151.80.19.172 Open in urlscan Pro
151.80.19.172 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://151.80.19.172/
Submission Tags: krdprod
Submission: On September 01 via api (September 1st 2022, 12:14:44 am UTC) from JP — Scanned from JP

Summary HTTP 103 Redirects Links 26 Behaviour Indicators

Summary

This website contacted 37 IPs in 6 countries across 32 domains to perform 103 HTTP transactions. The main IP is 151.80.19.172, located in Roubaix, France and belongs to OVH, FR. The main domain is 151.80.19.172.
TLS certificate: Issued by R3 on August 21st 2022. Valid for: 3 months.

This is the only time 151.80.19.172 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
29	151.80.19.172 151.80.19.172	16276 (OVH) (OVH)
7	2404:6800:400... 2404:6800:4004:822::2002	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4004:801::200e	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:801::200a	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f00... 2a03:2880:f00f:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
1	2404:6800:400... 2404:6800:4004:823::2008	15169 (GOOGLE) (GOOGLE)
3	2606:4700:20:... 2606:4700:20::681a:f79	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2404:6800:400... 2404:6800:4004:820::2002	15169 (GOOGLE) (GOOGLE)
2	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
3	2404:6800:400... 2404:6800:4004:81f::2003	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:812::2002	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:823::2002	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:825::2002	15169 (GOOGLE) (GOOGLE)
1 3	99.84.140.69 99.84.140.69	16509 (AMAZON-02) (AMAZON-02)
4	2404:6800:400... 2404:6800:4004:808::2002	15169 (GOOGLE) (GOOGLE)
2	185.86.138.124 185.86.138.124	201081 (SMARTADSE...) (SMARTADSERVER)
1	18.140.14.88 18.140.14.88	16509 (AMAZON-02) (AMAZON-02)
4	103.43.90.19 103.43.90.19	29990 (ASN-APPNEX) (ASN-APPNEX)
1	182.161.74.18 182.161.74.18	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
2	139.99.49.250 139.99.49.250	16276 (OVH) (OVH)
1	2404:6800:400... 2404:6800:4004:80b::2001	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4004:81f::2001	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:827::2004	15169 (GOOGLE) (GOOGLE)
2	2406:2600:4::1 2406:2600:4::1	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
2 4	2406:2600:4::b 2406:2600:4::b	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
3	182.161.74.11 182.161.74.11	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	151.101.65.108 151.101.65.108	54113 (FASTLY) (FASTLY)
3 9	52.223.2.229 52.223.2.229	16509 (AMAZON-02) (AMAZON-02)
2 2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
2 3	142.250.196.98 142.250.196.98	15169 (GOOGLE) (GOOGLE)
2 2	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	104.18.98.194 104.18.98.194	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	35.213.12.39 35.213.12.39	15169 (GOOGLE) (GOOGLE)
1	35.227.202.26 35.227.202.26	() ()
1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2406:da18:929... 2406:da18:929:5a00:9a2c:8e82:ae9c:de5c	16509 (AMAZON-02) (AMAZON-02)
1 2	52.46.128.147 52.46.128.147	() ()
2 2	64.202.112.223 64.202.112.223	() ()
1 1	23.44.52.187 23.44.52.187	() ()
2	2606:4700::68... 2606:4700::6810:ff3	() ()
1	23.45.57.118 23.45.57.118	() ()
1	23.45.61.118 23.45.61.118	() ()
103	37

29 151.80.19.172 (Roubaix, France)

ASN16276 (OVH, FR)
PTR: ns395207.ip-151-80-19.eu

151.80.19.172	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
catiororeflexivo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2404:6800:4004:822::2002 (Australia)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:801::200e (Australia)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:801::200a (Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f00f:8:face:b00c:0:1 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:823::2008 (Australia)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:f79 (United States)

ASN13335 (CLOUDFLARENET, US)

tags.premiumads.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:820::2002 (Australia)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:81f::2003 (Australia)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:812::2002 (Australia)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:823::2002 (Australia)

ASN15169 (GOOGLE, US)

adservice.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:825::2002 (Australia)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.84.140.69 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-84-140-69.nrt57.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:808::2002 (Australia)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.138.124 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.140.14.88 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-140-14-88.ap-southeast-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 103.43.90.19 (Singapore, Singapore)

ASN29990 (ASN-APPNEX, US)
PTR: 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.161.74.18 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.99.49.250 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: ip250.ip-139-99-49.net

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:80b::2001 (Australia)

ASN15169 (GOOGLE, US)

385c4aa9e16306c708107131a660485b.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:81f::2001 (Australia)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:827::2004 (Australia)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2406:2600:4::1 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2406:2600:4::b (Japan) 2 redirects

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 182.161.74.11 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 52.223.2.229 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.196.98 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: nrt12s35-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:21::14 (United States) 2 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.98.194 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

p.adsymptotic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.213.12.39 (Tokyo, Japan) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.202.26 (None, )

ASN- ()

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2406:da18:929:5a00:9a2c:8e82:ae9c:de5c (Singapore, Singapore) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.128.147 (None, ) 1 redirects

ASN- ()

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.223 (None, ) 2 redirects

ASN- ()

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.44.52.187 (None, ) 1 redirects

ASN- ()

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:ff3 (None, )

ASN- ()

tag.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.45.57.118 (None, )

ASN- ()

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.45.61.118 (None, )

ASN- ()

at.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	catiororeflexivo.com catiororeflexivo.com	464 KB
11	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 112 385c4aa9e16306c708107131a660485b.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 145	296 KB
10	3lift.com 3 redirects tlx.3lift.com — Cisco Umbrella Rank: 552 eb2.3lift.com — Cisco Umbrella Rank: 395	4 KB
9	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 44 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184 cm.g.doubleclick.net — Cisco Umbrella Rank: 210	164 KB
8	criteo.com 2 redirects bidder.criteo.com — Cisco Umbrella Rank: 742 gum.criteo.com — Cisco Umbrella Rank: 387 mug.criteo.com — Cisco Umbrella Rank: 2794	9 KB
5	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 225 acdn.adnxs.com — Cisco Umbrella Rank: 594	21 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 152	3 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 78 www.google.com — Cisco Umbrella Rank: 2	2 KB
3	gstatic.com fonts.gstatic.com	44 KB
3	premiumads.com.br tags.premiumads.com.br — Cisco Umbrella Rank: 227950	134 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
2	teads.tv a.teads.tv at.teads.tv	5 KB
2	navdmp.com tag.navdmp.com usr.navdmp.com Failed	5 KB
2	zemanta.com 2 redirects b1sync.zemanta.com	1 KB
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com	860 B
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 288	1 KB
2	adsymptotic.com 1 redirects p.adsymptotic.com — Cisco Umbrella Rank: 463	477 B
2	linkedin.com 2 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 370	1 KB
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 336	949 B
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 658	57 KB
2	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 749	1 KB
2	smartadserver.com prg.smartadserver.com — Cisco Umbrella Rank: 1411	670 B
2	google.co.jp adservice.google.co.jp — Cisco Umbrella Rank: 68898	914 B
2	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 971	170 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 154	88 KB
1	bluekai.com 1 redirects stags.bluekai.com	742 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 468	1 KB
1	bing.com c.bing.com — Cisco Umbrella Rank: 213	666 B
1	mookie1.com odr.mookie1.com	639 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 872	694 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 66	41 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43	1 KB
103	32

	Domain	Requested by
28	catiororeflexivo.com	151.80.19.172 catiororeflexivo.com
9	eb2.3lift.com	3 redirects tags.premiumads.com.br eb2.3lift.com
7	pagead2.googlesyndication.com	151.80.19.172 pagead2.googlesyndication.com tpc.googlesyndication.com
4	gum.criteo.com	2 redirects static.criteo.net
4	ib.adnxs.com	tags.premiumads.com.br acdn.adnxs.com
4	securepubads.g.doubleclick.net	tags.premiumads.com.br securepubads.g.doubleclick.net
3	cm.g.doubleclick.net	2 redirects eb2.3lift.com
3	mug.criteo.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	sb.scorecardresearch.com	1 redirects cdn.taboola.com 151.80.19.172
3	fonts.gstatic.com	fonts.googleapis.com
3	tags.premiumads.com.br	151.80.19.172 tags.premiumads.com.br
3	www.google-analytics.com	151.80.19.172 www.google-analytics.com
2	tag.navdmp.com	tags.premiumads.com.br tag.navdmp.com
2	b1sync.zemanta.com	2 redirects
2	s.amazon-adsystem.com	1 redirects eb2.3lift.com
2	x.bidswitch.net	2 redirects
2	p.adsymptotic.com	1 redirects eb2.3lift.com
2	px.ads.linkedin.com	2 redirects
2	match.adsrvr.org	2 redirects
2	static.criteo.net	tags.premiumads.com.br static.criteo.net
2	onetag-sys.com	tags.premiumads.com.br
2	prg.smartadserver.com	tags.premiumads.com.br
2	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	adservice.google.co.jp	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	cdn.taboola.com	151.80.19.172 cdn.taboola.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	connect.facebook.net	151.80.19.172 connect.facebook.net
1	at.teads.tv	a.teads.tv
1	a.teads.tv	tags.premiumads.com.br
1	stags.bluekai.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	c.bing.com	eb2.3lift.com
1	odr.mookie1.com	eb2.3lift.com
1	acdn.adnxs.com	tags.premiumads.com.br
1	www.google.com	tpc.googlesyndication.com
1	385c4aa9e16306c708107131a660485b.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	bidder.criteo.com	tags.premiumads.com.br
1	tlx.3lift.com	tags.premiumads.com.br
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	151.80.19.172
1	fonts.googleapis.com	151.80.19.172
0	usr.navdmp.com Failed	tag.navdmp.com
103	43

This site contains links to these domains. Also see Links.

Domain
catiororeflexivo.com
www.facebook.com
twitter.com
www.youtube.com
www.instagram.com

Subject Issuer	Validity	Valid
catiororeflexivo.com R3	`2022-08-21` - `2022-11-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-06-10` - `2022-09-08`	3 months	crt.sh
premiumads.com.br Cloudflare Inc ECC CA-3	`2022-05-07` - `2023-05-07`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.google.co.jp GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-27` - `2022-11-22`	3 months	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-21` - `2022-09-23`	3 months	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2022-03-11` - `2023-04-11`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-06-10` - `2022-12-10`	6 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-04` - `2023-06-03`	a year	crt.sh
teads.tv R3	`2022-08-17` - `2022-11-15`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://151.80.19.172/
Frame ID: 496AA04C87FE6DA2122F97C64BD25F5F
Requests: 77 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220829/r20190131/zrt_lookup.html
Frame ID: FEEEA7DAB23939AF053849248674EB7B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1376237005157464&output=html&adk=318159125&adf=2184669829&lmt=1661991277&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2F151.80.19.172%2F&ea=0&pra=5&wgl=1&easpf=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=0&asnd=0&asnp=0&asns=0&asmat=1&asptt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661991276435&bpp=1098&bdt=132&idt=1302&shv=r20220829&mjsv=m202208290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8354661924985&frm=20&pv=2&ga_vid=58205280.1661991278&ga_sid=1661991278&ga_hid=1243782699&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31069218&oid=2&pvsid=2233492164336794&tmod=1105169742&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1320
Frame ID: 47190A55AF589F9BE76CCFD837EC5E06
Requests: 1 HTTP requests in this frame

Frame: https://385c4aa9e16306c708107131a660485b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 594F7B659A7E2C01DFA728E454FB3CEF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 25761057C827C71485557DAB9A8FFC43
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F75546735F683ECB0DA8AF5EE23DC15A
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=151.80.19.172
Frame ID: A1F7AB0825078CAA92A744F8A2016D64
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: A657EBF2D497E7971E4EE83F7549156B
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: 28F3AFBD04424BDF09A718C20A62FB1F
Requests: 11 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1661991278281
Frame ID: AE62004193713E07D0884E86FB947840
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Iti malia

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Navegg (Analytics) Expand

Overall confidence: 100%
Detected patterns

tag\.navdmp\.com

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

103
Requests

86 %
HTTPS

50 %
IPv6

32
Domains

43
Subdomains

37
IPs

6
Countries

1543 kB
Transfer

4336 kB
Size

27
Cookies

26 Outgoing links

These are links going to different origins than the main page.

