt=1662027521&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2F151.80.19.172%2F&ea=0&pra=5&wgl=1&easpf=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=0&asnd=0&asnp=0&asns=0&asmat=1&asptt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662027519587&bpp=1388&bdt=123&idt=1592&shv=r20220829&mjsv=m202208250101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4218617508953&frm=20&pv=2&ga_vid=1876213142.1662027521&ga_sid=1662027521&ga_hid=130609017&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44770880&oid=2&pvsid=2430671410330663&tmod=1761749473&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1607
Frame ID: 037613FDDBE58DBD31BDA162F0841BE2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 05E4860A0ADEFAA52910CFD9A0D5AF07
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CA1727F451ABCC0F11FC21AFCA16A2CC
Requests: 2 HTTP requests in this frame

Frame: https://f7b9189fc07fcd3f160b6dfc4ec31f66.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3593B58EB48ACDFA3ADC552CDFAE6468
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=151.80.19.172
Frame ID: 0D3E87B2945BEA5C58AED4F46D47C155
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: BBF69BCB0823AAABDF36E215CE557AF4
Requests: 11 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1662027522184
Frame ID: C6D971E44F8A8909BF254E4BE5833F60
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: E937415C6888065204BBBFF09E4AB91A
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Iti malia

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Navegg (Analytics) Expand

Overall confidence: 100%
Detected patterns

tag\.navdmp\.com

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

107
Requests

84 %
HTTPS

48 %
IPv6

32
Domains

47
Subdomains

34
IPs

5
Countries

1522 kB
Transfer

4336 kB
Size

11
Cookies

26 Outgoing links

These are links going to different origins than the main page.

URL: https://catiororeflexivo.com/
Title: Catioro Reflexivo

Search URL Search Domain Scan URL

URL: https://catiororeflexivo.com/category/caes/
Title: Cães

Search URL Search Domain Scan URL

URL: https://catiororeflexivo.com/category/gatos/
Title: Gatos

Search URL Search Domain Scan URL

URL: https://catiororeflexivo.com/category/animais/
Title: Animais

Search URL Search Domain Scan URL

URL: https://catiororeflexivo.com/category/noticias/
Title: Notícias

Search URL Search Domain Scan URL

URL: https://catiororeflexivo.com/category/videos/
Title: Vídeos

Search URL Search Domain Scan URL

URL: https://catiororeflexivo.com/contactar/
Title: Contato

Search URL Search Domain Scan URL

URL: https://catiororeflexivo.com/politica-privacidade/
Title: Política privacidade

Search URL Search Domain Scan URL

URL: https://catiororeflexivo.com/casal-tem-encontro-inesperado-com-gatos-selvagens-em-estrada-no-canada/
Title: Casal tem encontro inesperado com gatos selvagens em estrada no Canadá

Search URL Search Domain Scan URL

URL: https://catiororeflexivo.com/mulher-grava-seus-caezinhos-tendo-reacoes-fofinhas-enquanto-ela-fala-suas-palavras-favoritas/
Title: Mulher grava seus cãezinhos tendo reações fofinhas enquanto ela fala suas palavras favoritas

Search URL Search Domain Scan URL

URL: https://catiororeflexivo.com/mulher-resgata-com-a-ajuda-de-uma-policial-gatinha-preta-que-estava-presa-em-uma-estrada-e-a-adota/
Title: Mulher resgata, com a ajuda de policial, gatinha preta que estava presa em uma estrada e a adota

Search URL Search Domain Scan URL

URL: https://catiororeflexivo.com/gatinha-gravida-e-resgatada-por-homem-de-um-lago-e-mais-tarde-da-a-luz-5-lindos-gatinhos/
Title: Gatinha grávida é resgatada por homem de um lago e mais tarde dá à luz 5 lindos gatinhos

Search URL Search Domain Scan URL

URL: https://catiororeflexivo.com/pastor-alemao-amigavel-cuida-com-muito-amor-de-veados-orfaos-e-como-se-fossem-seus-filhotes/
Title: Pastor Alemão amigável cuida com muito amor de veados órfãos e como se fossem seus filhotes

Search URL Search Domain Scan URL

URL: https://catiororeflexivo.com/dois-homens-corajosos-salvam-diversos-animais-durante-enchente-em-hernando-mississippi/
Title: Em 2016, quando chuvas causaram enchentes históricas em vários estados do sul, incluindo … .featured-thumbnail:hover img { -webkit-transform: translate3d(0,-80px,0); transform: translate3d(0,-80px,0); }

Search URL Search Domain Scan URL

URL: https://catiororeflexivo.com/gatinha-encontrada-na-porta-de-um-predio-e-resgatada-e-ai-percebem-que-estava-em-trabalho-de-parto/
Title: Do lado de fora de um prédio em Corpus Christi, Texas, uma gatinha … .featured-thumbnail:hover img { -webkit-transform: translate3d(0,-80px,0); transform: translate3d(0,-80px,0); }

Search URL Search Domain Scan URL

URL: https://catiororeflexivo.com/dois-amigos-foram-resgatados-separados-e-nao-conseguiram-se-desgrudar-desde-quando-se-reencontraram-um-chorava-pelo-outro/
Title: Quando a socorrista Suzette Hall respondeu pela primeira vez a um telefonema sobre … .featured-thumbnail:hover img { -webkit-transform: translate3d(0,-80px,0); transform: translate3d(0,-80px,0); }

Search URL Search Domain Scan URL

URL: https://catiororeflexivo.com/timao-e-pumba-existem-e-foram-encontrados-morando-sozinhos-numa-casa-abandonada/
Title: Danielle Betterman fez carreira resgatando animais indesejados, então quando ela recebeu uma ligação … .featured-thumbnail:hover img { -webkit-transform: translate3d(0,-80px,0); transform: translate3d(0,-80px,0); }

Search URL Search Domain Scan URL

URL: https://catiororeflexivo.com/page/2/
Title: 2

Search URL Search Domain Scan URL

URL: https://catiororeflexivo.com/page/3/
Title: 3

Search URL Search Domain Scan URL

URL: https://catiororeflexivo.com/page/4/
Title: 4

Search URL Search Domain Scan URL

URL: https://catiororeflexivo.com/page/299/
Title: 299

Search URL Search Domain Scan URL

URL: https://www.facebook.com/CatioroReflexivo/

Search URL Search Domain Scan URL

URL: https://twitter.com/CatioroReflexiv

Search URL Search Domain Scan URL

URL: https://www.youtube.com/CatioroReflexivo

Search URL Search Domain Scan URL

URL: https://www.instagram.com/catioro.reflexivo/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/groups/228755860842646/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1662027521114&ns_c=UTF-8&c7=https%3A%2F%2F151.80.19.172%2F&c8=Iti%20malia&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1662027521114&ns_c=UTF-8&c7=https%3A%2F%2F151.80.19.172%2F&c8=Iti%20malia&c9=

Request Chain 79

https://gum.criteo.com/sid/json?origin=publishertag&domain=151.80.19.172&sn=ChromeSyncframe&so=0&topUrl=151.80.19.172&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=uZVKy3wzYnZ1eng1Um4zU1lpaU1ER0k5aS9oRERVUmpYWjhpcEFUQ01FYlc2Qk5KSFVhZjhCWXhZRlFwKzlyMmxEK2ErN1BtVm9EaVFkaWVaQmVkWXBtOGhpZWloR3RnZjl4Z0RCWVJWVVhUTWhpUHJWL2NtT0ZTeG9mMzZLZk56ZkFBdk04b01qd0F6WUZhSmF3MVA5MnhqQ1paMGVLSVBmM2hUd3BjTzVDSHYxNVp1TXhyZEl5UXRORzRBU2xkUTNtS0lrL0hsbVFXbWgrVlZUL3ZxMlo3cDZCZnA5Sm9IZ1FSUnhyaHpDY3FtRXIwV2p1Z2RCWHZnK0R6NlJCNUhwWHlSSUREK0grUG5wamV5M1Mzbm9reWx5QT09fA&cppv=2

Request Chain 82

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fcatiororeflexivo.com%2F&domain=151.80.19.172&cw=1&pbt=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=GYXhv3xkTlBuZENsL1IvSkFhMDE0cmpreVp3MnFFYk9HdHNJVGNXMk5lMVdWSWRDTmNmUUV5VWZxWTR4THQ5cmpOODkzYWkydUVIVWlkRGNwQkFRWFFHenhmdHpuK29PMC9obXBMYXR1elBQU1NpNmdoL25qek5VUTdUbHQ0YVBSUzhGVDBKWHdjMW5sc3VoSVlqVDJyeHF2Mytrb1FMZWVaOUwrZzdhNFhBU3lnOTMyZnRmOTk1VWZya1o1K3lhN2UxYVRjS1VTbkEveEtLZUd5ZXRpcWxJRWxqdkIwY0oyVjNzaWoxb050VFVQQ0hvdHdXbzRhaW1tL2VxY1YwL2N3QmtTN29JYkpDYmpMWlJqNXZobVJOaFkyUzZRTzVxVmFPeEZCMVRNRm9xbWgvWXBBMVdvOTBuR3N3dXdvYmZLTmxKeHw&cppv=2

Request Chain 83

https://eb2.3lift.com/sync HTTP 302
https://eb2.3lift.com/sync?&ld=1

Request Chain 92

https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=3658&xuid=e046d939-abcf-4dbc-b36b-8f51da03de29&dongle=0cfd

Request Chain 93

https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTM3NTQ5ODEyMTIzMDYwMDUzOTE0OQ%3D%3D HTTP 302
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=

Request Chain 94

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEBnER5z3ZiYwenh8Dfks5nM&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1

Request Chain 95

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTM3NTQ5ODEyMTIzMDYwMDUzOTE0OQ%3D%3D

Request Chain 96

https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1375498121230600539149&dbredirect=true&gdpr=0&consent= HTTP 302
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1375498121230600539149&dbredirect=true&gdpr=0&consent=&cookiesTest=true HTTP 302
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=a669b71c-fdce-465d-b3b2-da0a7e8c9acc&_noobservation=1 HTTP 302
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=a669b71c-fdce-465d-b3b2-da0a7e8c9acc&_noobservation=1&_expected_cookie=7c7535d4ee78d7b62751e68c9c057a1e

Request Chain 97

https://x.bidswitch.net/sync?ssp=triplelift&user_id=1375498121230600539149&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=triplelift&user_id=1375498121230600539149&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=triplelift HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=triplelift HTTP 302
https://x.bidswitch.net/sync?dsp_id=70&user_id=3148850214003650296&ssp=triplelift HTTP 302
https://eb2.3lift.com/xuid?mid=2409&xuid=a43714df-0573-4619-b705-82e85486dbb2&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 99

https://pr-bh.ybp.yahoo.com/sync/triplelift/1375498121230600539149?gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2662&xuid=y-j98dsjZE2oRqCsP6.g.1a5DXQeEeeb3bhqHjUYk5dA--~A&dongle=0883

Request Chain 103

https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=74363299523 HTTP 302
https://sync2.navdmp.com/sync?prtid=2&id=74363299523&google_gid=CAESED6BEPrK9wF0h-7mVcoLL-M&google_cver=1

Request Chain 104

https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D HTTP 302
https://sync.navdmp.com/sync?img=1&mdia=23716310-8707-4300-8e6c-3c8ae4261e38

Request Chain 105

https://cms.analytics.yahoo.com/cms?partner_id=NAVEG HTTP 302
https://sync.navdmp.com/sync?prtid=12&yahid=y-KyAVWDNE2p7AeEu4r3sjJ4L0K1vSPgsmJZw-~A

107 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
151.80.19.172/ 56 KB
12 KB 976ms
486ms Document
text/html 151.80.19.172
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://151.80.19.172/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.80.19.172 Roubaix, France, ASN16276 (OVH, FR),

Reverse DNS

ns395207.ip-151-80-19.eu

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

3001521d759fccd25508496d699eda8bd15659146b5af02c8fbecd4607703e2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Access-Control-Allow-Origin: https://onesignal.com
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Thu, 01 Sep 2022 10:18:39 GMT
Referrer-Policy: no-referrer-when-downgrade
Server: nginx/1.18.0 (Ubuntu)
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 165 KB
57 KB 93ms
51ms Script
text/javascript 2404:6800:4004:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1376237005157464