URL: https://catiororeflexivo.com/
Title: Catioro Reflexivo

Search URL Search Domain Scan URL

URL: https://catiororeflexivo.com/category/caes/
Title: Cães

Search URL Search Domain Scan URL

URL: https://catiororeflexivo.com/category/gatos/
Title: Gatos

Search URL Search Domain Scan URL

URL: https://catiororeflexivo.com/category/animais/
Title: Animais

Search URL Search Domain Scan URL

URL: https://catiororeflexivo.com/category/noticias/
Title: Notícias

Search URL Search Domain Scan URL

URL: https://catiororeflexivo.com/category/videos/
Title: Vídeos

Search URL Search Domain Scan URL

URL: https://catiororeflexivo.com/contactar/
Title: Contato

Search URL Search Domain Scan URL

URL: https://catiororeflexivo.com/politica-privacidade/
Title: Política privacidade

Search URL Search Domain Scan URL

URL: https://catiororeflexivo.com/casal-tem-encontro-inesperado-com-gatos-selvagens-em-estrada-no-canada/
Title: Casal tem encontro inesperado com gatos selvagens em estrada no Canadá

Search URL Search Domain Scan URL

URL: https://catiororeflexivo.com/mulher-grava-seus-caezinhos-tendo-reacoes-fofinhas-enquanto-ela-fala-suas-palavras-favoritas/
Title: Mulher grava seus cãezinhos tendo reações fofinhas enquanto ela fala suas palavras favoritas

Search URL Search Domain Scan URL

URL: https://catiororeflexivo.com/mulher-resgata-com-a-ajuda-de-uma-policial-gatinha-preta-que-estava-presa-em-uma-estrada-e-a-adota/
Title: Mulher resgata, com a ajuda de policial, gatinha preta que estava presa em uma estrada e a adota

Search URL Search Domain Scan URL

URL: https://catiororeflexivo.com/gatinha-gravida-e-resgatada-por-homem-de-um-lago-e-mais-tarde-da-a-luz-5-lindos-gatinhos/
Title: Gatinha grávida é resgatada por homem de um lago e mais tarde dá à luz 5 lindos gatinhos

Search URL Search Domain Scan URL

URL: https://catiororeflexivo.com/pastor-alemao-amigavel-cuida-com-muito-amor-de-veados-orfaos-e-como-se-fossem-seus-filhotes/
Title: Pastor Alemão amigável cuida com muito amor de veados órfãos e como se fossem seus filhotes

Search URL Search Domain Scan URL

URL: https://catiororeflexivo.com/dois-homens-corajosos-salvam-diversos-animais-durante-enchente-em-hernando-mississippi/
Title: Em 2016, quando chuvas causaram enchentes históricas em vários estados do sul, incluindo … .featured-thumbnail:hover img { -webkit-transform: translate3d(0,-80px,0); transform: translate3d(0,-80px,0); }

Search URL Search Domain Scan URL

URL: https://catiororeflexivo.com/gatinha-encontrada-na-porta-de-um-predio-e-resgatada-e-ai-percebem-que-estava-em-trabalho-de-parto/
Title: Do lado de fora de um prédio em Corpus Christi, Texas, uma gatinha … .featured-thumbnail:hover img { -webkit-transform: translate3d(0,-80px,0); transform: translate3d(0,-80px,0); }

Search URL Search Domain Scan URL

URL: https://catiororeflexivo.com/dois-amigos-foram-resgatados-separados-e-nao-conseguiram-se-desgrudar-desde-quando-se-reencontraram-um-chorava-pelo-outro/
Title: Quando a socorrista Suzette Hall respondeu pela primeira vez a um telefonema sobre … .featured-thumbnail:hover img { -webkit-transform: translate3d(0,-80px,0); transform: translate3d(0,-80px,0); }

Search URL Search Domain Scan URL

URL: https://catiororeflexivo.com/timao-e-pumba-existem-e-foram-encontrados-morando-sozinhos-numa-casa-abandonada/
Title: Danielle Betterman fez carreira resgatando animais indesejados, então quando ela recebeu uma ligação … .featured-thumbnail:hover img { -webkit-transform: translate3d(0,-80px,0); transform: translate3d(0,-80px,0); }

Search URL Search Domain Scan URL

URL: https://catiororeflexivo.com/page/2/
Title: 2

Search URL Search Domain Scan URL

URL: https://catiororeflexivo.com/page/3/
Title: 3

Search URL Search Domain Scan URL

URL: https://catiororeflexivo.com/page/4/
Title: 4

Search URL Search Domain Scan URL

URL: https://catiororeflexivo.com/page/299/
Title: 299

Search URL Search Domain Scan URL

URL: https://www.facebook.com/CatioroReflexivo/

Search URL Search Domain Scan URL

URL: https://twitter.com/CatioroReflexiv

Search URL Search Domain Scan URL

URL: https://www.youtube.com/CatioroReflexivo

Search URL Search Domain Scan URL

URL: https://www.instagram.com/catioro.reflexivo/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/groups/228755860842646/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 54

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1661991277843&ns_c=UTF-8&c7=https%3A%2F%2F151.80.19.172%2F&c8=Iti%20malia&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1661991277843&ns_c=UTF-8&c7=https%3A%2F%2F151.80.19.172%2F&c8=Iti%20malia&c9=

Request Chain 79

https://gum.criteo.com/sid/json?origin=publishertag&domain=151.80.19.172&sn=ChromeSyncframe&so=0&topUrl=151.80.19.172&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=uXyYu3w5djlPSnplK0V2TGM5SDNsRDNYazZENUtmMTFML0taQVhGc215ZXA3Rm5iNlRoelFJVkFNZVppN0t3ZnF6UHlJWDA4VXo1NEwxRjg3UXpFRnZLL0tzWW1TVHZHTFpTc2FlVDVuUENHWktCcFQrNmgrMnNhbGZRcXhkUFVYQzJnYWNlUUtMQURDc0dhU3laQWUxRTNXZXFMM3dUaFhra3pRS2txSEZJZGJpZFl3L0JSUmQwaVBhbHp6UkVQSFIxS2V0YjRZMnhVeTBhMkJ0TDVFU0thQ3VxTWdTWXFBV3AwUHdkdHhlUTBZMVpYZWFlTTlGNGFaU0FOUzBCOHBoM3ptU0ZqSnUvWDlyMHVkNmZmNklkK3RRZz09fA&cppv=2

Request Chain 80

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fcatiororeflexivo.com%2F&domain=151.80.19.172&cw=1&pbt=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=bpudHnx2RlJiNUpSR0k2YVZWelNpQVpGWGlvMmptd0VreG1GdStaYlpod215dGtJTjFJK2xqSUUrMHc3WjB4WXpXaFk4SzhoUlp5dnhCdm9qT05HUVhzUkFFYnMxamVsZHpjOUJtQ28zRVlEdzRDK1pTa2lRdU82dnZqK3g5aWwzM1J2S0xVWnJKWmcvWCs2dEhObHJ2ZUl3a1lHbXJ5UGo4RXlpRFFJMy95RW45WGtZVUhJV3RGY2w5d1NTV01Oa3VZSGFHTnpob2FIWGtHYzlzR0VaR3UwQXVHZHd5a1IxN0x0V01ncWVQTmZ1NkRJa3AyRUpyWVZKVHYvL1BWanErMFZCeWIzOTVEK0tWVVQzUFR3c1lMUkFVOVBTK0x4NWEvcElsZVpsbDJyYjQ3Q2txdHo4K1lYMGMycVFHTjBYdHRyNnw&cppv=2

Request Chain 82

https://eb2.3lift.com/sync HTTP 302
https://eb2.3lift.com/sync?&ld=1

Request Chain 87

https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=3658&xuid=e2919ce6-d190-4675-ad74-318591349d69&dongle=0cfd

Request Chain 88

https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzgwMDQ0ODUwNDcxMjI3MjkxMTEyMw%3D%3D HTTP 302
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=

Request Chain 89

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEExlj_EoA6dIvJFJsDn94uc&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1

Request Chain 90

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzgwMDQ0ODUwNDcxMjI3MjkxMTEyMw%3D%3D

Request Chain 91

https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3800448504712272911123&dbredirect=true&gdpr=0&consent= HTTP 302
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3800448504712272911123&dbredirect=true&gdpr=0&consent=&cookiesTest=true HTTP 302
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=91aa721e-2c7c-4536-8606-837680ef4ade&_noobservation=1 HTTP 302
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=91aa721e-2c7c-4536-8606-837680ef4ade&_noobservation=1&_expected_cookie=4f7ab02904e1d3b23bc1d061d59fabd9

Request Chain 92

https://x.bidswitch.net/sync?ssp=triplelift&user_id=3800448504712272911123&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=triplelift&user_id=3800448504712272911123&gdpr=0&gdpr_consent= HTTP 302
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=51fd7866-302c-44ac-9b6f-bf320a9ec637&ssp=triplelift&gdpr=0&gdpr_consent=

Request Chain 94

https://pr-bh.ybp.yahoo.com/sync/triplelift/3800448504712272911123?gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2662&xuid=y-c0gyp29E2oReneTmgj1g7IvAkHXhnGl5ASSBu6i1Yw--~A&dongle=0883

Request Chain 95

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=3800448504712272911123 HTTP 302
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=3800448504712272911123&dcc=t

Request Chain 96

https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
https://stags.bluekai.com/site/23178?id=o_cG780ph13cUCwlaZGu&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5N5PWGRZXHAYHA2BRGNRVKQ3XNRQVUR3V&gdpr=0 HTTP 302
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5N5PWGRZXHAYHA2BRGNRVKQ3XNRQVUR3V HTTP 302
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=o_cG780ph13cUCwlaZGu

103 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
151.80.19.172/ 56 KB
12 KB 1003ms
499ms Document
text/html 151.80.19.172
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://151.80.19.172/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.80.19.172 Roubaix, France, ASN16276 (OVH, FR),

Reverse DNS

ns395207.ip-151-80-19.eu

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

3001521d759fccd25508496d699eda8bd15659146b5af02c8fbecd4607703e2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Access-Control-Allow-Origin: https://onesignal.com
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Thu, 01 Sep 2022 00:14:35 GMT
Referrer-Policy: no-referrer-when-downgrade
Server: nginx/1.18.0 (Ubuntu)
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 165 KB
57 KB 96ms
55ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1376237005157464

Requested by

Host: 151.80.19.172
URL: https://151.80.19.172/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49782820323587793de7151c93b4adceec39740cf9d61faea389cc53ef022426

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://151.80.19.172/
Origin: https://151.80.19.172
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 00:14:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57352
x-xss-protection: 0
server: cafe
etag: 15391629770399508143
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 01 Sep 2022 00:14:36 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 165 KB
57 KB 117ms
78ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: 151.80.19.172
URL: https://151.80.19.172/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b374c8b6bb5c150383f3756a92d5668079bb863b6e563fa8213c824d646688b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 00:14:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57340
x-xss-protection: 0
server: cafe
etag: 15006778234159963438
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 01 Sep 2022 00:14:36 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 50ms
2ms Script
text/javascript 2404:6800:4004:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: 151.80.19.172
URL: https://151.80.19.172/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 2129
date: Wed, 31 Aug 2022 23:39:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 01 Sep 2022 01:39:08 GMT

GET
H/1.1 200
OK font-awesome.min.css
catiororeflexivo.com/wp-content/plugins/my-wp-mega-menu/css/ 30 KB
8 KB 708ms
236ms Stylesheet
text/css 151.80.19.172
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://catiororeflexivo.com/wp-content/plugins/my-wp-mega-menu/css/font-awesome.min.css

Requested by

Host: 151.80.19.172
URL: https://151.80.19.172/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.80.19.172 Roubaix, France, ASN16276 (OVH, FR),

Reverse DNS

ns395207.ip-151-80-19.eu

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Thu, 01 Sep 2022 00:14:36 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 08 May 2019 16:43:57 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Frame-Options: SAMEORIGIN
ETag: W/"5cd3074d-7918"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/css
Access-Control-Allow-Origin: https://onesignal.com
Cache-Control: max-age=604800
Expires: Thu, 08 Sep 2022 00:14:36 GMT

GET
H/1.1 200
OK wpmm.css
catiororeflexivo.com/wp-content/plugins/my-wp-mega-menu/css/ 38 KB
4 KB 717ms
238ms Stylesheet
text/css 151.80.19.172
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://catiororeflexivo.com/wp-content/plugins/my-wp-mega-menu/css/wpmm.css

Requested by

Host: 151.80.19.172
URL: https://151.80.19.172/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.80.19.172 Roubaix, France, ASN16276 (OVH, FR),

Reverse DNS

ns395207.ip-151-80-19.eu

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

ed393a8adb497cc56f0a608d31f9870b31aadd339951abe140de86107eb48124

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Thu, 01 Sep 2022 00:14:36 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 08 May 2019 16:43:57 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Frame-Options: SAMEORIGIN
ETag: W/"5cd3074d-97ab"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/css
Access-Control-Allow-Origin: https://onesignal.com
Cache-Control: max-age=604800
Expires: Thu, 08 Sep 2022 00:14:36 GMT

GET
H/1.1 200
OK style.min.css
catiororeflexivo.com/wp-includes/css/dist/block-library/ 87 KB
12 KB 951ms
471ms Stylesheet
text/css 151.80.19.172
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://catiororeflexivo.com/wp-includes/css/dist/block-library/style.min.css

Requested by

Host: 151.80.19.172
URL: https://151.80.19.172/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.80.19.172 Roubaix, France, ASN16276 (OVH, FR),

Reverse DNS

ns395207.ip-151-80-19.eu

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Thu, 01 Sep 2022 00:14:36 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 12 Jul 2022 23:59:02 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Frame-Options: SAMEORIGIN
ETag: W/"62ce0ac6-15b64"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/css
Access-Control-Allow-Origin: https://onesignal.com
Cache-Control: max-age=604800
Expires: Thu, 08 Sep 2022 00:14:36 GMT

GET
H/1.1 200
OK front.min.css
catiororeflexivo.com/wp-content/plugins/cookie-notice/css/ 5 KB
2 KB 746ms
247ms Stylesheet
text/css 151.80.19.172
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://catiororeflexivo.com/wp-content/plugins/cookie-notice/css/front.min.css

Requested by

Host: 151.80.19.172
URL: https://151.80.19.172/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.80.19.172 Roubaix, France, ASN16276 (OVH, FR),

Reverse DNS

ns395207.ip-151-80-19.eu

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

d2c30641eed11d27cc45ab60849aaef8d0cef92b8c75b09648ffb764bd6017c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Thu, 01 Sep 2022 00:14:36 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 29 Jun 2022 16:14:10 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Frame-Options: SAMEORIGIN
ETag: W/"62bc7a52-14ce"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/css
Access-Control-Allow-Origin: https://onesignal.com
Cache-Control: max-age=604800
Expires: Thu, 08 Sep 2022 00:14:36 GMT

GET
H/1.1 200
OK style.css
catiororeflexivo.com/wp-content/themes/mts_sense/ 81 KB
15 KB 998ms
498ms Stylesheet
text/css 151.80.19.172
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://catiororeflexivo.com/wp-content/themes/mts_sense/style.css

Requested by

Host: 151.80.19.172
URL: https://151.80.19.172/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.80.19.172 Roubaix, France, ASN16276 (OVH, FR),

Reverse DNS

ns395207.ip-151-80-19.eu

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

15c3be02062beb0a05e3b6a27a0fab807a89abebb56159c4ce071f575c335f3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Thu, 01 Sep 2022 00:14:36 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 08 May 2019 16:11:07 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Frame-Options: SAMEORIGIN
ETag: W/"5cd2ff9b-14499"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/css
Access-Control-Allow-Origin: https://onesignal.com
Cache-Control: max-age=604800
Expires: Thu, 08 Sep 2022 00:14:36 GMT

GET
H/1.1 200
OK owl.carousel.css
catiororeflexivo.com/wp-content/themes/mts_sense/css/ 6 KB
2 KB 755ms
252ms Stylesheet
text/css 151.80.19.172
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://catiororeflexivo.com/wp-content/themes/mts_sense/css/owl.carousel.css

Requested by

Host: 151.80.19.172
URL: https://151.80.19.172/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.80.19.172 Roubaix, France, ASN16276 (OVH, FR),

Reverse DNS

ns395207.ip-151-80-19.eu

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

758a7ca19e408bc3d912a2d2335c8b290376efa1c3b7e6801b9d147c8a4bd2c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Thu, 01 Sep 2022 00:14:36 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 08 May 2019 16:11:07 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Frame-Options: SAMEORIGIN
ETag: W/"5cd2ff9b-16d4"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/css
Access-Control-Allow-Origin: https://onesignal.com
Cache-Control: max-age=604800
Expires: Thu, 08 Sep 2022 00:14:36 GMT

GET
H/1.1 200
OK responsive.css
catiororeflexivo.com/wp-content/themes/mts_sense/css/ 13 KB
4 KB 943ms
234ms Stylesheet
text/css 151.80.19.172
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://catiororeflexivo.com/wp-content/themes/mts_sense/css/responsive.css

Requested by

Host: 151.80.19.172
URL: https://151.80.19.172/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.80.19.172 Roubaix, France, ASN16276 (OVH, FR),

Reverse DNS

ns395207.ip-151-80-19.eu

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

41dc69dcdfb2363b50187f2254508e0b2e66c75a6b779cdbd4b31e8241be7a75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Thu, 01 Sep 2022 00:14:37 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 08 May 2019 16:11:07 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Frame-Options: SAMEORIGIN
ETag: W/"5cd2ff9b-33a0"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/css
Access-Control-Allow-Origin: https://onesignal.com
Cache-Control: max-age=604800
Expires: Thu, 08 Sep 2022 00:14:37 GMT

GET
H/1.1 200
OK jquery.min.js Show response
catiororeflexivo.com/wp-includes/js/jquery/ 87 KB
31 KB 1198ms
481ms Script
application/javascript 151.80.19.172
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://catiororeflexivo.com/wp-includes/js/jquery/jquery.min.js

Requested by

Host: 151.80.19.172
URL: https://151.80.19.172/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.80.19.172 Roubaix, France, ASN16276 (OVH, FR),

Reverse DNS

ns395207.ip-151-80-19.eu

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Thu, 01 Sep 2022 00:14:37 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 26 Jul 2021 12:20:10 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Frame-Options: SAMEORIGIN
ETag: W/"60fea87a-15db1"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Access-Control-Allow-Origin: https://onesignal.com
Cache-Control: max-age=604800
Expires: Thu, 08 Sep 2022 00:14:37 GMT

GET
H/1.1 200
OK jquery-migrate.min.js Show response
catiororeflexivo.com/wp-includes/js/jquery/ 11 KB
5 KB 995ms
248ms Script
application/javascript 151.80.19.172
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://catiororeflexivo.com/wp-includes/js/jquery/jquery-migrate.min.js

Requested by

Host: 151.80.19.172
URL: https://151.80.19.172/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.80.19.172 Roubaix, France, ASN16276 (OVH, FR),

Reverse DNS

ns395207.ip-151-80-19.eu

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Thu, 01 Sep 2022 00:14:37 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 09 Dec 2020 13:49:07 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Frame-Options: SAMEORIGIN
ETag: W/"5fd0d5d3-2bd8"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Access-Control-Allow-Origin: https://onesignal.com
Cache-Control: max-age=604800
Expires: Thu, 08 Sep 2022 00:14:37 GMT

GET
H/1.1 200
OK front.min.js Show response
catiororeflexivo.com/wp-content/plugins/cookie-notice/js/ 8 KB
3 KB 252ms
248ms Script
application/javascript 151.80.19.172
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://catiororeflexivo.com/wp-content/plugins/cookie-notice/js/front.min.js

Requested by

Host: 151.80.19.172
URL: https://151.80.19.172/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.80.19.172 Roubaix, France, ASN16276 (OVH, FR),

Reverse DNS

ns395207.ip-151-80-19.eu

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

c38bc4d28cb6dd5263a68b3efa74cd5b746f9083484871c54f4cd437c828b40e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Thu, 01 Sep 2022 00:14:37 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 29 Jun 2022 16:14:10 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Frame-Options: SAMEORIGIN
ETag: W/"62bc7a52-20ec"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Access-Control-Allow-Origin: https://onesignal.com
Cache-Control: max-age=604800
Expires: Thu, 08 Sep 2022 00:14:37 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 81ms
41ms Stylesheet
text/css 2404:6800:4004:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Slab:700|Roboto:700|Roboto:normal&subset=latin

Requested by

Host: 151.80.19.172
URL: https://151.80.19.172/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

72ca272c46c22bc22ebe25481f61db119fe9561138fa01ee6a1e1f8a0c235235

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 01 Sep 2022 00:14:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 01 Sep 2022 00:14:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 01 Sep 2022 00:14:36 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/pt_BR/ 3 KB
2 KB 11ms
4ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/sdk.js

Requested by

Host: 151.80.19.172
URL: https://151.80.19.172/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ebfcd3b6d4c0b3fdb351b7522a45ab89a02d6f357f5cd661b49c0997923d1626

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: kKzte+WKS5lNJQzzovMqEA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: ktQpk4ctqk82aPDPJGEjVWZ7+wSJkaU5pJ6yuKCUNvhfk0oNu3x1Du38FNhsI/Q1LZ6jc/meScAyEf7HuJ3efA==
x-fb-trip-id: 382461245
x-fb-content-md5: dd36f7b5b6899c031a9b9e686cfbc3f1
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 01 Sep 2022 00:14:36 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "7127bc67a7add3cb3793dc0d55ac9dd8"
timing-allow-origin: *
priority: u=3,i
expires: Thu, 01 Sep 2022 00:23:13 GMT

GET
H/1.1 200
OK WhatsApp-Image-2022-03-10-at-14.26.46-350x230.jpeg
catiororeflexivo.com/wp-content/uploads/2022/03/ 18 KB
19 KB 244ms
240ms Image
image/jpeg 151.80.19.172
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://catiororeflexivo.com/wp-content/uploads/2022/03/WhatsApp-Image-2022-03-10-at-14.26.46-350x230.jpeg

Requested by

Host: 151.80.19.172
URL: https://151.80.19.172/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.80.19.172 Roubaix, France, ASN16276 (OVH, FR),

Reverse DNS

ns395207.ip-151-80-19.eu

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

25f7b49bf2f6697a64f55c567f9b0b365b02ddc41e839670c30a5cbf7d436c31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Thu, 01 Sep 2022 00:14:37 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 18917
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 10 Mar 2022 17:27:16 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "622a34f4-49e5"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://onesignal.com
Cache-Control: max-age=604800
Accept-Ranges: bytes
Expires: Thu, 08 Sep 2022 00:14:37 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 105 KB
41 KB 90ms
43ms Script
application/javascript 2404:6800:4004:823::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-139911812-1

Requested by

Host: 151.80.19.172
URL: https://151.80.19.172/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

14629f159ec15a6ece345dac054d2cb21158bf20f2ccdda337bd4b9e427539e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 00:14:37 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41946
x-xss-protection: 0
expires: Thu, 01 Sep 2022 00:14:37 GMT

GET
H/1.1 200
OK wpmm.js Show response
catiororeflexivo.com/wp-content/plugins/my-wp-mega-menu/js/ 7 KB
2 KB 250ms
250ms Script
application/javascript 151.80.19.172
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://catiororeflexivo.com/wp-content/plugins/my-wp-mega-menu/js/wpmm.js

Requested by

Host: 151.80.19.172
URL: https://151.80.19.172/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.80.19.172 Roubaix, France, ASN16276 (OVH, FR),

Reverse DNS

ns395207.ip-151-80-19.eu

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

587a306f93a919b463aee21b97f90b6bb099f0e73413f978cd85d4a71d652eef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Thu, 01 Sep 2022 00:14:37 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 08 May 2019 16:43:57 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Frame-Options: SAMEORIGIN
ETag: W/"5cd3074d-1cd9"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Access-Control-Allow-Origin: https://onesignal.com
Cache-Control: max-age=604800
Expires: Thu, 08 Sep 2022 00:14:37 GMT

GET
H/1.1 200
OK customscript.js Show response
catiororeflexivo.com/wp-content/themes/mts_sense/js/ 8 KB
3 KB 243ms
239ms Script
application/javascript 151.80.19.172
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://catiororeflexivo.com/wp-content/themes/mts_sense/js/customscript.js

Requested by

Host: 151.80.19.172
URL: https://151.80.19.172/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.80.19.172 Roubaix, France, ASN16276 (OVH, FR),

Reverse DNS

ns395207.ip-151-80-19.eu

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

aa027849b4bacc5886dc750859b05b13a2fc02fc5ecf01e94012ba6f40f5c8e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Thu, 01 Sep 2022 00:14:37 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 08 May 2019 16:11:07 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Frame-Options: SAMEORIGIN
ETag: W/"5cd2ff9b-1eac"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Access-Control-Allow-Origin: https://onesignal.com
Cache-Control: max-age=604800
Expires: Thu, 08 Sep 2022 00:14:37 GMT

GET
H/1.1 200
OK owl.carousel.min.js Show response
catiororeflexivo.com/wp-content/themes/mts_sense/js/ 49 KB
14 KB 240ms
240ms Script
application/javascript 151.80.19.172
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://catiororeflexivo.com/wp-content/themes/mts_sense/js/owl.carousel.min.js

Requested by

Host: 151.80.19.172
URL: https://151.80.19.172/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.80.19.172 Roubaix, France, ASN16276 (OVH, FR),

Reverse DNS

ns395207.ip-151-80-19.eu

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

e7d13f9991e15eb8f6d7351a30e06fba891d8b1671f4a9268e3a539f3ac62524

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Thu, 01 Sep 2022 00:14:37 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 08 May 2019 16:11:07 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Frame-Options: SAMEORIGIN
ETag: W/"5cd2ff9b-c2d1"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Access-Control-Allow-Origin: https://onesignal.com
Cache-Control: max-age=604800
Expires: Thu, 08 Sep 2022 00:14:37 GMT

GET
H/1.1 200
OK ajax.js Show response
catiororeflexivo.com/wp-content/themes/mts_sense/js/ 19 KB
7 KB 256ms
252ms Script
application/javascript 151.80.19.172
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://catiororeflexivo.com/wp-content/themes/mts_sense/js/ajax.js

Requested by

Host: 151.80.19.172
URL: https://151.80.19.172/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.80.19.172 Roubaix, France, ASN16276 (OVH, FR),

Reverse DNS

ns395207.ip-151-80-19.eu

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

175b35d83260fc0b54cbc4ac4a046fbcdea118808e4e83598668f33a8c1b1f76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Thu, 01 Sep 2022 00:14:37 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 08 May 2019 16:11:07 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Frame-Options: SAMEORIGIN
ETag: W/"5cd2ff9b-4af4"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Access-Control-Allow-Origin: https://onesignal.com
Cache-Control: max-age=604800
Expires: Thu, 08 Sep 2022 00:14:37 GMT

GET
H2 200 1c41d694-b48a-41e8-aafa-0e701a9eb076 Show response
tags.premiumads.com.br/dfp/ 79 KB
25 KB 37ms
18ms Script
text/javascript 2606:4700:20::681a:f79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.premiumads.com.br/dfp/1c41d694-b48a-41e8-aafa-0e701a9eb076

Requested by

Host: 151.80.19.172
URL: https://151.80.19.172/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:f79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

45ccc603d4fe384cadce87ab070c4a5badcf9ca36caeb138f86fe560c171925b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 00:14:37 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 518757
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NXYmPr86Dp94X4sqrH4QoHL3%2FCNDYUte8cgi57OQEPIKTFzqqmOen%2B6%2F9AXZdKbD8%2B9ZCyMlyujtYVsWaHOCY0uMT8B1H%2FAzoAweY7OjYNWqIBJC4SszoIf4Ok2dJ8nIXFFeYjU7Nc1%2F%2BKpp67ugKoW8qB4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=3600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Fri, 26 Aug 2022 00:08:40 GMT
strict-transport-security: max-age=2592000
cf-ray: 7439ce8caf261fb7-NRT