Requested by

Host: 151.80.19.172
URL: https://151.80.19.172/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

33bd5832c6f9b79ae9063dddb6d5655902a33aa3034f00c63e67de948ac80021

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://151.80.19.172/
Origin: https://151.80.19.172
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 10:18:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57349
x-xss-protection: 0
server: cafe
etag: 4547400100718014061
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 01 Sep 2022 10:18:39 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 165 KB
57 KB 117ms
77ms Script
text/javascript 2404:6800:4004:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: 151.80.19.172
URL: https://151.80.19.172/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0513fab4f302839884b3302cca9f5b06c212e105a33082f963b8c8b15ff74c3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 10:18:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57340
x-xss-protection: 0
server: cafe
etag: 12020823151925852399
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 01 Sep 2022 10:18:39 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 44ms
3ms Script
text/javascript 2404:6800:4004:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: 151.80.19.172
URL: https://151.80.19.172/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 2373
date: Thu, 01 Sep 2022 09:39:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 01 Sep 2022 11:39:08 GMT

GET
H/1.1 200
OK font-awesome.min.css
catiororeflexivo.com/wp-content/plugins/my-wp-mega-menu/css/ 30 KB
8 KB 954ms
242ms Stylesheet
text/css 151.80.19.172
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://catiororeflexivo.com/wp-content/plugins/my-wp-mega-menu/css/font-awesome.min.css

Requested by

Host: 151.80.19.172
URL: https://151.80.19.172/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.80.19.172 Roubaix, France, ASN16276 (OVH, FR),

Reverse DNS

ns395207.ip-151-80-19.eu

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Thu, 01 Sep 2022 10:18:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 08 May 2019 16:43:57 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Frame-Options: SAMEORIGIN
ETag: W/"5cd3074d-7918"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/css
Access-Control-Allow-Origin: https://onesignal.com
Cache-Control: max-age=604800
Expires: Thu, 08 Sep 2022 10:18:40 GMT

GET
H/1.1 200
OK wpmm.css
catiororeflexivo.com/wp-content/plugins/my-wp-mega-menu/css/ 38 KB
4 KB 957ms
243ms Stylesheet
text/css 151.80.19.172
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://catiororeflexivo.com/wp-content/plugins/my-wp-mega-menu/css/wpmm.css

Requested by

Host: 151.80.19.172
URL: https://151.80.19.172/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.80.19.172 Roubaix, France, ASN16276 (OVH, FR),

Reverse DNS

ns395207.ip-151-80-19.eu

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

ed393a8adb497cc56f0a608d31f9870b31aadd339951abe140de86107eb48124

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Thu, 01 Sep 2022 10:18:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 08 May 2019 16:43:57 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Frame-Options: SAMEORIGIN
ETag: W/"5cd3074d-97ab"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/css
Access-Control-Allow-Origin: https://onesignal.com
Cache-Control: max-age=604800
Expires: Thu, 08 Sep 2022 10:18:40 GMT

GET
H/1.1 200
OK style.min.css
catiororeflexivo.com/wp-includes/css/dist/block-library/ 87 KB
12 KB 1206ms
488ms Stylesheet
text/css 151.80.19.172
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://catiororeflexivo.com/wp-includes/css/dist/block-library/style.min.css

Requested by

Host: 151.80.19.172
URL: https://151.80.19.172/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.80.19.172 Roubaix, France, ASN16276 (OVH, FR),

Reverse DNS

ns395207.ip-151-80-19.eu

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Thu, 01 Sep 2022 10:18:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 12 Jul 2022 23:59:02 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Frame-Options: SAMEORIGIN
ETag: W/"62ce0ac6-15b64"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/css
Access-Control-Allow-Origin: https://onesignal.com
Cache-Control: max-age=604800
Expires: Thu, 08 Sep 2022 10:18:40 GMT

GET
H/1.1 200
OK front.min.css
catiororeflexivo.com/wp-content/plugins/cookie-notice/css/ 5 KB
2 KB 993ms
255ms Stylesheet
text/css 151.80.19.172
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://catiororeflexivo.com/wp-content/plugins/cookie-notice/css/front.min.css

Requested by

Host: 151.80.19.172
URL: https://151.80.19.172/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.80.19.172 Roubaix, France, ASN16276 (OVH, FR),

Reverse DNS

ns395207.ip-151-80-19.eu

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

d2c30641eed11d27cc45ab60849aaef8d0cef92b8c75b09648ffb764bd6017c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Thu, 01 Sep 2022 10:18:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 29 Jun 2022 16:14:10 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Frame-Options: SAMEORIGIN
ETag: W/"62bc7a52-14ce"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/css
Access-Control-Allow-Origin: https://onesignal.com
Cache-Control: max-age=604800
Expires: Thu, 08 Sep 2022 10:18:40 GMT

GET
H/1.1 200
OK style.css
catiororeflexivo.com/wp-content/themes/mts_sense/ 81 KB
15 KB 1252ms
512ms Stylesheet
text/css 151.80.19.172
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://catiororeflexivo.com/wp-content/themes/mts_sense/style.css

Requested by

Host: 151.80.19.172
URL: https://151.80.19.172/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.80.19.172 Roubaix, France, ASN16276 (OVH, FR),

Reverse DNS

ns395207.ip-151-80-19.eu

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

15c3be02062beb0a05e3b6a27a0fab807a89abebb56159c4ce071f575c335f3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Thu, 01 Sep 2022 10:18:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 08 May 2019 16:11:07 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Frame-Options: SAMEORIGIN
ETag: W/"5cd2ff9b-14499"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/css
Access-Control-Allow-Origin: https://onesignal.com
Cache-Control: max-age=604800
Expires: Thu, 08 Sep 2022 10:18:40 GMT

GET
H/1.1 200
OK owl.carousel.css
catiororeflexivo.com/wp-content/themes/mts_sense/css/ 6 KB
2 KB 1005ms
259ms Stylesheet
text/css 151.80.19.172
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://catiororeflexivo.com/wp-content/themes/mts_sense/css/owl.carousel.css

Requested by

Host: 151.80.19.172
URL: https://151.80.19.172/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.80.19.172 Roubaix, France, ASN16276 (OVH, FR),

Reverse DNS

ns395207.ip-151-80-19.eu

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

758a7ca19e408bc3d912a2d2335c8b290376efa1c3b7e6801b9d147c8a4bd2c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Thu, 01 Sep 2022 10:18:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 08 May 2019 16:11:07 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Frame-Options: SAMEORIGIN
ETag: W/"5cd2ff9b-16d4"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/css
Access-Control-Allow-Origin: https://onesignal.com
Cache-Control: max-age=604800
Expires: Thu, 08 Sep 2022 10:18:40 GMT

GET
H/1.1 200
OK responsive.css
catiororeflexivo.com/wp-content/themes/mts_sense/css/ 13 KB
4 KB 1195ms
241ms Stylesheet
text/css 151.80.19.172
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://catiororeflexivo.com/wp-content/themes/mts_sense/css/responsive.css

Requested by

Host: 151.80.19.172
URL: https://151.80.19.172/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.80.19.172 Roubaix, France, ASN16276 (OVH, FR),

Reverse DNS

ns395207.ip-151-80-19.eu

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

41dc69dcdfb2363b50187f2254508e0b2e66c75a6b779cdbd4b31e8241be7a75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Thu, 01 Sep 2022 10:18:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 08 May 2019 16:11:07 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Frame-Options: SAMEORIGIN
ETag: W/"5cd2ff9b-33a0"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/css
Access-Control-Allow-Origin: https://onesignal.com
Cache-Control: max-age=604800
Expires: Thu, 08 Sep 2022 10:18:40 GMT

GET
H/1.1 200
OK jquery.min.js Show response
catiororeflexivo.com/wp-includes/js/jquery/ 87 KB
31 KB 1448ms
491ms Script
application/javascript 151.80.19.172
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://catiororeflexivo.com/wp-includes/js/jquery/jquery.min.js

Requested by

Host: 151.80.19.172
URL: https://151.80.19.172/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.80.19.172 Roubaix, France, ASN16276 (OVH, FR),

Reverse DNS

ns395207.ip-151-80-19.eu

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Thu, 01 Sep 2022 10:18:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 26 Jul 2021 12:20:10 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Frame-Options: SAMEORIGIN
ETag: W/"60fea87a-15db1"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Access-Control-Allow-Origin: https://onesignal.com
Cache-Control: max-age=604800
Expires: Thu, 08 Sep 2022 10:18:40 GMT

GET
H/1.1 200
OK jquery-migrate.min.js Show response
catiororeflexivo.com/wp-includes/js/jquery/ 11 KB
5 KB 1249ms
256ms Script
application/javascript 151.80.19.172
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://catiororeflexivo.com/wp-includes/js/jquery/jquery-migrate.min.js

Requested by

Host: 151.80.19.172
URL: https://151.80.19.172/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.80.19.172 Roubaix, France, ASN16276 (OVH, FR),

Reverse DNS

ns395207.ip-151-80-19.eu

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Thu, 01 Sep 2022 10:18:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 09 Dec 2020 13:49:07 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Frame-Options: SAMEORIGIN
ETag: W/"5fd0d5d3-2bd8"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Access-Control-Allow-Origin: https://onesignal.com
Cache-Control: max-age=604800
Expires: Thu, 08 Sep 2022 10:18:40 GMT

GET
H/1.1 200
OK front.min.js Show response
catiororeflexivo.com/wp-content/plugins/cookie-notice/js/ 8 KB
3 KB 267ms
264ms Script
application/javascript 151.80.19.172
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://catiororeflexivo.com/wp-content/plugins/cookie-notice/js/front.min.js

Requested by

Host: 151.80.19.172
URL: https://151.80.19.172/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.80.19.172 Roubaix, France, ASN16276 (OVH, FR),

Reverse DNS

ns395207.ip-151-80-19.eu

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

c38bc4d28cb6dd5263a68b3efa74cd5b746f9083484871c54f4cd437c828b40e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Thu, 01 Sep 2022 10:18:41 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 29 Jun 2022 16:14:10 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Frame-Options: SAMEORIGIN
ETag: W/"62bc7a52-20ec"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Access-Control-Allow-Origin: https://onesignal.com
Cache-Control: max-age=604800
Expires: Thu, 08 Sep 2022 10:18:41 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 81ms
38ms Stylesheet
text/css 2404:6800:4004:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Slab:700|Roboto:700|Roboto:normal&subset=latin

Requested by

Host: 151.80.19.172
URL: https://151.80.19.172/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

72ca272c46c22bc22ebe25481f61db119fe9561138fa01ee6a1e1f8a0c235235

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 01 Sep 2022 10:18:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 01 Sep 2022 10:18:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 01 Sep 2022 10:18:39 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/pt_BR/ 3 KB
2 KB 14ms
4ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/sdk.js

Requested by

Host: 151.80.19.172
URL: https://151.80.19.172/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

113d13d907b038b68fcead6af07b63d0e46c2b9361bd87a83d824888c35f5d0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: z15Ce5NcGwpOQbCHnvGqvg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: pnbQg4QQNNG3KeVel19n7natqlVpUQcxrNwnFQ8LmyCXCYeK6eX1J+32AIVfdUq6Cy33A53kve9c+ot4P7m3Kg==
x-fb-trip-id: 382461245
x-fb-content-md5: de0667c4bd1fc19a42ae23af96f965f3
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 01 Sep 2022 10:18:39 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "25eb468797e7dd36ca2ccb350b02fbaf"
timing-allow-origin: *
priority: u=3,i
expires: Thu, 01 Sep 2022 10:23:54 GMT

GET
H/1.1 200
OK WhatsApp-Image-2022-03-10-at-14.26.46-350x230.jpeg
catiororeflexivo.com/wp-content/uploads/2022/03/ 18 KB
19 KB 249ms
245ms Image
image/jpeg 151.80.19.172
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://catiororeflexivo.com/wp-content/uploads/2022/03/WhatsApp-Image-2022-03-10-at-14.26.46-350x230.jpeg