GET
H/1.1 200
OK /
catiororeflexivo.com/mulher-resgata-com-a-ajuda-de-uma-policial-gatinha-preta-que-estava-presa-em-uma-estrada-e-a-adota/ 0
0 255ms
255ms Other
text/html 151.80.19.172
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://catiororeflexivo.com/mulher-resgata-com-a-ajuda-de-uma-policial-gatinha-preta-que-estava-presa-em-uma-estrada-e-a-adota/
Requested by: Host: 151.80.19.172
URL: https://151.80.19.172/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 151.80.19.172 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS: ns395207.ip-151-80-19.eu
Software: /
Resource Hash

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
catiororeflexivo.com/wp-includes/js/ 18 KB
6 KB 238ms
238ms Script
application/javascript 151.80.19.172
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://catiororeflexivo.com/wp-includes/js/wp-emoji-release.min.js

Requested by

Host: 151.80.19.172
URL: https://151.80.19.172/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.80.19.172 Roubaix, France, ASN16276 (OVH, FR),

Reverse DNS

ns395207.ip-151-80-19.eu

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Thu, 01 Sep 2022 00:14:38 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 27 May 2022 16:49:44 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Frame-Options: SAMEORIGIN
ETag: W/"62910128-48b9"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Access-Control-Allow-Origin: https://onesignal.com
Cache-Control: max-age=604800
Expires: Thu, 08 Sep 2022 00:14:38 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208290101/ 343 KB
121 KB 111ms
107ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208290101/show_ads_impl_fy2021.js?bust=31069218

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1376237005157464

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

260ce6e75b8051d3455793becac47e796ee358567a1601240d6a2c334a4d7580

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 00:14:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123678
x-xss-protection: 0
server: cafe
etag: 7298581275714251226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Sep 2022 00:14:37 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220829/r20190131/ Frame FEEE 10 KB
5 KB 46ms
3ms Document
text/html 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220829/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1376237005157464

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://151.80.19.172/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 28329
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 Aug 2022 16:22:27 GMT
etag: 8616628553774171045
expires: Wed, 14 Sep 2022 16:22:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/portaldoanimal-catiororeflexivo/ 343 KB
29 KB 190ms
172ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/portaldoanimal-catiororeflexivo/loader.js
Requested by: Host: 151.80.19.172
URL: https://151.80.19.172/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c7f10334be8b7cad1db5820314348bd0a05cbbcf9cfe0852ceb518534e13558e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id: t5aMB.GLfWNeWFOdz2D4O7KQiHIy.whI
content-encoding: gzip
etag: "cf2991c72d549a156b33a12d2e2de0b5"
age: 0
x-cache: HIT
content-length: 29592
x-amz-id-2: DGetRuq5jcEuWFs7wpsuRoe0pFvPqEtQyUlH9tcv3Qe4ylp/4rqLqWfDwcbBCMkFAK1WFGGKxrU=
x-served-by: cache-tyo11949-TYO
last-modified: Wed, 31 Aug 2022 13:46:24 GMT
server: AmazonS3
x-timer: S1661991278.548318,VS0,VE170
date: Thu, 01 Sep 2022 00:14:37 GMT
vary: Accept-Encoding
x-amz-request-id: K04H3W92E04N5J5F
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 85
x-cache-hits: 1

GET
H/1.1 200
OK nobg.png
catiororeflexivo.com/wp-content/themes/mts_sense/images/ 68 B
649 B 264ms
249ms Image
image/png 151.80.19.172
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://catiororeflexivo.com/wp-content/themes/mts_sense/images/nobg.png

Requested by

Host: 151.80.19.172
URL: https://151.80.19.172/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.80.19.172 Roubaix, France, ASN16276 (OVH, FR),

Reverse DNS

ns395207.ip-151-80-19.eu

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

01fc92b7704c3e3baaefd2ce87ce17e2ea266a1bb4244f032da25931e9c6fb92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Thu, 01 Sep 2022 00:14:37 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 68
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 08 May 2019 16:11:07 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "5cd2ff9b-44"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Access-Control-Allow-Origin: https://onesignal.com
Cache-Control: max-age=604800
Accept-Ranges: bytes
Expires: Thu, 08 Sep 2022 00:14:37 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/pt_BR/ 303 KB
86 KB 15ms
2ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/sdk.js?hash=b99ec9ca8e58f436a254c2d636895a10

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bd41ba0f788dad3fab0e17a6a44fbd9fdb73f17779728efe97c6e453bdc56c50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://151.80.19.172/
Origin: https://151.80.19.172
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: lI+eJksdgP4sn7CyZtR3OA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 88023
x-fb-rlafr: 0
x-fb-debug: LR66oVck5gkRzaXhZf2lBhfO9ZXAyUjaY8S/PAU2+NfI+y3gruUDYIne2C0w2eEoRrO6P+JK07KIzSnbjhuPzg==
x-fb-content-md5: 8fcd2b327b2c74027946f6b6bdc02628
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 01 Sep 2022 00:14:37 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "79be04cdd5051cd9c453a04816d4a798"
timing-allow-origin: *
priority: u=3,i
expires: Thu, 31 Aug 2023 21:43:03 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 49ms
4ms Font
font/woff2 2404:6800:4004:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Slab:700|Roboto:700|Roboto:normal&subset=latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81f::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://151.80.19.172
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:33:35 GMT
x-content-type-options: nosniff
age: 574862
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Aug 2023 08:33:35 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 48ms
8ms Font
font/woff2 2404:6800:4004:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Slab:700|Roboto:700|Roboto:normal&subset=latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81f::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://151.80.19.172
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 19:32:54 GMT
x-content-type-options: nosniff
age: 16903
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Aug 2023 19:32:54 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
catiororeflexivo.com/wp-content/plugins/my-wp-mega-menu/fonts/ 75 KB
76 KB 1002ms
500ms Font
application/octet-stream 151.80.19.172
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://catiororeflexivo.com/wp-content/plugins/my-wp-mega-menu/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: catiororeflexivo.com
URL: https://catiororeflexivo.com/wp-content/plugins/my-wp-mega-menu/css/font-awesome.min.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 151.80.19.172 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS: ns395207.ip-151-80-19.eu
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://catiororeflexivo.com/wp-content/plugins/my-wp-mega-menu/css/font-awesome.min.css
Origin: https://151.80.19.172
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Thu, 01 Sep 2022 00:14:38 GMT
Last-Modified: Wed, 08 May 2019 16:43:57 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "5cd3074d-12d68"
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 77160
Expires: Thu, 08 Sep 2022 00:14:38 GMT

GET
H2 200 BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjoa4Omb2Rj.woff2
fonts.gstatic.com/s/robotoslab/v24/ 13 KB
13 KB 37ms
6ms Font
font/woff2 2404:6800:4004:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v24/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjoa4Omb2Rj.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Slab:700|Roboto:700|Roboto:normal&subset=latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81f::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

084c044e1a353a41a04f9c923b418d582f8e8d3a1996053c8e4912a57d158799

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://151.80.19.172
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 18:09:54 GMT
x-content-type-options: nosniff
age: 281083
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12820
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:15:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 28 Aug 2023 18:09:54 GMT

GET
H/1.1 200
OK k-350x230.jpeg
catiororeflexivo.com/wp-content/uploads/2022/03/ 22 KB
23 KB 701ms
494ms Image
image/jpeg 151.80.19.172
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://catiororeflexivo.com/wp-content/uploads/2022/03/k-350x230.jpeg

Requested by

Host: 151.80.19.172
URL: https://151.80.19.172/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.80.19.172 Roubaix, France, ASN16276 (OVH, FR),

Reverse DNS

ns395207.ip-151-80-19.eu

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

c05787027324ab2f8154688e48e168845560abcd3df64c9bb092788a948d7608

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Thu, 01 Sep 2022 00:14:37 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 22657
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 10 Mar 2022 17:21:10 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "622a3386-5881"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://onesignal.com
Cache-Control: max-age=604800
Accept-Ranges: bytes
Expires: Thu, 08 Sep 2022 00:14:37 GMT

GET
H/1.1 200
OK WhatsApp-Image-2022-03-10-at-14.45.35-1-350x230.jpeg
catiororeflexivo.com/wp-content/uploads/2022/03/ 23 KB
23 KB 419ms
237ms Image
image/jpeg 151.80.19.172
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://catiororeflexivo.com/wp-content/uploads/2022/03/WhatsApp-Image-2022-03-10-at-14.45.35-1-350x230.jpeg

Requested by

Host: 151.80.19.172
URL: https://151.80.19.172/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.80.19.172 Roubaix, France, ASN16276 (OVH, FR),

Reverse DNS

ns395207.ip-151-80-19.eu

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

4782e14bc2922c4b1c9da8e4f20cacfe319c11bfb095bdb5b5bd88344e7c4293

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Thu, 01 Sep 2022 00:14:37 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 23414
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 10 Mar 2022 17:46:47 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "622a3987-5b76"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://onesignal.com
Cache-Control: max-age=604800
Accept-Ranges: bytes
Expires: Thu, 08 Sep 2022 00:14:37 GMT

GET
H/1.1 200
OK Design-sem-nome-1-350x230.jpg
catiororeflexivo.com/wp-content/uploads/2022/02/ 21 KB
21 KB 435ms
237ms Image
image/jpeg 151.80.19.172
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://catiororeflexivo.com/wp-content/uploads/2022/02/Design-sem-nome-1-350x230.jpg

Requested by

Host: 151.80.19.172
URL: https://151.80.19.172/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.80.19.172 Roubaix, France, ASN16276 (OVH, FR),

Reverse DNS

ns395207.ip-151-80-19.eu

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

d83d44469cdd7df841b63405b4e8576729f64d3cf152dccf83fb223a65ba5ef5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Thu, 01 Sep 2022 00:14:37 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 21074
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 28 Feb 2022 12:18:03 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "621cbd7b-5252"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://onesignal.com
Cache-Control: max-age=604800
Accept-Ranges: bytes
Expires: Thu, 08 Sep 2022 00:14:37 GMT

GET
H/1.1 200
OK WhatsApp-Image-2022-03-18-at-13.47.32-1-350x230.jpeg
catiororeflexivo.com/wp-content/uploads/2022/03/ 14 KB
15 KB 432ms
234ms Image
image/jpeg 151.80.19.172
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://catiororeflexivo.com/wp-content/uploads/2022/03/WhatsApp-Image-2022-03-18-at-13.47.32-1-350x230.jpeg

Requested by

Host: 151.80.19.172
URL: https://151.80.19.172/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.80.19.172 Roubaix, France, ASN16276 (OVH, FR),

Reverse DNS

ns395207.ip-151-80-19.eu

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

ecefab04fab92a05dee2402ec9b11f08e65ca1192b18abe7fd924541cdedf6f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Thu, 01 Sep 2022 00:14:37 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 14429
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 18 Mar 2022 16:48:02 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "6234b7c2-385d"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://onesignal.com
Cache-Control: max-age=604800
Accept-Ranges: bytes
Expires: Thu, 08 Sep 2022 00:14:37 GMT

GET
H/1.1 200
OK WhatsApp-Image-2022-03-25-at-15.47.05-350x230.jpeg
catiororeflexivo.com/wp-content/uploads/2022/03/ 23 KB
23 KB 685ms
501ms Image
image/jpeg 151.80.19.172
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://catiororeflexivo.com/wp-content/uploads/2022/03/WhatsApp-Image-2022-03-25-at-15.47.05-350x230.jpeg

Requested by

Host: 151.80.19.172
URL: https://151.80.19.172/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.80.19.172 Roubaix, France, ASN16276 (OVH, FR),

Reverse DNS

ns395207.ip-151-80-19.eu

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

3466ba5a141d2a6c6f9f35e2de5cf56273196a931d39a5248f023eb7ee33f5aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Thu, 01 Sep 2022 00:14:37 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 23263
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 25 Mar 2022 18:47:28 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "623e0e40-5adf"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://onesignal.com
Cache-Control: max-age=604800
Accept-Ranges: bytes
Expires: Thu, 08 Sep 2022 00:14:37 GMT

GET
H/1.1 200
OK WhatsApp-Image-2022-03-31-at-09.22.10-350x230.jpeg
catiororeflexivo.com/wp-content/uploads/2022/03/ 21 KB
22 KB 632ms
237ms Image
image/jpeg 151.80.19.172
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://catiororeflexivo.com/wp-content/uploads/2022/03/WhatsApp-Image-2022-03-31-at-09.22.10-350x230.jpeg

Requested by

Host: 151.80.19.172
URL: https://151.80.19.172/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.80.19.172 Roubaix, France, ASN16276 (OVH, FR),

Reverse DNS

ns395207.ip-151-80-19.eu

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

c3b6eb9a3b18afcd07f9c80c473fa6b00a4c0689e91f8b40eb1dd84e2e7ff04c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Thu, 01 Sep 2022 00:14:38 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 21644
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 31 Mar 2022 12:22:54 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "62459d1e-548c"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://onesignal.com
Cache-Control: max-age=604800
Accept-Ranges: bytes
Expires: Thu, 08 Sep 2022 00:14:38 GMT

GET
H/1.1 200
OK 00-23-350x230.jpg
catiororeflexivo.com/wp-content/uploads/2022/07/ 19 KB
19 KB 463ms
250ms Image
image/jpeg 151.80.19.172
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://catiororeflexivo.com/wp-content/uploads/2022/07/00-23-350x230.jpg

Requested by

Host: 151.80.19.172
URL: https://151.80.19.172/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.80.19.172 Roubaix, France, ASN16276 (OVH, FR),

Reverse DNS

ns395207.ip-151-80-19.eu

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

680c561a07ec71710baa5d483d9baed1348a056630d627ce924697567ed20346

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Thu, 01 Sep 2022 00:14:37 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 19266
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 19 Jul 2022 12:06:58 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "62d69e62-4b42"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://onesignal.com
Cache-Control: max-age=604800
Accept-Ranges: bytes
Expires: Thu, 08 Sep 2022 00:14:37 GMT

GET
H/1.1 200
OK 00-22-350x230.jpg
catiororeflexivo.com/wp-content/uploads/2022/07/ 20 KB
21 KB 639ms
235ms Image
image/jpeg 151.80.19.172
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://catiororeflexivo.com/wp-content/uploads/2022/07/00-22-350x230.jpg

Requested by

Host: 151.80.19.172
URL: https://151.80.19.172/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.80.19.172 Roubaix, France, ASN16276 (OVH, FR),

Reverse DNS

ns395207.ip-151-80-19.eu

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

64c64c43b248d3b7cb5226b28fb0623c19c99304b04a769acf3b6dbeb1cd46d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Thu, 01 Sep 2022 00:14:38 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 20810
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 15 Jul 2022 13:41:29 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "62d16e89-514a"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://onesignal.com
Cache-Control: max-age=604800
Accept-Ranges: bytes
Expires: Thu, 08 Sep 2022 00:14:38 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 78ms
36ms XHR
text/plain 2404:6800:4004:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1243782699&t=pageview&_s=1&dl=https%3A%2F%2F151.80.19.172%2F&ul=en-us&de=UTF-8&dt=Iti%20malia&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1320202924&gjid=154290715&cid=58205280.1661991278&tid=UA-139911812-1&_gid=1554506017.1661991278&_r=1&_slc=1&z=817560852

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://151.80.19.172/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 00:14:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://151.80.19.172
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 43ms
36ms XHR
text/plain 2404:6800:4004:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1243782699&t=pageview&_s=1&dl=https%3A%2F%2F151.80.19.172%2F&ul=en-us&de=UTF-8&dt=Iti%20malia&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAAC~&jid=2060230490&gjid=1861545091&cid=58205280.1661991278&tid=UA-139911812-1&_gid=1554506017.1661991278&_r=1&gtm=2ou8t0&z=1127661772

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://151.80.19.172/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 00:14:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://151.80.19.172
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 385 B
694 B 84ms
40ms Script
text/javascript 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=151.80.19.172&callback=_gfp_s_&client=ca-pub-1376237005157464&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208290101/show_ads_impl_fy2021.js?bust=31069218

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e788f0e6402d87e526b8554b4d156e7c72f055e112075e688024c28a019ed332

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 00:14:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 249
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.jp/adsid/ 107 B
792 B 83ms
40ms Script
application/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/adsid/integrator.js?domain=151.80.19.172

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208290101/show_ads_impl_fy2021.js?bust=31069218

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Sep 2022 00:14:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 87ms
39ms Script
application/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=151.80.19.172

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208290101/show_ads_impl_fy2021.js?bust=31069218

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Sep 2022 00:14:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4719 603 B
67 B 97ms
56ms Document
text/html 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1376237005157464&output=html&adk=318159125&adf=2184669829&lmt=1661991277&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2F151.80.19.172%2F&ea=0&pra=5&wgl=1&easpf=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=0&asnd=0&asnp=0&asns=0&asmat=1&asptt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661991276435&bpp=1098&bdt=132&idt=1302&shv=r20220829&mjsv=m202208290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8354661924985&frm=20&pv=2&ga_vid=58205280.1661991278&ga_sid=1661991278&ga_hid=1243782699&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31069218&oid=2&pvsid=2233492164336794&tmod=1105169742&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1320

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208290101/show_ads_impl_fy2021.js?bust=31069218

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://151.80.19.172/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 01 Sep 2022 00:14:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 impl.20220831-3-RELEASE.js Show response
cdn.taboola.com/libtrc/ 680 KB
141 KB 4ms
2ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20220831-3-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/portaldoanimal-catiororeflexivo/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: c9640eb2befb4938a64076908c70b3e3b72c1af042b031026e8a981d186ccff7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id: 1JDvz_ZoSnAjRGhNysmH_XrtoAgjywOs
content-encoding: br
etag: "d755a28c23177ed7593de1487c2c097b"
age: 26386
x-cache: HIT
content-length: 143823
x-amz-id-2: lFSRlk+xVY94rEUlPw9F0iTZKvhU1/gQPj1Yr28YDjLElfQSAVmr9BAfeKAmqW2UT4/7gwDmdzI=
x-served-by: cache-tyo11949-TYO
last-modified: Wed, 31 Aug 2022 08:46:36 GMT
server: AmazonS3-br
x-timer: S1661991278.781720,VS0,VE0
date: Thu, 01 Sep 2022 00:14:37 GMT
vary: Accept-Encoding
x-amz-request-id: XECE5MTQG372T9KW
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 35
x-cache-hits: 46894

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 15ms
5ms Script
application/javascript 99.84.140.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/portaldoanimal-catiororeflexivo/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.140.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-140-69.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 23:10:09 GMT
content-encoding: gzip
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
server: AmazonS3
age: 3869
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 d21801cab7ccaa4ff7de3d7b9e37921e.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: NRT57-C3
x-amz-cf-id: -ro4vszX3Gipm8le5uLy5zOxLI0K872kj_13zXEETxdctU9UUCDkTg==

GET
H2 200 pbjs-min.js Show response
tags.premiumads.com.br/scripts/ 329 KB
97 KB 25ms
23ms Script
application/javascript 2606:4700:20::681a:f79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20220810

Requested by

Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/dfp/1c41d694-b48a-41e8-aafa-0e701a9eb076

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:f79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

c952122cfdbe7e35ab243b1b609f4361281ec0c3caef8112a15b6d3d9a536e4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 00:14:37 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
last-modified: Tue, 23 Aug 2022 15:18:22 GMT
server: cloudflare
age: 527502
x-powered-by: ASP.NET
etag: W/"1d8b70394fa97f2"
strict-transport-security: max-age=2592000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ylbfFtvpKDw5x%2BemNGH8Va34uw6fq7iLe89TfXAoCpZykvOIWgHpXose8uEnhBqa3zJM%2BSbIUlm5t%2BexqySMmJ3fgJjhd5L9wPQTvgqu0JC4iSZZHiA5GBdADSBpYz6CA1T4AT9T5ujRGIxcsn9ctGK%2FACg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7439ce8e3ff91fb7-NRT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 83 KB
28 KB 89ms
43ms Script
text/javascript 2404:6800:4004:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/dfp/1c41d694-b48a-41e8-aafa-0e701a9eb076

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5fbf2f3ba133d62c4846754a8ae004fb0a261d4ea449bbf058bc667cd752a52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 00:14:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28486
x-xss-protection: 0
server: sffe
etag: "1320 / 267 of 1000 / last-modified: 1661983656"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 01 Sep 2022 00:14:37 GMT

GET
H2 200 p_icons_3.png
tags.premiumads.com.br/Content/ 12 KB
12 KB 28ms
27ms Image
image/png 2606:4700:20::681a:f79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tags.premiumads.com.br/Content/p_icons_3.png

Requested by

Host: 151.80.19.172
URL: https://151.80.19.172/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:f79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

bcd71666ea63d4a00969b970c9cdba3cd15b06b53bc84e96df351324c6cd6c5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 00:14:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 527279
x-powered-by: ASP.NET
strict-transport-security: max-age=2592000
content-length: 12013
last-modified: Tue, 23 Aug 2022 15:18:22 GMT
server: cloudflare
etag: "1d8b70394ff9ded"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vo00gRYROKvQwaiJZnPa3ER9Ada7nR7S2hbEWpPSPd99CZY74Zo30TNzctBGNo5GRNbKiWLcW%2BXWMpLbf83TVyZKVDkn7jSoiffwIxpW6m8DA9ZuY4NBXXKFK6aC1hl3Ra83owh3KD0WLuEeqeie8QUOPoo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7439ce8e38001fb7-NRT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25a5de68d390f7c0ee9384f03a6f087c66bc3b6eb37c37f7351735770183017f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK WhatsApp-Image-2022-03-10-at-14.26.46-1110x550.jpeg
catiororeflexivo.com/wp-content/uploads/2022/03/ 85 KB
86 KB 405ms
236ms Image
image/jpeg 151.80.19.172
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://catiororeflexivo.com/wp-content/uploads/2022/03/WhatsApp-Image-2022-03-10-at-14.26.46-1110x550.jpeg

Requested by

Host: catiororeflexivo.com
URL: https://catiororeflexivo.com/wp-content/themes/mts_sense/js/owl.carousel.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.80.19.172 Roubaix, France, ASN16276 (OVH, FR),

Reverse DNS

ns395207.ip-151-80-19.eu

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

f535f19096cc29be2fa3c760b5b821d292f84107232b4f56cd465b551992d708

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Thu, 01 Sep 2022 00:14:38 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 87430
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 10 Mar 2022 17:27:16 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "622a34f4-15586"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://onesignal.com
Cache-Control: max-age=604800
Accept-Ranges: bytes
Expires: Thu, 08 Sep 2022 00:14:38 GMT

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1661991277843&ns_c=UTF-8&c7=https%3A%2F%2F151.80.19.172%2F&c8=Iti%20malia&c9=
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1661991277843&ns_c=UTF-8&c7=https%3A%2F%2F151.80.19.172%2F&c8=Iti%20malia&c9=

0
189 B

225ms
224ms

Image
text/plain

99.84.140.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1661991277843&ns_c=UTF-8&c7=https%3A%2F%2F151.80.19.172%2F&c8=Iti%20malia&c9=
Requested by: Host: 151.80.19.172
URL: https://151.80.19.172/
Protocol: H2
Server: 99.84.140.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-140-69.nrt57.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 00:14:38 GMT
via: 1.1 d21801cab7ccaa4ff7de3d7b9e37921e.cloudfront.net (CloudFront)
x-amz-cf-pop: NRT57-C3
x-amz-cf-id: lwAZwzMTd23Sd5O0t2GbkrozFJhiQqJbC-FBaRjaJWarICN7PPRxRg==
x-cache: Miss from cloudfront

Redirect headers

location: /b2?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1661991277843&ns_c=UTF-8&c7=https%3A%2F%2F151.80.19.172%2F&c8=Iti%20malia&c9=
date: Thu, 01 Sep 2022 00:14:37 GMT
via: 1.1 d21801cab7ccaa4ff7de3d7b9e37921e.cloudfront.net (CloudFront)
x-amz-cf-pop: NRT57-C3
content-length: 0
x-amz-cf-id: d5l6NxUVeXXoKU_0y4Plz3agmvZI7nHJ1Uh0qM-9gZitOKTwa547xQ==
x-cache: Miss from cloudfront

GET
H3 200 pubads_impl_2022083001.js Show response
securepubads.g.doubleclick.net/gpt/ 379 KB
129 KB 45ms
5ms Script
text/javascript 2404:6800:4004:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js?cb=31069258

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4baa280c316f80216c7d9dcb64f308726f23cfe4fd4ada8d36aee7c3ea101108

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 11:18:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 132976
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131975
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 08:35:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 30 Aug 2023 11:18:21 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 35 B
73 B 76ms
38ms XHR
application/json 2404:6800:4004:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=151.80.19.172

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d3c81763d3d77176f843f1bf7e5caaae025d504f9d1b351ed0363936bcb1708f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Sep 2022 00:14:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49
x-xss-protection: 0
expires: Thu, 01 Sep 2022 00:14:38 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
335 B 695ms
232ms XHR
application/json 185.86.138.124
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20220810
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://151.80.19.172/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 00:14:38 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://151.80.19.172
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
335 B 694ms
231ms XHR
application/json 185.86.138.124
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20220810
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://151.80.19.172/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 00:14:38 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://151.80.19.172
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
505 B 280ms
140ms XHR
application/json 18.140.14.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.9.0&referrer=https%3A%2F%2Fcatiororeflexivo.com%2F&tmax=2500

Requested by

Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20220810

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.140.14.88 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-140-14-88.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://151.80.19.172/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 00:14:38 GMT
accept-ch: sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect
content-type: application/json; charset=utf-8
access-control-allow-origin: https://151.80.19.172
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 260 B
1 KB 206ms
67ms XHR
application/json 103.43.90.19
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20220810

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

103.43.90.19 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

63563f3ddeae040347d3bafdebe397f23252b3090d021f13759740d6361a7730

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://151.80.19.172/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 01 Sep 2022 00:14:38 GMT
X-Proxy-Origin: 217.138.252.215; 217.138.252.215; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 345ee4c3-647d-458b-94c5-3beb740cb1c1
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://151.80.19.172
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 260
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
311 B 110ms
103ms XHR
application/json 182.161.74.18
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.9.0&cb=44959121746&lsavail=0

Requested by

Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20220810

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://151.80.19.172/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 01 Sep 2022 00:14:37 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://151.80.19.172
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 260 B
1 KB 214ms
79ms XHR
application/json 103.43.90.19
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20220810