Requested by

Host: 151.80.19.172
URL: https://151.80.19.172/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.80.19.172 Roubaix, France, ASN16276 (OVH, FR),

Reverse DNS

ns395207.ip-151-80-19.eu

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

25f7b49bf2f6697a64f55c567f9b0b365b02ddc41e839670c30a5cbf7d436c31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Thu, 01 Sep 2022 10:18:41 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 18917
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 10 Mar 2022 17:27:16 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "622a34f4-49e5"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://onesignal.com
Cache-Control: max-age=604800
Accept-Ranges: bytes
Expires: Thu, 08 Sep 2022 10:18:41 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 105 KB
41 KB 97ms
48ms Script
application/javascript 2404:6800:4004:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-139911812-1

Requested by

Host: 151.80.19.172
URL: https://151.80.19.172/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:810::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ffb662f784695c0a21cfac247ab11ce0beba8be5f6e80a23b0523f961b4d63d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 10:18:41 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41942
x-xss-protection: 0
last-modified: Thu, 01 Sep 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 01 Sep 2022 10:18:41 GMT

GET
H/1.1 200
OK wpmm.js Show response
catiororeflexivo.com/wp-content/plugins/my-wp-mega-menu/js/ 7 KB
2 KB 257ms
257ms Script
application/javascript 151.80.19.172
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://catiororeflexivo.com/wp-content/plugins/my-wp-mega-menu/js/wpmm.js

Requested by

Host: 151.80.19.172
URL: https://151.80.19.172/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.80.19.172 Roubaix, France, ASN16276 (OVH, FR),

Reverse DNS

ns395207.ip-151-80-19.eu

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

587a306f93a919b463aee21b97f90b6bb099f0e73413f978cd85d4a71d652eef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Thu, 01 Sep 2022 10:18:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 08 May 2019 16:43:57 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Frame-Options: SAMEORIGIN
ETag: W/"5cd3074d-1cd9"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Access-Control-Allow-Origin: https://onesignal.com
Cache-Control: max-age=604800
Expires: Thu, 08 Sep 2022 10:18:40 GMT

GET
H/1.1 200
OK customscript.js Show response
catiororeflexivo.com/wp-content/themes/mts_sense/js/ 8 KB
3 KB 267ms
264ms Script
application/javascript 151.80.19.172
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://catiororeflexivo.com/wp-content/themes/mts_sense/js/customscript.js

Requested by

Host: 151.80.19.172
URL: https://151.80.19.172/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.80.19.172 Roubaix, France, ASN16276 (OVH, FR),

Reverse DNS

ns395207.ip-151-80-19.eu

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

aa027849b4bacc5886dc750859b05b13a2fc02fc5ecf01e94012ba6f40f5c8e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Thu, 01 Sep 2022 10:18:41 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 08 May 2019 16:11:07 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Frame-Options: SAMEORIGIN
ETag: W/"5cd2ff9b-1eac"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Access-Control-Allow-Origin: https://onesignal.com
Cache-Control: max-age=604800
Expires: Thu, 08 Sep 2022 10:18:41 GMT

GET
H/1.1 200
OK owl.carousel.min.js Show response
catiororeflexivo.com/wp-content/themes/mts_sense/js/ 49 KB
14 KB 247ms
246ms Script
application/javascript 151.80.19.172
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://catiororeflexivo.com/wp-content/themes/mts_sense/js/owl.carousel.min.js

Requested by

Host: 151.80.19.172
URL: https://151.80.19.172/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.80.19.172 Roubaix, France, ASN16276 (OVH, FR),

Reverse DNS

ns395207.ip-151-80-19.eu

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

e7d13f9991e15eb8f6d7351a30e06fba891d8b1671f4a9268e3a539f3ac62524

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Thu, 01 Sep 2022 10:18:41 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 08 May 2019 16:11:07 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Frame-Options: SAMEORIGIN
ETag: W/"5cd2ff9b-c2d1"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Access-Control-Allow-Origin: https://onesignal.com
Cache-Control: max-age=604800
Expires: Thu, 08 Sep 2022 10:18:41 GMT

GET
H/1.1 200
OK ajax.js Show response
catiororeflexivo.com/wp-content/themes/mts_sense/js/ 19 KB
7 KB 260ms
260ms Script
application/javascript 151.80.19.172
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://catiororeflexivo.com/wp-content/themes/mts_sense/js/ajax.js

Requested by

Host: 151.80.19.172
URL: https://151.80.19.172/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.80.19.172 Roubaix, France, ASN16276 (OVH, FR),

Reverse DNS

ns395207.ip-151-80-19.eu

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

175b35d83260fc0b54cbc4ac4a046fbcdea118808e4e83598668f33a8c1b1f76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Thu, 01 Sep 2022 10:18:41 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 08 May 2019 16:11:07 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Frame-Options: SAMEORIGIN
ETag: W/"5cd2ff9b-4af4"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Access-Control-Allow-Origin: https://onesignal.com
Cache-Control: max-age=604800
Expires: Thu, 08 Sep 2022 10:18:41 GMT

GET
H2 200 1c41d694-b48a-41e8-aafa-0e701a9eb076 Show response
tags.premiumads.com.br/dfp/ 79 KB
25 KB 44ms
29ms Script
text/javascript 2606:4700:20::ac43:4a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.premiumads.com.br/dfp/1c41d694-b48a-41e8-aafa-0e701a9eb076

Requested by

Host: 151.80.19.172
URL: https://151.80.19.172/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

1fc57f1c482d1b3c5727e99b30882fd8c109feea4a11945211652c7b8322123e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 10:18:41 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 559493
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x0xnguvJprRqPZFbnzgrZq5fN%2FyIcYGthsJnRtqrM8lgMMzPusn52YNZ%2FoKErzLkGvPveHELBLXNNifjz8vhWebYWEngkSZuUefuou7WBJQ8AdIY9pgowK9LDybeNw2dtgXIj9dgpVZlO9cE3UqygmJb31k%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=3600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Thu, 25 Aug 2022 22:53:48 GMT
strict-transport-security: max-age=2592000
cf-ray: 743d4366296280ef-NRT

GET
H/1.1 200
OK /
catiororeflexivo.com/mulher-resgata-com-a-ajuda-de-uma-policial-gatinha-preta-que-estava-presa-em-uma-estrada-e-a-adota/ 0
0 270ms
267ms Other
text/html 151.80.19.172
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://catiororeflexivo.com/mulher-resgata-com-a-ajuda-de-uma-policial-gatinha-preta-que-estava-presa-em-uma-estrada-e-a-adota/
Requested by: Host: 151.80.19.172
URL: https://151.80.19.172/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 151.80.19.172 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS: ns395207.ip-151-80-19.eu
Software: /
Resource Hash

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
catiororeflexivo.com/wp-includes/js/ 18 KB
6 KB 246ms
246ms Script
application/javascript 151.80.19.172
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://catiororeflexivo.com/wp-includes/js/wp-emoji-release.min.js

Requested by

Host: 151.80.19.172
URL: https://151.80.19.172/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.80.19.172 Roubaix, France, ASN16276 (OVH, FR),

Reverse DNS

ns395207.ip-151-80-19.eu

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Thu, 01 Sep 2022 10:18:41 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 27 May 2022 16:49:44 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Frame-Options: SAMEORIGIN
ETag: W/"62910128-48b9"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Access-Control-Allow-Origin: https://onesignal.com
Cache-Control: max-age=604800
Expires: Thu, 08 Sep 2022 10:18:41 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208250101/ 343 KB
121 KB 114ms
112ms Script
text/javascript 2404:6800:4004:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208250101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1376237005157464

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e09788876903d5825f22984156fd9e06a708d4a9d368ce138ce967143a71153d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 10:18:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123438
x-xss-protection: 0
server: cafe
etag: 17967968928128287908
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Sep 2022 10:18:41 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220829/r20190131/ Frame 2CD3 10 KB
5 KB 43ms
3ms Document
text/html 2404:6800:4004:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220829/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1376237005157464

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81e::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://151.80.19.172/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 64572
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 Aug 2022 16:22:27 GMT
etag: 8616628553774171045
expires: Wed, 14 Sep 2022 16:22:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/portaldoanimal-catiororeflexivo/ 343 KB
29 KB 14ms
2ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/portaldoanimal-catiororeflexivo/loader.js
Requested by: Host: 151.80.19.172
URL: https://151.80.19.172/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c7f10334be8b7cad1db5820314348bd0a05cbbcf9cfe0852ceb518534e13558e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id: t5aMB.GLfWNeWFOdz2D4O7KQiHIy.whI
content-encoding: gzip
etag: "cf2991c72d549a156b33a12d2e2de0b5"
age: 45
x-cache: HIT
content-length: 29592
x-amz-id-2: yGV6Wn5jXNoIUCDOQUOkVrkKz90j1u1KkZvq+8D+mFBvoWTSYM+H1M1OSTI4chUylKFP7ZDcd4w=
x-served-by: cache-nrt-rjtf7700032-NRT
last-modified: Wed, 31 Aug 2022 13:46:24 GMT
server: AmazonS3
x-timer: S1662027521.983929,VS0,VE0
date: Thu, 01 Sep 2022 10:18:40 GMT
vary: Accept-Encoding
x-amz-request-id: 6G0JTMREPE8ZSSSZ
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 78
x-cache-hits: 4

GET
H/1.1 200
OK nobg.png
catiororeflexivo.com/wp-content/themes/mts_sense/images/ 68 B
649 B 434ms
243ms Image
image/png 151.80.19.172
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://catiororeflexivo.com/wp-content/themes/mts_sense/images/nobg.png

Requested by

Host: 151.80.19.172
URL: https://151.80.19.172/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.80.19.172 Roubaix, France, ASN16276 (OVH, FR),

Reverse DNS

ns395207.ip-151-80-19.eu

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

01fc92b7704c3e3baaefd2ce87ce17e2ea266a1bb4244f032da25931e9c6fb92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Thu, 01 Sep 2022 10:18:41 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 68
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 08 May 2019 16:11:07 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "5cd2ff9b-44"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Access-Control-Allow-Origin: https://onesignal.com
Cache-Control: max-age=604800
Accept-Ranges: bytes
Expires: Thu, 08 Sep 2022 10:18:41 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/pt_BR/ 304 KB
86 KB 14ms
8ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/sdk.js?hash=07c437236ceed11b126732e53ec7562a

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

995b9fb3959ee9f7f5b7a8fc0e41393de74e533a47f4b0a18e4079779746feb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://151.80.19.172/
Origin: https://151.80.19.172
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: SFMcG7T+9TqQzFummCprGQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 88184
x-fb-rlafr: 0
x-fb-debug: z6cXaJPPgnyep5KNypcqIplnLwPpn3t6lB7pVqDpC4sulMbTaMhjPNwXd1ODuIr2CiPfR6PCOGe7gGN2Gl8jhQ==
x-fb-content-md5: 5804a7e32ac86442576616c5e100c06a
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 01 Sep 2022 10:18:40 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "3f0dc74e8eaf9649fade654a66b4d64f"
timing-allow-origin: *
priority: u=3,i
expires: Fri, 01 Sep 2023 08:54:42 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 48ms
3ms Font
font/woff2 2404:6800:4004:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Slab:700|Roboto:700|Roboto:normal&subset=latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80c::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://151.80.19.172
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 19:32:01 GMT
x-content-type-options: nosniff
age: 53200
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Aug 2023 19:32:01 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 47ms
5ms Font
font/woff2 2404:6800:4004:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Slab:700|Roboto:700|Roboto:normal&subset=latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80c::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://151.80.19.172
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 19:36:05 GMT
x-content-type-options: nosniff
age: 52956
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Aug 2023 19:36:05 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
catiororeflexivo.com/wp-content/plugins/my-wp-mega-menu/fonts/ 75 KB
76 KB 1042ms
519ms Font
application/octet-stream 151.80.19.172
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://catiororeflexivo.com/wp-content/plugins/my-wp-mega-menu/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: catiororeflexivo.com
URL: https://catiororeflexivo.com/wp-content/plugins/my-wp-mega-menu/css/font-awesome.min.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 151.80.19.172 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS: ns395207.ip-151-80-19.eu
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://catiororeflexivo.com/wp-content/plugins/my-wp-mega-menu/css/font-awesome.min.css
Origin: https://151.80.19.172
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Thu, 01 Sep 2022 10:18:41 GMT
Last-Modified: Wed, 08 May 2019 16:43:57 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "5cd3074d-12d68"
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 77160
Expires: Thu, 08 Sep 2022 10:18:41 GMT

GET
H2 200 BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjoa4Omb2Rj.woff2
fonts.gstatic.com/s/robotoslab/v24/ 13 KB
13 KB 38ms
4ms Font
font/woff2 2404:6800:4004:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v24/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjoa4Omb2Rj.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Slab:700|Roboto:700|Roboto:normal&subset=latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80c::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

084c044e1a353a41a04f9c923b418d582f8e8d3a1996053c8e4912a57d158799

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://151.80.19.172
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 04:40:36 GMT
x-content-type-options: nosniff
age: 365885
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12820
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:15:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 28 Aug 2023 04:40:36 GMT

GET
H/1.1 200
OK k-350x230.jpeg
catiororeflexivo.com/wp-content/uploads/2022/03/ 22 KB
23 KB 746ms
510ms Image
image/jpeg 151.80.19.172
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://catiororeflexivo.com/wp-content/uploads/2022/03/k-350x230.jpeg

Requested by

Host: 151.80.19.172
URL: https://151.80.19.172/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.80.19.172 Roubaix, France, ASN16276 (OVH, FR),

Reverse DNS

ns395207.ip-151-80-19.eu

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

c05787027324ab2f8154688e48e168845560abcd3df64c9bb092788a948d7608

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Thu, 01 Sep 2022 10:18:41 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 22657
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 10 Mar 2022 17:21:10 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "622a3386-5881"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://onesignal.com
Cache-Control: max-age=604800
Accept-Ranges: bytes
Expires: Thu, 08 Sep 2022 10:18:41 GMT

GET
H/1.1 200
OK WhatsApp-Image-2022-03-10-at-14.45.35-1-350x230.jpeg
catiororeflexivo.com/wp-content/uploads/2022/03/ 23 KB
23 KB 458ms
245ms Image
image/jpeg 151.80.19.172
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://catiororeflexivo.com/wp-content/uploads/2022/03/WhatsApp-Image-2022-03-10-at-14.45.35-1-350x230.jpeg

Requested by

Host: 151.80.19.172
URL: https://151.80.19.172/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.80.19.172 Roubaix, France, ASN16276 (OVH, FR),

Reverse DNS

ns395207.ip-151-80-19.eu

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

4782e14bc2922c4b1c9da8e4f20cacfe319c11bfb095bdb5b5bd88344e7c4293

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Thu, 01 Sep 2022 10:18:41 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 23414
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 10 Mar 2022 17:46:47 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "622a3987-5b76"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://onesignal.com
Cache-Control: max-age=604800
Accept-Ranges: bytes
Expires: Thu, 08 Sep 2022 10:18:41 GMT

GET
H/1.1 200
OK Design-sem-nome-1-350x230.jpg
catiororeflexivo.com/wp-content/uploads/2022/02/ 21 KB
21 KB 493ms
257ms Image
image/jpeg 151.80.19.172
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://catiororeflexivo.com/wp-content/uploads/2022/02/Design-sem-nome-1-350x230.jpg

Requested by

Host: 151.80.19.172
URL: https://151.80.19.172/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.80.19.172 Roubaix, France, ASN16276 (OVH, FR),

Reverse DNS

ns395207.ip-151-80-19.eu

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

d83d44469cdd7df841b63405b4e8576729f64d3cf152dccf83fb223a65ba5ef5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Thu, 01 Sep 2022 10:18:41 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 21074
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 28 Feb 2022 12:18:03 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "621cbd7b-5252"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://onesignal.com
Cache-Control: max-age=604800
Accept-Ranges: bytes
Expires: Thu, 08 Sep 2022 10:18:41 GMT

GET
H/1.1 200
OK WhatsApp-Image-2022-03-18-at-13.47.32-1-350x230.jpeg
catiororeflexivo.com/wp-content/uploads/2022/03/ 14 KB
15 KB 754ms
518ms Image
image/jpeg 151.80.19.172
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://catiororeflexivo.com/wp-content/uploads/2022/03/WhatsApp-Image-2022-03-18-at-13.47.32-1-350x230.jpeg

Requested by

Host: 151.80.19.172
URL: https://151.80.19.172/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.80.19.172 Roubaix, France, ASN16276 (OVH, FR),

Reverse DNS

ns395207.ip-151-80-19.eu

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

ecefab04fab92a05dee2402ec9b11f08e65ca1192b18abe7fd924541cdedf6f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Thu, 01 Sep 2022 10:18:41 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 14429
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 18 Mar 2022 16:48:02 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "6234b7c2-385d"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://onesignal.com
Cache-Control: max-age=604800
Accept-Ranges: bytes
Expires: Thu, 08 Sep 2022 10:18:41 GMT

GET
H/1.1 200
OK WhatsApp-Image-2022-03-25-at-15.47.05-350x230.jpeg
catiororeflexivo.com/wp-content/uploads/2022/03/ 23 KB
23 KB 684ms
241ms Image
image/jpeg 151.80.19.172
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://catiororeflexivo.com/wp-content/uploads/2022/03/WhatsApp-Image-2022-03-25-at-15.47.05-350x230.jpeg

Requested by

Host: 151.80.19.172
URL: https://151.80.19.172/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.80.19.172 Roubaix, France, ASN16276 (OVH, FR),

Reverse DNS

ns395207.ip-151-80-19.eu

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

3466ba5a141d2a6c6f9f35e2de5cf56273196a931d39a5248f023eb7ee33f5aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Thu, 01 Sep 2022 10:18:41 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 23263
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 25 Mar 2022 18:47:28 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "623e0e40-5adf"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://onesignal.com
Cache-Control: max-age=604800
Accept-Ranges: bytes
Expires: Thu, 08 Sep 2022 10:18:41 GMT

GET
H/1.1 200
OK WhatsApp-Image-2022-03-31-at-09.22.10-350x230.jpeg
catiororeflexivo.com/wp-content/uploads/2022/03/ 21 KB
22 KB 622ms
243ms Image
image/jpeg 151.80.19.172
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://catiororeflexivo.com/wp-content/uploads/2022/03/WhatsApp-Image-2022-03-31-at-09.22.10-350x230.jpeg

Requested by

Host: 151.80.19.172
URL: https://151.80.19.172/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.80.19.172 Roubaix, France, ASN16276 (OVH, FR),

Reverse DNS

ns395207.ip-151-80-19.eu

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

c3b6eb9a3b18afcd07f9c80c473fa6b00a4c0689e91f8b40eb1dd84e2e7ff04c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Thu, 01 Sep 2022 10:18:41 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 21644
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 31 Mar 2022 12:22:54 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "62459d1e-548c"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://onesignal.com
Cache-Control: max-age=604800
Accept-Ranges: bytes
Expires: Thu, 08 Sep 2022 10:18:41 GMT

GET
H/1.1 200
OK 00-23-350x230.jpg
catiororeflexivo.com/wp-content/uploads/2022/07/ 19 KB
19 KB 668ms
245ms Image
image/jpeg 151.80.19.172
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://catiororeflexivo.com/wp-content/uploads/2022/07/00-23-350x230.jpg

Requested by

Host: 151.80.19.172
URL: https://151.80.19.172/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.80.19.172 Roubaix, France, ASN16276 (OVH, FR),

Reverse DNS

ns395207.ip-151-80-19.eu

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

680c561a07ec71710baa5d483d9baed1348a056630d627ce924697567ed20346

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Thu, 01 Sep 2022 10:18:41 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 19266
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 19 Jul 2022 12:06:58 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "62d69e62-4b42"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://onesignal.com
Cache-Control: max-age=604800
Accept-Ranges: bytes
Expires: Thu, 08 Sep 2022 10:18:41 GMT

GET
H/1.1 200
OK 00-22-350x230.jpg
catiororeflexivo.com/wp-content/uploads/2022/07/ 20 KB
21 KB 441ms
242ms Image
image/jpeg 151.80.19.172
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://catiororeflexivo.com/wp-content/uploads/2022/07/00-22-350x230.jpg

Requested by

Host: 151.80.19.172
URL: https://151.80.19.172/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.80.19.172 Roubaix, France, ASN16276 (OVH, FR),

Reverse DNS

ns395207.ip-151-80-19.eu

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

64c64c43b248d3b7cb5226b28fb0623c19c99304b04a769acf3b6dbeb1cd46d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Thu, 01 Sep 2022 10:18:41 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 20810
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 15 Jul 2022 13:41:29 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "62d16e89-514a"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://onesignal.com
Cache-Control: max-age=604800
Accept-Ranges: bytes
Expires: Thu, 08 Sep 2022 10:18:41 GMT

GET
H2 200 impl.20220831-3-RELEASE.js Show response
cdn.taboola.com/libtrc/ 680 KB
141 KB 2ms
2ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20220831-3-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/portaldoanimal-catiororeflexivo/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: c9640eb2befb4938a64076908c70b3e3b72c1af042b031026e8a981d186ccff7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id: 1JDvz_ZoSnAjRGhNysmH_XrtoAgjywOs
content-encoding: br
etag: "d755a28c23177ed7593de1487c2c097b"
age: 5030
x-cache: HIT
content-length: 143823
x-amz-id-2: 0vMuiwo/qV23NsiafBYZD5KORnTm1rfDJMXhLMn8m1n9mPw+5bGtFY46f+lFSqgGz4ioyjLw16s=
x-served-by: cache-nrt-rjtf7700032-NRT
last-modified: Wed, 31 Aug 2022 08:46:36 GMT
server: AmazonS3-br
x-timer: S1662027521.021450,VS0,VE0
date: Thu, 01 Sep 2022 10:18:41 GMT
vary: Accept-Encoding
x-amz-request-id: MYD06PSGDHVGNDVN
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 7
x-cache-hits: 10017

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 92ms
13ms Script
application/javascript 99.84.140.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/portaldoanimal-catiororeflexivo/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.140.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-140-70.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 23:10:08 GMT
content-encoding: gzip
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
server: AmazonS3
age: 40113
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1f847795211a5a70895179ec7900ecf4.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: NRT57-C3
x-amz-cf-id: l_yPTkMn0bMjxmXb00PRq3vU7KPqPXBGmKvkK_jK3FwkFQpJNDkNeA==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 74ms
38ms XHR
text/plain 2404:6800:4004:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=130609017&t=pageview&_s=1&dl=https%3A%2F%2F151.80.19.172%2F&ul=en-us&de=UTF-8&dt=Iti%20malia&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1956298834&gjid=1591023450&cid=1876213142.1662027521&tid=UA-139911812-1&_gid=1421868960.1662027521&_r=1&_slc=1&z=1462085523

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://151.80.19.172/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 10:18:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://151.80.19.172
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 36ms
36ms XHR
text/plain 2404:6800:4004:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=130609017&t=pageview&_s=1&dl=https%3A%2F%2F151.80.19.172%2F&ul=en-us&de=UTF-8&dt=Iti%20malia&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAAC~&jid=1886130424&gjid=1970412112&cid=1876213142.1662027521&tid=UA-139911812-1&_gid=1421868960.1662027521&_r=1&gtm=2ou8t0&z=2059555842

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://151.80.19.172/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 10:18:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://151.80.19.172
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1662027521114&ns_c=UTF-8&c7=https%3A%2F%2F151.80.19.172%2F&c8=Iti%20malia&c9=
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1662027521114&ns_c=UTF-8&c7=https%3A%2F%2F151.80.19.172%2F&c8=Iti%20malia&c9=