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

103.43.90.19 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

892f14d59d902b606d1943a7bc8786c2a51ddf26f93f634976a5257e80b68503

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://151.80.19.172/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 01 Sep 2022 00:14:38 GMT
X-Proxy-Origin: 217.138.252.215; 217.138.252.215; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 995387ab-4bd3-46c2-90da-1e20c2289006
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://151.80.19.172
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 260
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
410 B 232ms
76ms XHR
application/json 139.99.49.250
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20220810

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),

Reverse DNS

ip250.ip-139-99-49.net

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://151.80.19.172/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
access-control-allow-headers: content-type, origin, referer, user-agent
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://151.80.19.172
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 41

GET
H3 200 integrator.js Show response
adservice.google.co.jp/adsid/ 107 B
122 B 78ms
38ms Script
application/javascript 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/adsid/integrator.js?domain=151.80.19.172

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js?cb=31069258

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Sep 2022 00:14:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 81ms
43ms Script
application/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=151.80.19.172

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js?cb=31069258

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Sep 2022 00:14:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
379 B 75ms
75ms XHR
text/plain 2404:6800:4004:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2233492164336794&correlator=2416419028441120&eid=31068928%2C31069227%2C31069230%2C31069258&output=ldjh&gdfp_req=1&vrg=2022083001&ptt=17&impl=fifs&iu_parts=75894840%3A22485948017%2CCATIORO_REFLEXIVO_FLEX%2CCATIORO_REFLEXIVO_HEADERSTICKY&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=120x600%2C970x90%7C728x90%7C1600x90&ifi=2&adks=2034309099%2C1413480954&sfv=1-0-38&fsbs=1%2C1&fsapi=false&prev_scp=data_type%3Dflex%26pp_loop%3D00%7Cdata_type%3Danchor%26pp_sticky%3Dtop%26pp_loop%3D00%26pp_pb%3D0.30&cust_params=url%3Dcatiororeflexivo.com%26categoria%3Dhome&sc=1&cookie_enabled=1&abxe=1&dt=1661991278754&lmt=1661991278&dlt=1661991276303&idt=1714&adxs=-135%2C315&adys=315%2C-120&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2F151.80.19.172%2F&frm=20&vis=1&psz=150x-1%7C1600x-1&msz=120x-1%7C1600x-1&fws=516%2C516&ohw=1600%2C1600&ga_vid=58205280.1661991278&ga_sid=1661991278&ga_hid=1243782699&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js?cb=31069258

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

891aa544d109d2ee674488c71436b01f2e1a5547050de77f117fe72cff744940

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 00:14:38 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 348
x-xss-protection: 0
google-lineitem-id: -2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://151.80.19.172
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
385c4aa9e16306c708107131a660485b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 594F 6 KB
4 KB 118ms
40ms Document
text/html 2404:6800:4004:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://385c4aa9e16306c708107131a660485b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js?cb=31069258

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80b::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://151.80.19.172/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 01 Sep 2022 00:14:38 GMT
expires: Fri, 01 Sep 2023 00:14:38 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 100ms
60ms XHR
application/json 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220829&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208290101/show_ads_impl_fy2021.js?bust=31069218

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7377067b2852731e1b4d2b5ead493eb0455eabaecf6df01c90671ba380101942

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Sep 2022 00:14:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11107
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 98ms
57ms Script
text/javascript 2404:6800:4004:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208290101/show_ads_impl_fy2021.js?bust=31069218

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81f::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 00:14:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 01 Sep 2022 00:14:39 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2576 13 KB
5 KB 44ms
3ms Document
text/html 2404:6800:4004:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81f::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://151.80.19.172/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 70478
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 31 Aug 2022 04:40:01 GMT
expires: Thu, 31 Aug 2023 04:40:01 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F755 783 B
1 KB 87ms
44ms Document
text/html 2404:6800:4004:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3c08fb2b2fa459eef752ef52f48544620fc03a87439a65879679205ae3a0ddbc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wVblWvme7Iikd-CRxPtx-Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://151.80.19.172/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-wVblWvme7Iikd-CRxPtx-Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 01 Sep 2022 00:14:39 GMT
expires: Thu, 01 Sep 2022 00:14:39 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 X5Wcp9Ugq7sZToVDu26YRTjm5OYazRuFrO0o8wz5lEo.js Show response
pagead2.googlesyndication.com/bg/ Frame 2576 36 KB
36 KB 2ms
2ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/X5Wcp9Ugq7sZToVDu26YRTjm5OYazRuFrO0o8wz5lEo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f959ca7d520abbb194e8543bb6e984538e6e4e61acd1b85aced28f30cf9944a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 19:22:57 GMT
x-content-type-options: nosniff
age: 103902
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36673
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 11:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Aug 2023 19:22:57 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F755 0
0 38ms
38ms Image
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220829&jk=2233492164336794&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2576 0
10 B 3ms
2ms Image
text/plain 2404:6800:4004:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?KU6IpA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:81f::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 00:14:39 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 42ms
42ms Image
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220829&jk=2233492164336794&bg=!xcalxoLNAAaXrHhMt6w7ACkAdvg8Wlm9F0C_XlIWgV_JD5lXf0wMZ4J8N81q75Q0InlWrmO9mjFZRAIAAABoUgAAAARoAQcKAGnZjz2VCmECdbJ6K4ClF3bVbFk67Ais8OzHrtORaf3R04AaRxXmfH6uyARxzAPa2cQ234Q6HqAUiFpr4_4uRQhx5X3MRKZkzsLwfL23FSvxFDM-VpBZTyW6zgGIq1N4rTtcuqWptyiHMhKZAqhID0hr_C_-1qI7Xd2sb82cav3q_TmJdlqXQoNgZVwlI4422OUfwUB7P_w9ApQTxRinlf_Nabadr-amTVcNCvtp_vx9lOgSLltAKuhKYK9dL4_sEkwfv-1CixQKYcRjL1IGu_Bxzmnqm5IcuK3g3WmWbNgQ-ebHTaiTiJrkW0enhW8br72DigkCHSJlQCz3eb0lq5xoNEdveCE5EN6EWI_kR0TK4M8CZ7R62E_M-vnJliM-GfwUS-pND04pq9NFc1xDQpyX9LQwJwdn90DNrQefaN4ly9wmI7sFxDRcast1_70rB5DVT_rDw61DdZbqA3ss1He7NVave7hqox0VVaoZ9CG0riM_GZqYvqg8nCz_ebBUCH30Is2Bf3V4gFjvs-IrbOVOxx614rz3c9dqSPXypEax6Pc30F-pfWbWw-i3_EQ1DYb9B5JM3tr8p4BxfNfSATz6IKz6gnHkOh9o3-Zg66afnd2SLY74-wjm3DTxvl2-dBohp9si21TiTepl0LWlJWafrCiLikjzxnHoWyegmuMQ9aR1F6GzJkhbmFW7UqnK3jRE_unKddJPDv0OTJu_fwFbFE2vtM0R8makPPagYCKGQP3zOi5MSRmUE00Dtg2S9UHrSDq8HIQdty-M7ZHcZ6X0MyKS272TYa4kRtOdy3aIN6IwIV1FO6SGzdX-6zHxO9Eud0hbO-622IN3kVHkiiXEvBf0XoEorm4BRdYKapUCQzrP48RvWnjWUjUBGQShGkwky4WyyJcX2_UBJCIKCsxF_0mp8MjjLePR7y8KCsuzuKRNmCh9qoJ03dABEPzeAPQUPvD8wiCuRI1F-KCM30KYCw-ko0GTIJRHW5QMo-zjVnbq1CxGsUYZCWRJPyYxqb4IFo-XFuUIU5wmWnFZx9vGYMhFhg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

GET
H2 200 publishertag.prebid.123.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 36ms
16ms Script
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.123.js

Requested by

Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20220810

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 00:14:40 GMT
content-encoding: gzip
last-modified: Tue, 03 May 2022 11:21:03 GMT
server: nginx
etag: W/"6271101f-15b58"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 02 Sep 2022 00:14:40 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame A1F7 15 KB
6 KB 19ms
6ms Document
text/html 2406:2600:4::b
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=151.80.19.172

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

a4341c4c513889841887be579831125200a94753a15e19bec0252a8569b3a931

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://151.80.19.172/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 01 Sep 2022 00:14:40 GMT
server: Kestrel
server-processing-duration-in-ticks: 371117
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 15ms
6ms XHR
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

d91c38797a4f40c02b517763adb6b8d25ca0d0af244856025ecc3543b8540679

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 00:14:40 GMT
content-encoding: gzip
last-modified: Tue, 23 Aug 2022 00:22:08 GMT
server: nginx
etag: W/"63041db0-15cdc"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 02 Sep 2022 00:14:40 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame A1F7
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=151.80.19.172&sn=ChromeSyncframe&so=0&topUrl=151.80.19.172&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=uXyYu3w5djlPSnplK0V2TGM5SDNsRDNYazZENUtmMTFML0taQVhGc215ZXA3Rm5iNlRoelFJVkFNZVppN0t3ZnF6UHlJWDA4VXo1NEwxRjg3UXpFRnZLL0tzWW1TVHZHTFpTc2FlVDVuUENHWktCcFQrNmgrMnNhbGZRcX...

422 B
653 B

11ms
3ms

Fetch
application/json

182.161.74.11
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=uXyYu3w5djlPSnplK0V2TGM5SDNsRDNYazZENUtmMTFML0taQVhGc215ZXA3Rm5iNlRoelFJVkFNZVppN0t3ZnF6UHlJWDA4VXo1NEwxRjg3UXpFRnZLL0tzWW1TVHZHTFpTc2FlVDVuUENHWktCcFQrNmgrMnNhbGZRcXhkUFVYQzJnYWNlUUtMQURDc0dhU3laQWUxRTNXZXFMM3dUaFhra3pRS2txSEZJZGJpZFl3L0JSUmQwaVBhbHp6UkVQSFIxS2V0YjRZMnhVeTBhMkJ0TDVFU0thQ3VxTWdTWXFBV3AwUHdkdHhlUTBZMVpYZWFlTTlGNGFaU0FOUzBCOHBoM3ptU0ZqSnUvWDlyMHVkNmZmNklkK3RRZz09fA&cppv=2

Protocol

Server

182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

5c6987facedb44ac36603ca97e4de0a68ee10083c51906f5d685cb6db0ec6c26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 00:14:40 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1253385
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 01 Sep 2022 00:14:39 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
location: https://mug.criteo.com/sid?cpp=uXyYu3w5djlPSnplK0V2TGM5SDNsRDNYazZENUtmMTFML0taQVhGc215ZXA3Rm5iNlRoelFJVkFNZVppN0t3ZnF6UHlJWDA4VXo1NEwxRjg3UXpFRnZLL0tzWW1TVHZHTFpTc2FlVDVuUENHWktCcFQrNmgrMnNhbGZRcXhkUFVYQzJnYWNlUUtMQURDc0dhU3laQWUxRTNXZXFMM3dUaFhra3pRS2txSEZJZGJpZFl3L0JSUmQwaVBhbHp6UkVQSFIxS2V0YjRZMnhVeTBhMkJ0TDVFU0thQ3VxTWdTWXFBV3AwUHdkdHhlUTBZMVpYZWFlTTlGNGFaU0FOUzBCOHBoM3ptU0ZqSnUvWDlyMHVkNmZmNklkK3RRZz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 283003
content-length: 0
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fcatiororeflexivo.com%2F&domain=151.80.19.172&cw=1&pbt=1&lsw=1
https://mug.criteo.com/sid?cpp=bpudHnx2RlJiNUpSR0k2YVZWelNpQVpGWGlvMmptd0VreG1GdStaYlpod215dGtJTjFJK2xqSUUrMHc3WjB4WXpXaFk4SzhoUlp5dnhCdm9qT05HUVhzUkFFYnMxamVsZHpjOUJtQ28zRVlEdzRDK1pTa2lRdU82dnZqK3...