0
189 B

232ms
231ms

Image
text/plain

99.84.140.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1662027521114&ns_c=UTF-8&c7=https%3A%2F%2F151.80.19.172%2F&c8=Iti%20malia&c9=
Requested by: Host: 151.80.19.172
URL: https://151.80.19.172/
Protocol: H2
Server: 99.84.140.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-140-70.nrt57.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 10:18:41 GMT
via: 1.1 1f847795211a5a70895179ec7900ecf4.cloudfront.net (CloudFront)
x-amz-cf-pop: NRT57-C3
x-amz-cf-id: Wle489QIJua1zcp6hQOEbtcwJpNOypC6iEAxBBpuv80R3-2hy273Xg==
x-cache: Miss from cloudfront

Redirect headers

location: /b2?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1662027521114&ns_c=UTF-8&c7=https%3A%2F%2F151.80.19.172%2F&c8=Iti%20malia&c9=
date: Thu, 01 Sep 2022 10:18:41 GMT
via: 1.1 1f847795211a5a70895179ec7900ecf4.cloudfront.net (CloudFront)
x-amz-cf-pop: NRT57-C3
content-length: 0
x-amz-cf-id: J480kehFhlzZNxo0Qlui-hT62rz8qqgpEgcuNqM0xFvyu20Xex4taw==
x-cache: Miss from cloudfront

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 385 B
695 B 100ms
43ms Script
text/javascript 142.250.206.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=151.80.19.172&callback=_gfp_s_&client=ca-pub-1376237005157464&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208250101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.206.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

b39a61bc0882cdde30696b436b45ca87edfd2f520df554a13664f5dca000f0d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 10:18:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 251
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.jp/adsid/ 107 B
792 B 92ms
38ms Script
application/javascript 2404:6800:4004:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/adsid/integrator.js?domain=151.80.19.172

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208250101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81d::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Sep 2022 10:18:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 94ms
41ms Script
application/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=151.80.19.172

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208250101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Sep 2022 10:18:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0376 603 B
67 B 95ms
52ms Document
text/html 2404:6800:4004:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1376237005157464&output=html&adk=318159125&adf=2184669829&lmt=1662027521&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2F151.80.19.172%2F&ea=0&pra=5&wgl=1&easpf=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=0&asnd=0&asnp=0&asns=0&asmat=1&asptt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662027519587&bpp=1388&bdt=123&idt=1592&shv=r20220829&mjsv=m202208250101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4218617508953&frm=20&pv=2&ga_vid=1876213142.1662027521&ga_sid=1662027521&ga_hid=130609017&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44770880&oid=2&pvsid=2430671410330663&tmod=1761749473&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1607

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208250101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81e::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://151.80.19.172/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 01 Sep 2022 10:18:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pbjs-min.js Show response
tags.premiumads.com.br/scripts/ 329 KB
97 KB 19ms
19ms Script
application/javascript 2606:4700:20::ac43:4a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20220810

Requested by

Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/dfp/1c41d694-b48a-41e8-aafa-0e701a9eb076

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

c952122cfdbe7e35ab243b1b609f4361281ec0c3caef8112a15b6d3d9a536e4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 10:18:41 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
last-modified: Tue, 23 Aug 2022 15:18:22 GMT
server: cloudflare
age: 563670
x-powered-by: ASP.NET
etag: W/"1d8b70394fa97f2"
strict-transport-security: max-age=2592000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O8mbS%2FUWwXPmq%2FPzDM4K3fsD2ORLSUlJCtpkZaQNX%2B8UFMYmGnZJEVWG6%2BIdMZfrzpGOzbA9bSvQZzAW1VwB%2FBmws%2Ft3W4pGQkqNIM6JHZyoMHifMAqqKRMY2rXihlHovEcNP%2BlJkoqf9UGaR4hKBMSQk9s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 743d43678c4b80ef-NRT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 83 KB
28 KB 121ms
82ms Script
text/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/dfp/1c41d694-b48a-41e8-aafa-0e701a9eb076

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f3260a1f0f720afd266558464f361401039069c49b7d9e0268ebd7e7b71c201

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 10:18:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28483
x-xss-protection: 0
server: sffe
etag: "1320 / 600 of 1000 / last-modified: 1662021963"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 01 Sep 2022 10:18:41 GMT

GET
H2 200 p_icons_3.png
tags.premiumads.com.br/Content/ 12 KB
12 KB 10ms
9ms Image
image/png 2606:4700:20::ac43:4a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tags.premiumads.com.br/Content/p_icons_3.png

Requested by

Host: 151.80.19.172
URL: https://151.80.19.172/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

bcd71666ea63d4a00969b970c9cdba3cd15b06b53bc84e96df351324c6cd6c5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 10:18:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 563787
x-powered-by: ASP.NET
strict-transport-security: max-age=2592000
content-length: 12013
last-modified: Tue, 23 Aug 2022 15:18:22 GMT
server: cloudflare
etag: "1d8b70394ff9ded"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j3rITltGYzK27W5wwD6PAIdwFrZCJrZGQmeJYuxkC1b7J65dRkdADslSzAIasdls0ZnuKAcTiYorrcxFvSKmCEBbgEqK1wH2iPd%2FqUHUlFP6igD%2FLJnEFFu%2B6PcbpYEzg%2FA80LVfbsvnKP1w%2FpurnRPHgcY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 743d43678c5480ef-NRT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25a5de68d390f7c0ee9384f03a6f087c66bc3b6eb37c37f7351735770183017f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK WhatsApp-Image-2022-03-10-at-14.26.46-1110x550.jpeg
catiororeflexivo.com/wp-content/uploads/2022/03/ 85 KB
86 KB 541ms
257ms Image
image/jpeg 151.80.19.172
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://catiororeflexivo.com/wp-content/uploads/2022/03/WhatsApp-Image-2022-03-10-at-14.26.46-1110x550.jpeg

Requested by

Host: catiororeflexivo.com
URL: https://catiororeflexivo.com/wp-content/themes/mts_sense/js/owl.carousel.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.80.19.172 Roubaix, France, ASN16276 (OVH, FR),

Reverse DNS

ns395207.ip-151-80-19.eu

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

f535f19096cc29be2fa3c760b5b821d292f84107232b4f56cd465b551992d708

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Thu, 01 Sep 2022 10:18:41 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 87430
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 10 Mar 2022 17:27:16 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "622a34f4-15586"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://onesignal.com
Cache-Control: max-age=604800
Accept-Ranges: bytes
Expires: Thu, 08 Sep 2022 10:18:41 GMT

GET
H3 200 pubads_impl_2022082501.js Show response
securepubads.g.doubleclick.net/gpt/ 380 KB
129 KB 41ms
3ms Script
text/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aad48e612efa9d7364a3ad0e06aaa0d46320b7a57cc13697a8997ee9ef7c9101

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 01:57:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 116500
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132254
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 08:41:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 31 Aug 2023 01:57:01 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 35 B
73 B 78ms
38ms XHR
application/json 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=151.80.19.172

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d3c81763d3d77176f843f1bf7e5caaae025d504f9d1b351ed0363936bcb1708f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Sep 2022 10:18:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49
x-xss-protection: 0
expires: Thu, 01 Sep 2022 10:18:41 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 260 B
1 KB 295ms
73ms XHR
application/json 103.43.90.54
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20220810

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

103.43.90.54 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

ad94d40aa25d3f096e20770adef39f3954c5c065e0250bb9c9eb18284408c537

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://151.80.19.172/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 01 Sep 2022 10:18:41 GMT
X-Proxy-Origin: 217.138.252.184; 217.138.252.184; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 167205d3-b3b0-409e-b25b-e428b1940425
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://151.80.19.172
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 260
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
410 B 720ms
548ms XHR
application/json 139.99.49.250
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20220810

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),

Reverse DNS

ip250.ip-139-99-49.net

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://151.80.19.172/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
access-control-allow-headers: content-type, origin, referer, user-agent
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://151.80.19.172
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 41

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 260 B
1 KB 293ms
73ms XHR
application/json 103.43.90.54
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20220810

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

103.43.90.54 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

3205db13206b5e6da5d784d2e0c0a990e5084ecbdb500e06b2136eb612b5b39d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://151.80.19.172/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 01 Sep 2022 10:18:41 GMT
X-Proxy-Origin: 217.138.252.184; 217.138.252.184; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 507ef279-718a-4ff1-bf5f-240c8a48270e
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://151.80.19.172
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 260
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
311 B 196ms
106ms XHR
application/json 182.161.74.18
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.9.0&cb=99528169743&lsavail=0

Requested by

Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20220810

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://151.80.19.172/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 01 Sep 2022 10:18:40 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://151.80.19.172
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
335 B 823ms
218ms XHR
application/json 185.86.138.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20220810
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://151.80.19.172/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 10:18:41 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://151.80.19.172
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
335 B 1745ms
1119ms XHR
application/json 185.86.138.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20220810
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://151.80.19.172/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 10:18:42 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://151.80.19.172
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
505 B 509ms
298ms XHR
application/json 54.179.139.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.9.0&referrer=https%3A%2F%2Fcatiororeflexivo.com%2F&tmax=2500

Requested by

Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20220810

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.179.139.189 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-179-139-189.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://151.80.19.172/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 10:18:41 GMT
accept-ch: sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://151.80.19.172
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 89ms
50ms XHR
application/json 2404:6800:4004:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220829&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208250101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6242e1e45c81061235a65c8caa8fae0010ce5ad03fe30abd47d4739a4e72195c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Sep 2022 10:18:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10896
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 171ms
127ms Script
text/javascript 2404:6800:4004:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208250101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 10:18:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 01 Sep 2022 10:18:42 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 05E4 13 KB
5 KB 46ms
3ms Document
text/html 2404:6800:4004:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://151.80.19.172/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 106721
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 31 Aug 2022 04:40:01 GMT
expires: Thu, 31 Aug 2023 04:40:01 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame CA17 783 B
1 KB 82ms
39ms Document
text/html 2404:6800:4004:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c7cf27ad9653e623c7945a8986dbfb22ee3724b2d8f8e5b322068534c9f6cec0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-TjJqdAT41UcI7ueN9E7mvA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://151.80.19.172/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-TjJqdAT41UcI7ueN9E7mvA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 01 Sep 2022 10:18:42 GMT
expires: Thu, 01 Sep 2022 10:18:42 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 OjkVMSBLCKffYYJCcR1sndQZ2h8-FW78sMeE84aZbRQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 05E4 36 KB
16 KB 4ms
3ms Script
text/javascript 2404:6800:4004:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OjkVMSBLCKffYYJCcR1sndQZ2h8-FW78sMeE84aZbRQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a391531204b08a7df618242711d6c9dd419da1f3e156efcb0c784f386996d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 00:54:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 379457
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15855
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 11:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 28 Aug 2023 00:54:25 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame CA17 0
0 39ms
38ms Image
text/html 2404:6800:4004:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220829&jk=2430671410330663&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:81f::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 05E4 0
10 B 3ms
3ms Image
text/plain 2404:6800:4004:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?pOhE1g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 10:18:42 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 integrator.js Show response
adservice.google.co.jp/adsid/ 107 B
122 B 84ms
44ms Script
application/javascript 2404:6800:4004:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/adsid/integrator.js?domain=151.80.19.172

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81e::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Sep 2022 10:18:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 75ms
38ms Script
application/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=151.80.19.172

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Sep 2022 10:18:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
379 B 70ms
70ms XHR
text/plain 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2430671410330663&correlator=4193476778932106&eid=31069230%2C44742767&output=ldjh&gdfp_req=1&vrg=2022082501&ptt=17&impl=fifs&iu_parts=75894840%3A22485948017%2CCATIORO_REFLEXIVO_FLEX%2CCATIORO_REFLEXIVO_HEADERSTICKY&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=120x600%2C970x90%7C728x90%7C1600x90&ifi=2&adks=2034309099%2C1413480954&sfv=1-0-38&fsbs=1%2C1&fsapi=false&prev_scp=data_type%3Dflex%26pp_loop%3D00%7Cdata_type%3Danchor%26pp_sticky%3Dtop%26pp_loop%3D00%26pp_pb%3D0.30&cust_params=url%3Dcatiororeflexivo.com%26categoria%3Dhome&sc=1&cookie_enabled=1&abxe=1&dt=1662027523252&lmt=1662027523&dlt=1662027519463&idt=1982&adxs=-135%2C315&adys=315%2C-120&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2F151.80.19.172%2F&frm=20&vis=1&psz=150x-1%7C1600x-1&msz=120x-1%7C1600x-1&fws=516%2C516&ohw=1600%2C1600&ga_vid=1876213142.1662027521&ga_sid=1662027521&ga_hid=130609017&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2a06f6d622469d840589f0d731587a21483e320fd95533190deeca7d4c13ef5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 10:18:43 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 348
x-xss-protection: 0
google-lineitem-id: -2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://151.80.19.172
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
f7b9189fc07fcd3f160b6dfc4ec31f66.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3593 6 KB
4 KB 252ms
43ms Document
text/html 2404:6800:4004:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f7b9189fc07fcd3f160b6dfc4ec31f66.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://151.80.19.172/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 01 Sep 2022 10:18:43 GMT
expires: Fri, 01 Sep 2023 10:18:43 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 41ms
41ms Image
text/html 2404:6800:4004:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220829&jk=2430671410330663&bg=!vr2lvfnNAAaXrHhMt6w7ACkAdvg8Ws5lOcJT5Uor2O9ynNreGr0I_MwX-gSPnlHyza_Zhgt0wdrpAQIAAABTUgAAAAJoAQeZApIbbDG_BLuojTsr7gmrLUcCGdj7Rqbj0OeEabWOn9P3aLeoqritFfEk6mq3kz8sBMpnHOxtUaFO9hGcXucG86HkfHW00cnZ795W_M1-T0dIpWVxcmCV9jS0iMf30Hy3w9d3o03-qmsx4LWdHL4FOalMLbdd_OmIT950rFyFUcSOeDihOIUdMFCggiFjHMsnBKbOe63SSpUbGxl_jvqpsb2nyfSXERqq3-6wrPmCBpRDI6KrBkiu5M4VNf3qxzEvPIDyfXXOQINv-TAlaRMkuDxkMw27gfYbVYO5uGd1LDz9Tz_NVEpokvPMDbe_AlszpyyKZMBR6l0hzhsY5hxS6skNgZcT1uLKUE6ZT5CF0dbLawU9adtSOi0MId3vBbisg5mruVbFsInLPLp9puuggGZEmtOGJAcqj7DJKy4V4xgsClch9Pwyb_gKmCkcnWXiL4I9DmqsTlxct7AQoLQft06vImTk8V0sx_rFWGbkq1nYCtqXbQicDR6YboTv7r8wmvOEskRQ7YcDEAzX8_hYxDREEe4xWN1Bzwkt_FAASYAc9LOuBHYmKm_7QLNFGD_uRI_Fcy7VtdJMWwkgvt9KpUDvReq6DjHjmEn2Okg6UwzkoV96jp29vGZ5OnCZcFzXqZfoHOAfmwj4bIFmK10cxP3FsIpmrwOuiO1yHZgdaw0tdm-maAbsuNFVy1Og5Vk2SZ980tuDJMQPIn7M25ueVE1t-ayFfhzu7CGDqxa09T8NNTUdPxZ9uPTLfqcLmwxXDQrD1B1LukXy-2jzxQbhKQ_qRCp6n5_XQ0x1tYtAyeta3cuT_8iUbTqYvrZhjDQwGwC_EitrXl03Pw0st51ttqtlG5ibHYjKiTFZsEcLBhCIh0qX
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:81f::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

GET
H2 200 publishertag.prebid.123.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 14ms
7ms Script
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.123.js

Requested by

Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20220810

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 10:18:43 GMT
content-encoding: gzip
last-modified: Tue, 03 May 2022 11:21:03 GMT
server: nginx
etag: W/"6271101f-15b58"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 02 Sep 2022 10:18:43 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 0D3E 15 KB
6 KB 14ms
5ms Document
text/html 2406:2600:4::b
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=151.80.19.172

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

a4341c4c513889841887be579831125200a94753a15e19bec0252a8569b3a931

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://151.80.19.172/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 01 Sep 2022 10:18:43 GMT
server: Kestrel
server-processing-duration-in-ticks: 342963
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 13ms
6ms XHR
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

d91c38797a4f40c02b517763adb6b8d25ca0d0af244856025ecc3543b8540679

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 10:18:44 GMT
content-encoding: gzip
last-modified: Tue, 23 Aug 2022 00:22:08 GMT
server: nginx
etag: W/"63041db0-15cdc"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 02 Sep 2022 10:18:44 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 0D3E
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=151.80.19.172&sn=ChromeSyncframe&so=0&topUrl=151.80.19.172&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=uZVKy3wzYnZ1eng1Um4zU1lpaU1ER0k5aS9oRERVUmpYWjhpcEFUQ01FYlc2Qk5KSFVhZjhCWXhZRlFwKzlyMmxEK2ErN1BtVm9EaVFkaWVaQmVkWXBtOGhpZWloR3RnZjl4Z0RCWVJWVVhUTWhpUHJWL2NtT0ZTeG9mMz...

425 B
647 B

8ms
3ms

Fetch
application/json

182.161.74.11
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=uZVKy3wzYnZ1eng1Um4zU1lpaU1ER0k5aS9oRERVUmpYWjhpcEFUQ01FYlc2Qk5KSFVhZjhCWXhZRlFwKzlyMmxEK2ErN1BtVm9EaVFkaWVaQmVkWXBtOGhpZWloR3RnZjl4Z0RCWVJWVVhUTWhpUHJWL2NtT0ZTeG9mMzZLZk56ZkFBdk04b01qd0F6WUZhSmF3MVA5MnhqQ1paMGVLSVBmM2hUd3BjTzVDSHYxNVp1TXhyZEl5UXRORzRBU2xkUTNtS0lrL0hsbVFXbWgrVlZUL3ZxMlo3cDZCZnA5Sm9IZ1FSUnhyaHpDY3FtRXIwV2p1Z2RCWHZnK0R6NlJCNUhwWHlSSUREK0grUG5wamV5M1Mzbm9reWx5QT09fA&cppv=2

Protocol

Server

182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

668eea05ac46c1458d509ffb8c48925fb866b3556a83acf5d7de3fca7d07f77e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 10:18:43 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1261227
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 01 Sep 2022 10:18:43 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
location: https://mug.criteo.com/sid?cpp=uZVKy3wzYnZ1eng1Um4zU1lpaU1ER0k5aS9oRERVUmpYWjhpcEFUQ01FYlc2Qk5KSFVhZjhCWXhZRlFwKzlyMmxEK2ErN1BtVm9EaVFkaWVaQmVkWXBtOGhpZWloR3RnZjl4Z0RCWVJWVVhUTWhpUHJWL2NtT0ZTeG9mMzZLZk56ZkFBdk04b01qd0F6WUZhSmF3MVA5MnhqQ1paMGVLSVBmM2hUd3BjTzVDSHYxNVp1TXhyZEl5UXRORzRBU2xkUTNtS0lrL0hsbVFXbWgrVlZUL3ZxMlo3cDZCZnA5Sm9IZ1FSUnhyaHpDY3FtRXIwV2p1Z2RCWHZnK0R6NlJCNUhwWHlSSUREK0grUG5wamV5M1Mzbm9reWx5QT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 356309
content-length: 0
expires: 0

GET
H2 200 universal.min.js Show response
tag.navdmp.com/ 14 KB
5 KB 243ms
15ms Script
application/javascript 2606:4700::6810:df3

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/universal.min.js
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/dfp/1c41d694-b48a-41e8-aafa-0e701a9eb076
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:df3 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: d257a75764e746d9a1aafb79d8e47744cb44ee1af115ab2adbd0012c69cf676c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 10:18:46 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 17 May 2022 12:22:37 GMT
server: cloudflare
age: 3239
etag: W/"6283938d-3671"
vary: Accept-Encoding
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 743d43883dc1afe2-NRT
content-type: application/javascript
expires: Thu, 01 Sep 2022 10:24:47 GMT

GET
H2 200 tag.js Show response
a.teads.tv/analytics/ 19 KB
5 KB 231ms
3ms Script
text/javascript 23.45.57.118

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/analytics/tag.js
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/dfp/1c41d694-b48a-41e8-aafa-0e701a9eb076
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.57.118 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f70a708909ea0e41d9ff70cc101e8ca4a5391ffb134ce3a98b0f5e42d7cb72b4

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
x-amz-version-id: MY2axGObrvZwSiP12Z8xf0lYd1yv3MC2
content-encoding: br
last-modified: Mon, 22 Aug 2022 09:28:26 GMT
x-amz-request-id: AKCAJN3BMHBRPH8C
etag: "b86fb801339e9f7d8ee05180f9a8320b"
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: private, max-age=3600
date: Thu, 01 Sep 2022 10:18:46 GMT
accept-ranges: bytes
content-length: 4822
x-amz-id-2: qOELyV+cyJum5V44H3nHimPDOnSqA7RljBg2c972OfSANLAf7wnV/maQukskMMiLEEGzxNXwGfg=

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fcatiororeflexivo.com%2F&domain=151.80.19.172&cw=1&pbt=1&lsw=1
https://mug.criteo.com/sid?cpp=GYXhv3xkTlBuZENsL1IvSkFhMDE0cmpreVp3MnFFYk9HdHNJVGNXMk5lMVdWSWRDTmNmUUV5VWZxWTR4THQ5cmpOODkzYWkydUVIVWlkRGNwQkFRWFFHenhmdHpuK29PMC9obXBMYXR1elBQU1NpNmdoL25qek5VUTdUbH...

454 B
714 B

3ms
3ms

XHR
application/json

182.161.74.11
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=GYXhv3xkTlBuZENsL1IvSkFhMDE0cmpreVp3MnFFYk9HdHNJVGNXMk5lMVdWSWRDTmNmUUV5VWZxWTR4THQ5cmpOODkzYWkydUVIVWlkRGNwQkFRWFFHenhmdHpuK29PMC9obXBMYXR1elBQU1NpNmdoL25qek5VUTdUbHQ0YVBSUzhGVDBKWHdjMW5sc3VoSVlqVDJyeHF2Mytrb1FMZWVaOUwrZzdhNFhBU3lnOTMyZnRmOTk1VWZya1o1K3lhN2UxYVRjS1VTbkEveEtLZUd5ZXRpcWxJRWxqdkIwY0oyVjNzaWoxb050VFVQQ0hvdHdXbzRhaW1tL2VxY1YwL2N3QmtTN29JYkpDYmpMWlJqNXZobVJOaFkyUzZRTzVxVmFPeEZCMVRNRm9xbWgvWXBBMVdvOTBuR3N3dXdvYmZLTmxKeHw&cppv=2

Protocol

Server

182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

8d9ab8bd9897c1a05f6692c32fff293175667c58dc34a37f824245f8a63b4689

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 10:18:46 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1102593
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 01 Sep 2022 10:18:45 GMT
server: Kestrel
location: https://mug.criteo.com/sid?cpp=GYXhv3xkTlBuZENsL1IvSkFhMDE0cmpreVp3MnFFYk9HdHNJVGNXMk5lMVdWSWRDTmNmUUV5VWZxWTR4THQ5cmpOODkzYWkydUVIVWlkRGNwQkFRWFFHenhmdHpuK29PMC9obXBMYXR1elBQU1NpNmdoL25qek5VUTdUbHQ0YVBSUzhGVDBKWHdjMW5sc3VoSVlqVDJyeHF2Mytrb1FMZWVaOUwrZzdhNFhBU3lnOTMyZnRmOTk1VWZya1o1K3lhN2UxYVRjS1VTbkEveEtLZUd5ZXRpcWxJRWxqdkIwY0oyVjNzaWoxb050VFVQQ0hvdHdXbzRhaW1tL2VxY1YwL2N3QmtTN29JYkpDYmpMWlJqNXZobVJOaFkyUzZRTzVxVmFPeEZCMVRNRm9xbWgvWXBBMVdvOTBuR3N3dXdvYmZLTmxKeHw&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
access-control-allow-origin: https://151.80.19.172
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 360246
content-length: 0
expires: 0