464 B
720 B

3ms
3ms

XHR
application/json

182.161.74.11
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=bpudHnx2RlJiNUpSR0k2YVZWelNpQVpGWGlvMmptd0VreG1GdStaYlpod215dGtJTjFJK2xqSUUrMHc3WjB4WXpXaFk4SzhoUlp5dnhCdm9qT05HUVhzUkFFYnMxamVsZHpjOUJtQ28zRVlEdzRDK1pTa2lRdU82dnZqK3g5aWwzM1J2S0xVWnJKWmcvWCs2dEhObHJ2ZUl3a1lHbXJ5UGo4RXlpRFFJMy95RW45WGtZVUhJV3RGY2w5d1NTV01Oa3VZSGFHTnpob2FIWGtHYzlzR0VaR3UwQXVHZHd5a1IxN0x0V01ncWVQTmZ1NkRJa3AyRUpyWVZKVHYvL1BWanErMFZCeWIzOTVEK0tWVVQzUFR3c1lMUkFVOVBTK0x4NWEvcElsZVpsbDJyYjQ3Q2txdHo4K1lYMGMycVFHTjBYdHRyNnw&cppv=2

Protocol

Server

182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

c66fd35c3c2bb2e1eb7193c6b3e988cad0ab21c6c95a7da32075013e5616256f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 00:14:41 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 906587
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 01 Sep 2022 00:14:41 GMT
server: Kestrel
location: https://mug.criteo.com/sid?cpp=bpudHnx2RlJiNUpSR0k2YVZWelNpQVpGWGlvMmptd0VreG1GdStaYlpod215dGtJTjFJK2xqSUUrMHc3WjB4WXpXaFk4SzhoUlp5dnhCdm9qT05HUVhzUkFFYnMxamVsZHpjOUJtQ28zRVlEdzRDK1pTa2lRdU82dnZqK3g5aWwzM1J2S0xVWnJKWmcvWCs2dEhObHJ2ZUl3a1lHbXJ5UGo4RXlpRFFJMy95RW45WGtZVUhJV3RGY2w5d1NTV01Oa3VZSGFHTnpob2FIWGtHYzlzR0VaR3UwQXVHZHd5a1IxN0x0V01ncWVQTmZ1NkRJa3AyRUpyWVZKVHYvL1BWanErMFZCeWIzOTVEK0tWVVQzUFR3c1lMUkFVOVBTK0x4NWEvcElsZVpsbDJyYjQ3Q2txdHo4K1lYMGMycVFHTjBYdHRyNnw&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
access-control-allow-origin: https://151.80.19.172
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 342612
content-length: 0
expires: 0

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame A657 52 KB
17 KB 20ms
2ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20220810
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://151.80.19.172/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 69972
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Thu, 01 Sep 2022 00:14:41 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 03 Aug 2022 04:41:10 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 1, 572837
X-Served-By: cache-lga21944-LGA, cache-tyo11945-TYO
X-Timer: S1661991282.767719,VS0,VE0

GET
H2

200

sync Show response
eb2.3lift.com/ Frame 28F3
Redirect Chain

https://eb2.3lift.com/sync?
https://eb2.3lift.com/sync?&ld=1

1 KB
1 KB

71ms
70ms

Document
text/html

52.223.2.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?&ld=1
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20220810
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ade9ecc7904667038.awsglobalaccelerator.com
Software: /
Resource Hash: 9b70e687cd2dad2297e202f3066c7382c9495838b45a392ec8bded87301fc051

Request headers

Referer: https://151.80.19.172/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 456
content-type: text/html; charset=utf-8
date: Thu, 01 Sep 2022 00:14:41 GMT
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Thu, 01 Sep 2022 00:14:41 GMT
location: /sync?&ld=1
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame AE62 2 KB
863 B 314ms
232ms Document
text/html 139.99.49.250
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1661991278281

Requested by

Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20220810

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),

Reverse DNS

ip250.ip-139-99-49.net

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://151.80.19.172/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
content-type: text/html
strict-transport-security: max-age=15552000

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 8ms
3ms Preflight
application/json 2406:2600:4::b
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fcatiororeflexivo.com%2F&domain=151.80.19.172&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://151.80.19.172
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://151.80.19.172
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 01 Sep 2022 00:14:40 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 236115
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 7ms
2ms Preflight
application/json 182.161.74.11
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 01 Sep 2022 00:14:41 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 216457
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame A657 0
747 B 91ms
91ms Script
text/html 103.43.90.19
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

103.43.90.19 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Sep 2022 00:14:41 GMT
X-Proxy-Origin: 217.138.252.215; 217.138.252.215; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
AN-X-Request-Uuid: e5190044-663f-46ba-a0da-5ff9a708a218
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 28F3
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?mid=3658&xuid=e2919ce6-d190-4675-ad74-318591349d69&dongle=0cfd

37 B
354 B

72ms
72ms

Image
image/gif

52.223.2.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3658&xuid=e2919ce6-d190-4675-ad74-318591349d69&dongle=0cfd
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ade9ecc7904667038.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 00:14:42 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Thu, 01 Sep 2022 00:14:42 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://eb2.3lift.com/xuid?mid=3658&xuid=e2919ce6-d190-4675-ad74-318591349d69&dongle=0cfd
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 209

GET
H2

200

ebda
eb2.3lift.com/ Frame 28F3
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzgwMDQ0ODUwNDcxMjI3MjkxMTEyMw%3D%3D
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=

37 B
139 B

70ms
70ms

Image
image/gif

52.223.2.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ade9ecc7904667038.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 00:14:42 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 01 Sep 2022 00:14:42 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 248
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 28F3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEExlj_EoA6dIvJFJsDn94uc&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1

37 B
354 B

74ms
74ms

Image
image/gif

52.223.2.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEExlj_EoA6dIvJFJsDn94uc&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ade9ecc7904667038.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 00:14:42 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Thu, 01 Sep 2022 00:14:42 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEExlj_EoA6dIvJFJsDn94uc&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 28F3
Redirect Chain

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzgwMDQ0ODUwNDcxMjI3MjkxMTEyMw%3D%3D

170 B
243 B

46ms
46ms

Image
image/png

142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzgwMDQ0ODUwNDcxMjI3MjkxMTEyMw%3D%3D

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1

Protocol

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 00:14:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzgwMDQ0ODUwNDcxMjI3MjkxMTEyMw%3D%3D
date: Thu, 01 Sep 2022 00:14:42 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

/
p.adsymptotic.com/d/px/ Frame 28F3
Redirect Chain

https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3800448504712272911123&dbredirect=true&gdpr=0&consent=
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3800448504712272911123&dbredirect=true&gdpr=0&consent=&cookiesTest=true
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=91aa721e-2c7c-4536-8606-837680ef4ade&_noobservation=1
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=91aa721e-2c7c-4536-8606-837680ef4ade&_noobservation=1&_expected_cookie=4f7ab02...

43 B
141 B

81ms
80ms

Image
image/gif

104.18.98.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=91aa721e-2c7c-4536-8606-837680ef4ade&_noobservation=1&_expected_cookie=4f7ab02904e1d3b23bc1d061d59fabd9
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 104.18.98.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

p3p: CP='NON DSP COR CONi OUR BUS CNT'
date: Thu, 01 Sep 2022 00:14:42 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7439ceab2801af9d-NRT
content-length: 43
content-type: image/gif

Redirect headers

location: https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=91aa721e-2c7c-4536-8606-837680ef4ade&_noobservation=1&_expected_cookie=4f7ab02904e1d3b23bc1d061d59fabd9
date: Thu, 01 Sep 2022 00:14:42 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7439ceaa9ef0af9d-NRT
content-length: 0

GET
H2

200

sync
odr.mookie1.com/t/v2/ Frame 28F3
Redirect Chain

https://x.bidswitch.net/sync?ssp=triplelift&user_id=3800448504712272911123&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=triplelift&user_id=3800448504712272911123&gdpr=0&gdpr_consent=
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=51fd7866-302c-44ac-9b6f-bf320a9ec637&ssp=triplelift&gdpr=0&gdpr_consent=

43 B
639 B

56ms
38ms

Image
image/gif

35.227.202.26

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=51fd7866-302c-44ac-9b6f-bf320a9ec637&ssp=triplelift&gdpr=0&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 35.227.202.26 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 00:14:42 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: //odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=51fd7866-302c-44ac-9b6f-bf320a9ec637&ssp=triplelift&gdpr=0&gdpr_consent=
Date: Thu, 01 Sep 2022 00:14:42 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 200 c.gif
c.bing.com/ Frame 28F3 42 B
666 B 47ms
34ms Image
image/gif 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?xid=3800448504712272911123&Red3=TLMS_pd
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 00:14:41 GMT
etag: "6fa9befc56b2d81:0"
last-modified: Wed, 17 Aug 2022 16:32:48 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2306E6F7B47042F2BD7A8FD55ED35875 Ref B: TYO01EDGE3306 Ref C: 2022-09-01T00:14:42Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

GET
H2

200

xuid
eb2.3lift.com/ Frame 28F3
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/triplelift/3800448504712272911123?gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2662&xuid=y-c0gyp29E2oReneTmgj1g7IvAkHXhnGl5ASSBu6i1Yw--~A&dongle=0883

37 B
354 B

73ms
73ms

Image
image/gif

52.223.2.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2662&xuid=y-c0gyp29E2oReneTmgj1g7IvAkHXhnGl5ASSBu6i1Yw--~A&dongle=0883
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ade9ecc7904667038.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 00:14:42 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Thu, 01 Sep 2022 00:14:42 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://eb2.3lift.com/xuid?mid=2662&xuid=y-c0gyp29E2oReneTmgj1g7IvAkHXhnGl5ASSBu6i1Yw--~A&dongle=0883
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
content-length: 0
x-content-type-options: nosniff

GET
H/1.1

200
OK

iu3
s.amazon-adsystem.com/ Frame 28F3
Redirect Chain

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=3800448504712272911123
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=3800448504712272911123&dcc=t

0
0

201ms
201ms

Image
text/html

52.46.128.147

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=3800448504712272911123&dcc=t
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: HTTP/1.1
Server: 52.46.128.147 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Thu, 01 Sep 2022 00:14:42 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: T0MGZTVP46EN33S82CMF
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=3800448504712272911123&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 28F3
Redirect Chain

https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
https://stags.bluekai.com/site/23178?id=o_cG780ph13cUCwlaZGu&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5N5PWGRZXHAYHA...
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=o_cG780ph13cUCwlaZGu

37 B
354 B

74ms
73ms

Image
image/gif

52.223.2.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=o_cG780ph13cUCwlaZGu
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ade9ecc7904667038.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 00:14:43 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma: no-cache
Date: Thu, 01 Sep 2022 00:14:43 GMT
P3p: CP="We do not support P3P header."
Location: https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=o_cG780ph13cUCwlaZGu
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=utf-8
Content-Length: 115
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame A657 0
747 B 69ms
69ms Script
text/html 103.43.90.19
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

103.43.90.19 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Sep 2022 00:14:42 GMT
X-Proxy-Origin: 217.138.252.215; 217.138.252.215; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
AN-X-Request-Uuid: bae7cfd9-3776-4791-9fe2-21f95746cdc0
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 universal.min.js Show response
tag.navdmp.com/ 14 KB
5 KB 266ms
8ms Script
application/javascript 2606:4700::6810:ff3

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/universal.min.js
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/dfp/1c41d694-b48a-41e8-aafa-0e701a9eb076
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ff3 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: d257a75764e746d9a1aafb79d8e47744cb44ee1af115ab2adbd0012c69cf676c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 00:14:43 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 17 May 2022 12:22:37 GMT
server: cloudflare
age: 2872
etag: W/"6283938d-3671"
vary: Accept-Encoding
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 7439ceaf1b0c33f6-NRT
content-type: application/javascript
expires: Thu, 01 Sep 2022 00:26:51 GMT

GET
H2 200 tag.js Show response
a.teads.tv/analytics/ 19 KB
5 KB 264ms
4ms Script
text/javascript 23.45.57.118

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/analytics/tag.js
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/dfp/1c41d694-b48a-41e8-aafa-0e701a9eb076
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.57.118 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f70a708909ea0e41d9ff70cc101e8ca4a5391ffb134ce3a98b0f5e42d7cb72b4

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
x-amz-version-id: MY2axGObrvZwSiP12Z8xf0lYd1yv3MC2
content-encoding: br
last-modified: Mon, 22 Aug 2022 09:28:26 GMT
x-amz-request-id: 20NJWHTX4609N5BD
etag: "b86fb801339e9f7d8ee05180f9a8320b"
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: private, max-age=3600
date: Thu, 01 Sep 2022 00:14:43 GMT
accept-ranges: bytes
content-length: 4822
x-amz-id-2: ju8j2tEKRdaWkviPdXLwGtuJ5wNUVotVZVWDwJl/lHBbabydMoWPJInAk8oYf9KrRTO7of8QNQk=

GET
H/1.1 200
OK fpc Show response
at.teads.tv/ 56 B
393 B 25ms
14ms XHR
text/plain 23.45.61.118

General

Check archive.org

Show headers Download Go to

Full URL: https://at.teads.tv/fpc?analytics_tag_id=PUB_13576&tfpvi=&gdpr_status=22&gdpr_reason=220&gdpr_consent=&ccpa_consent=&shared_ids=&sv=4f65ebf&
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/analytics/tag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.61.118 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b3bd89f920fc388495afe01a67843819b02603161c4f17541cf297845dd05b45

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Sep 2022 00:14:43 GMT
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: https://151.80.19.172
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 56
Expires: Thu, 01 Sep 2022 00:14:43 GMT

GET
H2 200 46575 Show response
tag.navdmp.com/u/ 497 B
475 B 151ms
151ms Script
application/javascript 2606:4700::6810:ff3

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/u/46575
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ff3 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 27f6c8c22d2d9d2f7483a241cd3197bb47761032845bdd1c28cc0e2713484af3

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://151.80.19.172/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 00:14:43 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 26 Aug 2022 15:00:58 GMT
server: cloudflare
etag: W/"6308e02a-1f1"
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 7439ceaf2b3133f6-NRT
content-type: application/javascript
expires: Thu, 01 Sep 2022 01:14:43 GMT

GET usr
usr.navdmp.com/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: usr.navdmp.com
URL: https://usr.navdmp.com/usr?v=7&acc=46575&u=1&new=1&wst=0&wct=1&wla=1