GET
H2

200

sync Show response
eb2.3lift.com/ Frame BBF6
Redirect Chain

https://eb2.3lift.com/sync?
https://eb2.3lift.com/sync?&ld=1

1 KB
1 KB

81ms
81ms

Document
text/html

52.223.2.229

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?&ld=1
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20220810
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.2.229 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 089317e809038750b86577a72ac29b73122643d63e9f9c1bde505ce530750386

Request headers

Referer: https://151.80.19.172/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 456
content-type: text/html; charset=utf-8
date: Thu, 01 Sep 2022 10:18:46 GMT
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Thu, 01 Sep 2022 10:18:46 GMT
location: /sync?&ld=1
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame C6D9 2 KB
863 B 316ms
234ms Document
text/html 139.99.49.250
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1662027522184

Requested by

Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20220810

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),

Reverse DNS

ip250.ip-139-99-49.net

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://151.80.19.172/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
content-type: text/html
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame E937 52 KB
17 KB 10ms
2ms Document
text/html 151.101.65.108

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20220810
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 -, , ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://151.80.19.172/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 19815
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Thu, 01 Sep 2022 10:18:46 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 03 Aug 2022 04:41:10 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 3, 116110
X-Served-By: cache-lga21975-LGA, cache-nrt-rjtf7700020-NRT
X-Timer: S1662027526.441748,VS0,VE0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 8ms
3ms Preflight
application/json 2406:2600:4::b
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fcatiororeflexivo.com%2F&domain=151.80.19.172&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://151.80.19.172
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://151.80.19.172
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 01 Sep 2022 10:18:46 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 290442
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 6ms
2ms Preflight
application/json 182.161.74.11
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 01 Sep 2022 10:18:45 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 279652
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 200
OK fpc Show response
at.teads.tv/ 56 B
393 B 30ms
13ms XHR
text/plain 23.45.61.118

General

Check archive.org

Show headers Download Go to

Full URL: https://at.teads.tv/fpc?analytics_tag_id=PUB_13576&tfpvi=&gdpr_status=22&gdpr_reason=220&gdpr_consent=&ccpa_consent=&shared_ids=&sv=4f65ebf&
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/analytics/tag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.61.118 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8aa9b777c790990193ef317b3f3990af87137befb85133229dc56cf94fee139d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Sep 2022 10:18:46 GMT
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: https://151.80.19.172
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 56
Expires: Thu, 01 Sep 2022 10:18:46 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame E937 0
746 B 72ms
71ms Script
text/html 103.43.90.54
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

103.43.90.54 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Sep 2022 10:18:46 GMT
X-Proxy-Origin: 217.138.252.184; 217.138.252.184; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
AN-X-Request-Uuid: bfaeb735-91e5-4837-9df5-8ae7ceec99db
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 46575 Show response
tag.navdmp.com/u/ 497 B
475 B 295ms
294ms Script
application/javascript 2606:4700::6810:df3

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/u/46575
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:df3 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 27f6c8c22d2d9d2f7483a241cd3197bb47761032845bdd1c28cc0e2713484af3

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 10:18:46 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 26 Aug 2022 15:00:58 GMT
server: cloudflare
etag: W/"6308e02a-1f1"
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 743d43886e13afe2-NRT
content-type: application/javascript
expires: Thu, 01 Sep 2022 11:18:46 GMT

GET
H2 200 usr Show response
usr.navdmp.com/ 359 B
453 B 301ms
301ms Script
application/javascript 2606:4700::6810:df3

General

Check archive.org

Show headers Download Go to

Full URL: https://usr.navdmp.com/usr?v=7&acc=46575&u=1&new=1&wst=0&wct=1&wla=1
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:df3 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: ca7a374b58b0b1370dc4b7b5e64dac156a53e5bcf82fddd5f9e929058f5dfa77

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: public
date: Thu, 01 Sep 2022 10:18:47 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 743d438a49e2afe2-NRT
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: max-age=3600
act: f0
content-type: application/javascript
expires: Thu, 01 Sep 2022 11:18:46 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame BBF6
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?mid=3658&xuid=e046d939-abcf-4dbc-b36b-8f51da03de29&dongle=0cfd

37 B
354 B

74ms
74ms

Image
image/gif

52.223.2.229

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3658&xuid=e046d939-abcf-4dbc-b36b-8f51da03de29&dongle=0cfd
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 52.223.2.229 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 10:18:47 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Thu, 01 Sep 2022 10:18:46 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://eb2.3lift.com/xuid?mid=3658&xuid=e046d939-abcf-4dbc-b36b-8f51da03de29&dongle=0cfd
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 209

GET
H2

200

ebda
eb2.3lift.com/ Frame BBF6
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTM3NTQ5ODEyMTIzMDYwMDUzOTE0OQ%3D%3D
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=

37 B
139 B

78ms
78ms

Image
image/gif

52.223.2.229

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 52.223.2.229 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 10:18:47 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 01 Sep 2022 10:18:47 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 248
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame BBF6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEBnER5z3ZiYwenh8Dfks5nM&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1

37 B
354 B

79ms
79ms

Image
image/gif

52.223.2.229

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEBnER5z3ZiYwenh8Dfks5nM&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 52.223.2.229 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 10:18:47 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Thu, 01 Sep 2022 10:18:47 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEBnER5z3ZiYwenh8Dfks5nM&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame BBF6
Redirect Chain

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTM3NTQ5ODEyMTIzMDYwMDUzOTE0OQ%3D%3D

170 B
243 B

38ms
38ms

Image
image/png

142.250.207.34

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTM3NTQ5ODEyMTIzMDYwMDUzOTE0OQ%3D%3D

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1

Protocol

Server

142.250.207.34 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 10:18:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTM3NTQ5ODEyMTIzMDYwMDUzOTE0OQ%3D%3D
date: Thu, 01 Sep 2022 10:18:46 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

/
p.adsymptotic.com/d/px/ Frame BBF6
Redirect Chain

https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1375498121230600539149&dbredirect=true&gdpr=0&consent=
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1375498121230600539149&dbredirect=true&gdpr=0&consent=&cookiesTest=true
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=a669b71c-fdce-465d-b3b2-da0a7e8c9acc&_noobservation=1
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=a669b71c-fdce-465d-b3b2-da0a7e8c9acc&_noobservation=1&_expected_cookie=7c7535d...

43 B
141 B

82ms
82ms

Image
image/gif

104.18.100.194

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=a669b71c-fdce-465d-b3b2-da0a7e8c9acc&_noobservation=1&_expected_cookie=7c7535d4ee78d7b62751e68c9c057a1e
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 104.18.100.194 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

p3p: CP='NON DSP COR CONi OUR BUS CNT'
date: Thu, 01 Sep 2022 10:18:47 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 743d438e1ff3341a-NRT
content-length: 43
content-type: image/gif

Redirect headers

location: https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=a669b71c-fdce-465d-b3b2-da0a7e8c9acc&_noobservation=1&_expected_cookie=7c7535d4ee78d7b62751e68c9c057a1e
date: Thu, 01 Sep 2022 10:18:47 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 743d438d8ecf341a-NRT
content-length: 0

GET
H2

200

xuid
eb2.3lift.com/ Frame BBF6
Redirect Chain

https://x.bidswitch.net/sync?ssp=triplelift&user_id=1375498121230600539149&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=triplelift&user_id=1375498121230600539149&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=triplelift
https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=triplelift
https://x.bidswitch.net/sync?dsp_id=70&user_id=3148850214003650296&ssp=triplelift
https://eb2.3lift.com/xuid?mid=2409&xuid=a43714df-0573-4619-b705-82e85486dbb2&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=

37 B
354 B

75ms
75ms

Image
image/gif

52.223.2.229

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2409&xuid=a43714df-0573-4619-b705-82e85486dbb2&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 52.223.2.229 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 10:18:47 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location: //eb2.3lift.com/xuid?mid=2409&xuid=a43714df-0573-4619-b705-82e85486dbb2&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date: Thu, 01 Sep 2022 10:18:47 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 200 c.gif
c.bing.com/ Frame BBF6 42 B
667 B 71ms
35ms Image
image/gif 2620:1ec:c11::200

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?xid=1375498121230600539149&Red3=TLMS_pd
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 -, , ASN (),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 10:18:46 GMT
etag: "6fa9befc56b2d81:0"
last-modified: Wed, 17 Aug 2022 16:32:48 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 81BE65D867994F2CB1DD88D99EC04214 Ref B: TYO01EDGE3222 Ref C: 2022-09-01T10:18:46Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

GET
H2

200

xuid
eb2.3lift.com/ Frame BBF6
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/triplelift/1375498121230600539149?gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2662&xuid=y-j98dsjZE2oRqCsP6.g.1a5DXQeEeeb3bhqHjUYk5dA--~A&dongle=0883

37 B
354 B

73ms
72ms

Image
image/gif

52.223.2.229

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2662&xuid=y-j98dsjZE2oRqCsP6.g.1a5DXQeEeeb3bhqHjUYk5dA--~A&dongle=0883
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 52.223.2.229 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 10:18:47 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Thu, 01 Sep 2022 10:18:47 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://eb2.3lift.com/xuid?mid=2662&xuid=y-j98dsjZE2oRqCsP6.g.1a5DXQeEeeb3bhqHjUYk5dA--~A&dongle=0883
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
content-length: 0
x-content-type-options: nosniff

GET 757c0557066e95cfd4c7
s.amazon-adsystem.com/x/ Frame BBF6 0
0

GET triplelift
b1sync.zemanta.com/usersync/ Frame BBF6 0
0

GET
H2 200 req Show response
cdn.navdmp.com/ 6 B
77 B 152ms
150ms Script
application/x-javascript 2606:4700::6810:df3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.navdmp.com/req?v=7&id=115065e6c37e54295bf1cf731c10%7C0&acc=46575&tit=Iti%2520malia&url=https%253A%2F%2F151.80.19.172%2F&upd=1&new=1&h1=Catioro%2520Reflexivo
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:df3 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 10:18:47 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 743d438c2e71afe2-NRT
content-length: 6
content-type: application/x-javascript

GET
H2

200

sync Show response
sync2.navdmp.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=74363299523
https://sync2.navdmp.com/sync?prtid=2&id=74363299523&google_gid=CAESED6BEPrK9wF0h-7mVcoLL-M&google_cver=1

6 B
57 B

296ms
295ms

Script
application/javascript

2606:4700::6810:df3

General

Check archive.org

Show headers Download Go to

Full URL: https://sync2.navdmp.com/sync?prtid=2&id=74363299523&google_gid=CAESED6BEPrK9wF0h-7mVcoLL-M&google_cver=1
Protocol: H2
Server: 2606:4700::6810:df3 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 10:18:47 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 743d438caf68afe2-NRT
content-length: 6
content-type: application/javascript

Redirect headers

pragma: no-cache
date: Thu, 01 Sep 2022 10:18:47 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync2.navdmp.com/sync?prtid=2&id=74363299523&google_gid=CAESED6BEPrK9wF0h-7mVcoLL-M&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync
sync.navdmp.com/
Redirect Chain

https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D
https://sync.navdmp.com/sync?img=1&mdia=23716310-8707-4300-8e6c-3c8ae4261e38

43 B
129 B

157ms
156ms

Image
image/gif

2606:4700::6810:df3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.navdmp.com/sync?img=1&mdia=23716310-8707-4300-8e6c-3c8ae4261e38
Protocol: H2
Server: 2606:4700::6810:df3 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 10:18:47 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
cf-ray: 743d438c6ee1afe2-NRT
content-length: 43
content-type: image/gif

Redirect headers

Date: Thu, 01 Sep 2022 10:18:47 GMT
Server: MT3 4505 5b23575 master nrt-pixel-x4 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://sync.navdmp.com/sync?img=1&mdia=23716310-8707-4300-8e6c-3c8ae4261e38
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Thu, 01 Sep 2022 10:18:46 GMT

GET
H2

200

sync
sync.navdmp.com/
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=NAVEG
https://sync.navdmp.com/sync?prtid=12&yahid=y-KyAVWDNE2p7AeEu4r3sjJ4L0K1vSPgsmJZw-~A

6 B
57 B

155ms
154ms

Image
application/javascript

2606:4700::6810:df3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.navdmp.com/sync?prtid=12&yahid=y-KyAVWDNE2p7AeEu4r3sjJ4L0K1vSPgsmJZw-~A
Protocol: H2
Server: 2606:4700::6810:df3 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 10:18:47 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 743d438d995fafe2-NRT
content-length: 6
content-type: application/javascript

Redirect headers

date: Thu, 01 Sep 2022 10:18:47 GMT
via: http/1.1 spdc0104.pbp.sg3.yahoo.com (ApacheTrafficServer)
server: ATS
age: 0
strict-transport-security: max-age=31536000
content-type: text/html;charset=utf-8
location: https://sync.navdmp.com/sync?prtid=12&yahid=y-KyAVWDNE2p7AeEu4r3sjJ4L0K1vSPgsmJZw-~A
content-length: 0

GET async_usersync
ib.adnxs.com/ Frame E937 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=1375498121230600539149

Domain: b1sync.zemanta.com
URL: https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=

Domain: ib.adnxs.com
URL: https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Verdicts & Comments Add Verdict or Comment

112 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
151.80.19.172/	1970-01-20 15:16:27	Name: _ga Value: GA1.1.1876213142.1662027521
151.80.19.172/	1970-01-20 05:41:53	Name: _gid Value: GA1.1.1421868960.1662027521
151.80.19.172/	1970-01-20 05:40:27	Name: _gat Value: 1
151.80.19.172/	1970-01-20 05:40:27	Name: _gat_gtag_UA_139911812_1 Value: 1
151.80.19.172/	1970-01-20 06:23:39	Name: _pbjs_userid_consent_data Value: 3524755945110770
.scorecardresearch.com/	1970-01-20 15:16:27	Name: UID Value: 1AF34808e5f597375c0a9261662027521
.adnxs.com/	1970-01-20 07:50:03	Name: icu Value: ChgI5ftbEAoYASABKAEwgY7CmAY4AUABSAEQgY7CmAYYAA..
.adnxs.com/	1970-01-20 07:50:03	Name: uuid2 Value: 998551063958410611
.doubleclick.net/	1970-01-20 15:16:27	Name: IDE Value: AHWqTUnhUcSzlzaVZ1YlHvzroHnqOBVIloYcnpKjxteOeaug6jF905y4MfsxcBju_bs
.criteo.com/	1970-01-20 15:02:03	Name: uid Value: 4150d2f2-1ab3-4a43-8da1-866e68f128bc
151.80.19.172/	1970-01-20 15:02:03	Name: cto_bundle Value: nH78cV9hZk1kZHVPWTU2blBhY2pvN3d1TzdMcEZnVFNDSUlUZ3AlMkJVbElPWHQ0MmJEM2glMkJ1MERnbEoyc2hjeVI4elJ6QkFVWU12Q25GQmJTblhvSFRkVmJReVNOS2tpd0x1aEJUdkhVOSUyRmpSRzNNVTBkSXUwbTRROUZ0TWhMb282SVRTcVdQUUlicGprb2dCYXI3VTJCSHJ5YUElM0QlM0Q

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1376237005157464&output=html&adk=318159125&adf=2184669829&lmt=1662027521&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2F151.80.19.172%2F&ea=0&pra=5&wgl=1&easpf=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=0&asnd=0&asnp=0&asns=0&asmat=1&asptt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662027519587&bpp=1388&bdt=123&idt=1592&shv=r20220829&mjsv=m202208250101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4218617508953&frm=20&pv=2&ga_vid=1876213142.1662027521&ga_sid=1662027521&ga_hid=130609017&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44770880&oid=2&pvsid=2430671410330663&tmod=1761749473&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1607 Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
acdn.adnxs.com
adservice.google.co.jp
adservice.google.com
at.teads.tv
b1sync.zemanta.com
bidder.criteo.com
c.bing.com
c1.adform.net
catiororeflexivo.com
cdn.navdmp.com
cdn.taboola.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
eb2.3lift.com
f7b9189fc07fcd3f160b6dfc4ec31f66.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
match.adsrvr.org
mug.criteo.com
onetag-sys.com
p.adsymptotic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.mathtag.com
pr-bh.ybp.yahoo.com
prg.smartadserver.com
px.ads.linkedin.com
s.amazon-adsystem.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
static.criteo.net
sync.navdmp.com
sync2.navdmp.com
tag.navdmp.com
tags.premiumads.com.br
tlx.3lift.com
tpc.googlesyndication.com
usr.navdmp.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
x.bidswitch.net
b1sync.zemanta.com
ib.adnxs.com
s.amazon-adsystem.com
103.43.90.54
104.18.100.194
106.10.236.147
139.99.49.250
142.250.206.194
142.250.207.34
151.101.129.44
151.101.65.108
151.80.19.172
182.161.74.11
182.161.74.18
185.84.60.29
185.86.138.32
23.45.56.250
23.45.57.118
23.45.61.118
2404:6800:4004:801::2002
2404:6800:4004:801::200a
2404:6800:4004:801::200e
2404:6800:4004:80c::2003
2404:6800:4004:810::2008
2404:6800:4004:813::2001
2404:6800:4004:81c::2001
2404:6800:4004:81d::2002
2404:6800:4004:81e::2002
2404:6800:4004:81f::2002
2404:6800:4004:827::2004
2406:2600:4::1
2406:2600:4::b
2406:da18:929:5a03:ee44:5cd6:3730:1ae1
2606:4700:20::ac43:4a15
2606:4700::6810:df3
2620:1ec:21::14
2620:1ec:c11::200
2a03:2880:f00f:8:face:b00c:0:1
35.213.12.39
35.71.131.137
52.223.2.229
54.179.139.189
99.84.140.70
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01fc92b7704c3e3baaefd2ce87ce17e2ea266a1bb4244f032da25931e9c6fb92
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
0513fab4f302839884b3302cca9f5b06c212e105a33082f963b8c8b15ff74c3b
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
084c044e1a353a41a04f9c923b418d582f8e8d3a1996053c8e4912a57d158799
089317e809038750b86577a72ac29b73122643d63e9f9c1bde505ce530750386
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f3260a1f0f720afd266558464f361401039069c49b7d9e0268ebd7e7b71c201
113d13d907b038b68fcead6af07b63d0e46c2b9361bd87a83d824888c35f5d0a
15c3be02062beb0a05e3b6a27a0fab807a89abebb56159c4ce071f575c335f3d
175b35d83260fc0b54cbc4ac4a046fbcdea118808e4e83598668f33a8c1b1f76
1fc57f1c482d1b3c5727e99b30882fd8c109feea4a11945211652c7b8322123e
25a5de68d390f7c0ee9384f03a6f087c66bc3b6eb37c37f7351735770183017f
25f7b49bf2f6697a64f55c567f9b0b365b02ddc41e839670c30a5cbf7d436c31
27f6c8c22d2d9d2f7483a241cd3197bb47761032845bdd1c28cc0e2713484af3
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3001521d759fccd25508496d699eda8bd15659146b5af02c8fbecd4607703e2b
3205db13206b5e6da5d784d2e0c0a990e5084ecbdb500e06b2136eb612b5b39d
33bd5832c6f9b79ae9063dddb6d5655902a33aa3034f00c63e67de948ac80021
3466ba5a141d2a6c6f9f35e2de5cf56273196a931d39a5248f023eb7ee33f5aa
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3a391531204b08a7df618242711d6c9dd419da1f3e156efcb0c784f386996d14
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
41dc69dcdfb2363b50187f2254508e0b2e66c75a6b779cdbd4b31e8241be7a75
4782e14bc2922c4b1c9da8e4f20cacfe319c11bfb095bdb5b5bd88344e7c4293
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
587a306f93a919b463aee21b97f90b6bb099f0e73413f978cd85d4a71d652eef
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6242e1e45c81061235a65c8caa8fae0010ce5ad03fe30abd47d4739a4e72195c
64c64c43b248d3b7cb5226b28fb0623c19c99304b04a769acf3b6dbeb1cd46d9
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
668eea05ac46c1458d509ffb8c48925fb866b3556a83acf5d7de3fca7d07f77e
680c561a07ec71710baa5d483d9baed1348a056630d627ce924697567ed20346
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
72ca272c46c22bc22ebe25481f61db119fe9561138fa01ee6a1e1f8a0c235235
758a7ca19e408bc3d912a2d2335c8b290376efa1c3b7e6801b9d147c8a4bd2c8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8aa9b777c790990193ef317b3f3990af87137befb85133229dc56cf94fee139d
8d9ab8bd9897c1a05f6692c32fff293175667c58dc34a37f824245f8a63b4689
995b9fb3959ee9f7f5b7a8fc0e41393de74e533a47f4b0a18e4079779746feb5
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4341c4c513889841887be579831125200a94753a15e19bec0252a8569b3a931
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aa027849b4bacc5886dc750859b05b13a2fc02fc5ecf01e94012ba6f40f5c8e8
aad48e612efa9d7364a3ad0e06aaa0d46320b7a57cc13697a8997ee9ef7c9101
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
ad94d40aa25d3f096e20770adef39f3954c5c065e0250bb9c9eb18284408c537
b2a06f6d622469d840589f0d731587a21483e320fd95533190deeca7d4c13ef5
b39a61bc0882cdde30696b436b45ca87edfd2f520df554a13664f5dca000f0d2
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcd71666ea63d4a00969b970c9cdba3cd15b06b53bc84e96df351324c6cd6c5e
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c05787027324ab2f8154688e48e168845560abcd3df64c9bb092788a948d7608
c38bc4d28cb6dd5263a68b3efa74cd5b746f9083484871c54f4cd437c828b40e
c3b6eb9a3b18afcd07f9c80c473fa6b00a4c0689e91f8b40eb1dd84e2e7ff04c
c7cf27ad9653e623c7945a8986dbfb22ee3724b2d8f8e5b322068534c9f6cec0
c7f10334be8b7cad1db5820314348bd0a05cbbcf9cfe0852ceb518534e13558e
c952122cfdbe7e35ab243b1b609f4361281ec0c3caef8112a15b6d3d9a536e4e
c9640eb2befb4938a64076908c70b3e3b72c1af042b031026e8a981d186ccff7
ca7a374b58b0b1370dc4b7b5e64dac156a53e5bcf82fddd5f9e929058f5dfa77
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d257a75764e746d9a1aafb79d8e47744cb44ee1af115ab2adbd0012c69cf676c
d2c30641eed11d27cc45ab60849aaef8d0cef92b8c75b09648ffb764bd6017c0
d3c81763d3d77176f843f1bf7e5caaae025d504f9d1b351ed0363936bcb1708f
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
d83d44469cdd7df841b63405b4e8576729f64d3cf152dccf83fb223a65ba5ef5
d91c38797a4f40c02b517763adb6b8d25ca0d0af244856025ecc3543b8540679
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
e09788876903d5825f22984156fd9e06a708d4a9d368ce138ce967143a71153d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
e7d13f9991e15eb8f6d7351a30e06fba891d8b1671f4a9268e3a539f3ac62524
ecefab04fab92a05dee2402ec9b11f08e65ca1192b18abe7fd924541cdedf6f8
ed393a8adb497cc56f0a608d31f9870b31aadd339951abe140de86107eb48124
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
f535f19096cc29be2fa3c760b5b821d292f84107232b4f56cd465b551992d708
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f70a708909ea0e41d9ff70cc101e8ca4a5391ffb134ce3a98b0f5e42d7cb72b4
ffb662f784695c0a21cfac247ab11ce0beba8be5f6e80a23b0523f961b4d63d4

151.80.19.172 Open in urlscan Pro 151.80.19.172 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

107 Requests

84 %HTTPS

48 %IPv6

32 Domains

47 Subdomains

34 IPs

5 Countries

1522 kBTransfer

4336 kBSize

11 Cookies

26 Outgoing links

Redirected requests

107 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

151.80.19.172 Open in urlscan Pro
151.80.19.172 Public Scan

Screenshot
Live screenshot

Full Image

107
Requests

84 %
HTTPS

48 %
IPv6

32
Domains

47
Subdomains

34
IPs

5
Countries

1522 kB
Transfer

4336 kB
Size

11
Cookies

107 HTTP transactions
1 data transactions