Verdicts & Comments Add Verdict or Comment

115 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.3lift.com/sync	1970-01-20 07:49:27	Name: sync Value: CgoIoQEQ0MqZs68wCgoIgQIQ0MqZs68wCgoI4gEQ0MqZs68wCgoI5gEQ0MqZs68wCgoIhwIQ0MqZs68wCgkICRDQypmzrzAKCQg6ENDKmbOvMAoJCAsQ0MqZs68wCgoIjAIQ0MqZs68wCgkIXxDQypmzrzA=
151.80.19.172/	1970-01-20 15:15:51	Name: _ga Value: GA1.1.58205280.1661991278
151.80.19.172/	1970-01-20 05:41:17	Name: _gid Value: GA1.1.1554506017.1661991278
151.80.19.172/	1970-01-20 05:39:51	Name: _gat Value: 1
151.80.19.172/	1970-01-20 05:39:51	Name: _gat_gtag_UA_139911812_1 Value: 1
151.80.19.172/	1970-01-20 06:23:03	Name: _pbjs_userid_consent_data Value: 3524755945110770
.scorecardresearch.com/	1970-01-20 15:15:51	Name: UID Value: 1C2d59675efe11c4e9064991661991277
.adnxs.com/	1970-01-20 07:49:27	Name: icu Value: ChgIkP53EAoYASABKAEw7vK_mAY4AUABSAEQ7vK_mAYYAA..
.adnxs.com/	1970-01-20 07:49:27	Name: uuid2 Value: 3619791134394483482
.doubleclick.net/	1970-01-20 15:15:51	Name: IDE Value: AHWqTUmrRP-SieHGaT7SCVqNnMq5vX8WsKaaAwlpMVjSdT_835dsO1k8x-JhM8nGyH0
.criteo.com/	1970-01-20 15:01:27	Name: uid Value: 7c808d39-fb14-4ecf-ac13-742695add4e0
151.80.19.172/	1970-01-20 15:01:27	Name: cto_bundle Value: iCe4JV9zTmNkVThMUVY1d2RueSUyQmpqOUxaWTdzMWxFS2NxRDBsS1VkTjNnV1RjTlh4OTZZJTJGRVZLbGFmeExXVVdlYnBZWkFYaWxmZ0F1NEc0eGhQTE1VVTIlMkYzMFB2blZFckZrdkRmNHBDUzhnTmZCZlJvRGVFSHpBWmVDNTNtd2phZnpzUUpReWxCbHQwMkolMkZYNFcxOFZFRWtOeDZrMjdRbGtjSW9CcXVhdjElMkJiT3dRJTNE
151.80.19.172/	1970-01-20 15:01:27	Name: cto_bidid Value: rUJxTl9xblJ0bWFjQ1Jud2x2RjdyR3BEN2l5NExPektHckVyamxZUnhqYjVtWjBmNGRyVjlEMWlUZGJ6Z3Y5dmZNVCUyQnBHWThPS0NRNFIlMkYlMkZ3S0pkTkdhc0dBT3VJSnRTazg3MzlQSyUyQmJLRzBWcWw4eFY1Z1kxdERuN1pNbzIzUE5va1Zi
.3lift.com/	1970-01-20 07:49:27	Name: tluid Value: 3800448504712272911123
.adsrvr.org/	1970-01-20 14:25:27	Name: TDID Value: e2919ce6-d190-4675-ad74-318591349d69
.adsrvr.org/	1970-01-20 14:25:27	Name: TDCPM Value: CAESFgoHc3Z4OXQ1MBILCJa0soSg7oU7EAUYBSABKAIyCwjglZ2xtu6FOxAFOAE.
.bing.com/	1970-01-20 15:01:27	Name: MUID Value: 2CE2177480656A1C03DF0566811D6B12
.c.bing.com/	1970-01-20 05:49:56	Name: MR Value: 0
.linkedin.com/	1970-01-20 07:49:27	Name: li_sugr Value: 91aa721e-2c7c-4536-8606-837680ef4ade
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 14:25:27	Name: bcookie Value: "v=2&52fb835c-4ed6-46ba-8ea8-fb56e4635e11"
.linkedin.com/	1970-01-20 05:41:17	Name: lidc Value: "b=OGST05:s=O:r=O:a=O:p=O:g=2578:u=1:x=1:i=1661991282:t=1662077682:v=2:sig=AQF7FRzY7kV9BxUh-2dDD6GagVrsDpTq"
.yahoo.com/	1970-01-20 14:25:48	Name: A3 Value: d=AQABBHL5D2MCEJSVys17vl8Bp2T42-Jen2UFEgEBAQFKEWMZYwAAAAAA_eMAAA&S=AQAAArqBsIZPU7QEEOQuYXoIm0k
.bidswitch.net/	1970-01-20 14:25:27	Name: tuuid Value: 51fd7866-302c-44ac-9b6f-bf320a9ec637
.bidswitch.net/	1970-01-20 14:25:27	Name: c Value: 1661991282
.bidswitch.net/	1970-01-20 14:25:27	Name: tuuid_lu Value: 1661991282
.adsymptotic.com/	1970-01-20 07:49:27	Name: U Value: 4f7ab02904e1d3b23bc1d061d59fabd9

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1376237005157464&output=html&adk=318159125&adf=2184669829&lmt=1661991277&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2F151.80.19.172%2F&ea=0&pra=5&wgl=1&easpf=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=0&asnd=0&asnp=0&asns=0&asmat=1&asptt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661991276435&bpp=1098&bdt=132&idt=1302&shv=r20220829&mjsv=m202208290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8354661924985&frm=20&pv=2&ga_vid=58205280.1661991278&ga_sid=1661991278&ga_hid=1243782699&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31069218&oid=2&pvsid=2233492164336794&tmod=1105169742&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1320 Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

385c4aa9e16306c708107131a660485b.safeframe.googlesyndication.com
a.teads.tv
acdn.adnxs.com
adservice.google.co.jp
adservice.google.com
at.teads.tv
b1sync.zemanta.com
bidder.criteo.com
c.bing.com
catiororeflexivo.com
cdn.taboola.com
cm.g.doubleclick.net
connect.facebook.net
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
match.adsrvr.org
mug.criteo.com
odr.mookie1.com
onetag-sys.com
p.adsymptotic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pr-bh.ybp.yahoo.com
prg.smartadserver.com
px.ads.linkedin.com
s.amazon-adsystem.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
stags.bluekai.com
static.criteo.net
tag.navdmp.com
tags.premiumads.com.br
tlx.3lift.com
tpc.googlesyndication.com
usr.navdmp.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
x.bidswitch.net
usr.navdmp.com
103.43.90.19
104.18.98.194
139.99.49.250
142.250.196.98
151.101.1.44
151.101.65.108
151.80.19.172
18.140.14.88
182.161.74.11
182.161.74.18
185.86.138.124
23.44.52.187
23.45.57.118
23.45.61.118
2404:6800:4004:801::200a
2404:6800:4004:801::200e
2404:6800:4004:808::2002
2404:6800:4004:80b::2001
2404:6800:4004:812::2002
2404:6800:4004:81f::2001
2404:6800:4004:81f::2003
2404:6800:4004:820::2002
2404:6800:4004:822::2002
2404:6800:4004:823::2002
2404:6800:4004:823::2008
2404:6800:4004:825::2002
2404:6800:4004:827::2004
2406:2600:4::1
2406:2600:4::b
2406:da18:929:5a00:9a2c:8e82:ae9c:de5c
2606:4700:20::681a:f79
2606:4700::6810:ff3
2620:1ec:21::14
2620:1ec:c11::200
2a03:2880:f00f:8:face:b00c:0:1
35.213.12.39
35.227.202.26
52.223.2.229
52.223.40.198
52.46.128.147
64.202.112.223
99.84.140.69
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01fc92b7704c3e3baaefd2ce87ce17e2ea266a1bb4244f032da25931e9c6fb92
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
084c044e1a353a41a04f9c923b418d582f8e8d3a1996053c8e4912a57d158799
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
14629f159ec15a6ece345dac054d2cb21158bf20f2ccdda337bd4b9e427539e9
15c3be02062beb0a05e3b6a27a0fab807a89abebb56159c4ce071f575c335f3d
175b35d83260fc0b54cbc4ac4a046fbcdea118808e4e83598668f33a8c1b1f76
25a5de68d390f7c0ee9384f03a6f087c66bc3b6eb37c37f7351735770183017f
25f7b49bf2f6697a64f55c567f9b0b365b02ddc41e839670c30a5cbf7d436c31
260ce6e75b8051d3455793becac47e796ee358567a1601240d6a2c334a4d7580
27f6c8c22d2d9d2f7483a241cd3197bb47761032845bdd1c28cc0e2713484af3
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3001521d759fccd25508496d699eda8bd15659146b5af02c8fbecd4607703e2b
3466ba5a141d2a6c6f9f35e2de5cf56273196a931d39a5248f023eb7ee33f5aa
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3c08fb2b2fa459eef752ef52f48544620fc03a87439a65879679205ae3a0ddbc
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
41dc69dcdfb2363b50187f2254508e0b2e66c75a6b779cdbd4b31e8241be7a75
45ccc603d4fe384cadce87ab070c4a5badcf9ca36caeb138f86fe560c171925b
4782e14bc2922c4b1c9da8e4f20cacfe319c11bfb095bdb5b5bd88344e7c4293
49782820323587793de7151c93b4adceec39740cf9d61faea389cc53ef022426
4baa280c316f80216c7d9dcb64f308726f23cfe4fd4ada8d36aee7c3ea101108
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
587a306f93a919b463aee21b97f90b6bb099f0e73413f978cd85d4a71d652eef
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5c6987facedb44ac36603ca97e4de0a68ee10083c51906f5d685cb6db0ec6c26
5f959ca7d520abbb194e8543bb6e984538e6e4e61acd1b85aced28f30cf9944a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63563f3ddeae040347d3bafdebe397f23252b3090d021f13759740d6361a7730
64c64c43b248d3b7cb5226b28fb0623c19c99304b04a769acf3b6dbeb1cd46d9
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
680c561a07ec71710baa5d483d9baed1348a056630d627ce924697567ed20346
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
72ca272c46c22bc22ebe25481f61db119fe9561138fa01ee6a1e1f8a0c235235
7377067b2852731e1b4d2b5ead493eb0455eabaecf6df01c90671ba380101942
758a7ca19e408bc3d912a2d2335c8b290376efa1c3b7e6801b9d147c8a4bd2c8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b374c8b6bb5c150383f3756a92d5668079bb863b6e563fa8213c824d646688b
891aa544d109d2ee674488c71436b01f2e1a5547050de77f117fe72cff744940
892f14d59d902b606d1943a7bc8786c2a51ddf26f93f634976a5257e80b68503
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b70e687cd2dad2297e202f3066c7382c9495838b45a392ec8bded87301fc051
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4341c4c513889841887be579831125200a94753a15e19bec0252a8569b3a931
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5fbf2f3ba133d62c4846754a8ae004fb0a261d4ea449bbf058bc667cd752a52
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aa027849b4bacc5886dc750859b05b13a2fc02fc5ecf01e94012ba6f40f5c8e8
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
b3bd89f920fc388495afe01a67843819b02603161c4f17541cf297845dd05b45
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcd71666ea63d4a00969b970c9cdba3cd15b06b53bc84e96df351324c6cd6c5e
bd41ba0f788dad3fab0e17a6a44fbd9fdb73f17779728efe97c6e453bdc56c50
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c05787027324ab2f8154688e48e168845560abcd3df64c9bb092788a948d7608
c38bc4d28cb6dd5263a68b3efa74cd5b746f9083484871c54f4cd437c828b40e
c3b6eb9a3b18afcd07f9c80c473fa6b00a4c0689e91f8b40eb1dd84e2e7ff04c
c66fd35c3c2bb2e1eb7193c6b3e988cad0ab21c6c95a7da32075013e5616256f
c7f10334be8b7cad1db5820314348bd0a05cbbcf9cfe0852ceb518534e13558e
c952122cfdbe7e35ab243b1b609f4361281ec0c3caef8112a15b6d3d9a536e4e
c9640eb2befb4938a64076908c70b3e3b72c1af042b031026e8a981d186ccff7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d257a75764e746d9a1aafb79d8e47744cb44ee1af115ab2adbd0012c69cf676c
d2c30641eed11d27cc45ab60849aaef8d0cef92b8c75b09648ffb764bd6017c0
d3c81763d3d77176f843f1bf7e5caaae025d504f9d1b351ed0363936bcb1708f
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
d83d44469cdd7df841b63405b4e8576729f64d3cf152dccf83fb223a65ba5ef5
d91c38797a4f40c02b517763adb6b8d25ca0d0af244856025ecc3543b8540679
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e788f0e6402d87e526b8554b4d156e7c72f055e112075e688024c28a019ed332
e7d13f9991e15eb8f6d7351a30e06fba891d8b1671f4a9268e3a539f3ac62524
ebfcd3b6d4c0b3fdb351b7522a45ab89a02d6f357f5cd661b49c0997923d1626
ecefab04fab92a05dee2402ec9b11f08e65ca1192b18abe7fd924541cdedf6f8
ed393a8adb497cc56f0a608d31f9870b31aadd339951abe140de86107eb48124
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
f535f19096cc29be2fa3c760b5b821d292f84107232b4f56cd465b551992d708
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f70a708909ea0e41d9ff70cc101e8ca4a5391ffb134ce3a98b0f5e42d7cb72b4

151.80.19.172 Open in urlscan Pro 151.80.19.172 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

103 Requests

86 %HTTPS

50 %IPv6

32 Domains

43 Subdomains

37 IPs

6 Countries

1543 kBTransfer

4336 kBSize

27 Cookies

26 Outgoing links

Redirected requests

103 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

151.80.19.172 Open in urlscan Pro
151.80.19.172 Public Scan

Screenshot
Live screenshot

Full Image

103
Requests

86 %
HTTPS

50 %
IPv6

32
Domains

43
Subdomains

37
IPs

6
Countries

1543 kB
Transfer

4336 kB
Size

27
Cookies

103 HTTP transactions
1 data transactions