www.ipqualityscore.com Open in urlscan Pro
172.67.72.12  Public Scan

4 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2073108&time=1733018805628&li_adsId=9f5e63b2-bc4f-417a-846b-943a7b143fa9&url=https%3A%2F%2Fwww.ipqualityscore.com%2Fthreat-feeds%2Fmalicious-url-scanner%2Fharumon.hakusensha-cafe.com HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2073108&time=1733018805628&li_adsId=9f5e63b2-bc4f-417a-846b-943a7b143fa9&url=https%3A%2F%2Fwww.ipqualityscore.com%2Fthreat-feeds%2Fmalicious-url-scanner%2Fharumon.hakusensha-cafe.com&cookiesTest=true HTTP 302
• https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2073108%26time%3D1733018805628%26li_adsId%3D9f5e63b2-bc4f-417a-846b-943a7b143fa9%26url%3Dhttps%253A%252F%252Fwww.ipqualityscore.com%252Fthreat-feeds%252Fmalicious-url-scanner%252Fharumon.hakusensha-cafe.com%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2073108&time=1733018805628&li_adsId=9f5e63b2-bc4f-417a-846b-943a7b143fa9&url=https%3A%2F%2Fwww.ipqualityscore.com%2Fthreat-feeds%2Fmalicious-url-scanner%2Fharumon.hakusensha-cafe.com&cookiesTest=true&liSync=true HTTP 302
• https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2073108&time=1733018805628&li_adsId=9f5e63b2-bc4f-417a-846b-943a7b143fa9&url=https%3A%2F%2Fwww.ipqualityscore.com%2Fthreat-feeds%2Fmalicious-url-scanner%2Fharumon.hakusensha-cafe.com&cookiesTest=true&liSync=true&e_ipv6=AQJb1UdOEKSQ3gAAAZN_-Gk7eZZdR5ZMAfricF5azlWs_kYJdl6BxproDEy6S1donUuVgQ

Request Chain 54

• https://d.adroll.com/cm/b/out?adroll_fpc=f6f18584f3f0dfa64880d1322d245465-1733018806519&flg=1&pv=17222300264.96989&arrfrr=https%3A%2F%2Fwww.ipqualityscore.com%2Fthreat-feeds%2Fmalicious-url-scanner%2Fharumon.hakusensha-cafe.com&advertisable=GAZYMRRILNEMVCKGJQ3466 HTTP 302
• https://x.bidswitch.net/sync?dsp_id=44&user_id=ZTRjNjhmN2EwMzcyZjFkOWZhNjAyYjZkNDliNjdiOTA HTTP 302
• https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=ZTRjNjhmN2EwMzcyZjFkOWZhNjAyYjZkNDliNjdiOTA

Request Chain 55

• https://d.adroll.com/cm/experian/out?adroll_fpc=f6f18584f3f0dfa64880d1322d245465-1733018806519&flg=1&pv=17222300264.96989&arrfrr=https%3A%2F%2Fwww.ipqualityscore.com%2Fthreat-feeds%2Fmalicious-url-scanner%2Fharumon.hakusensha-cafe.com&advertisable=GAZYMRRILNEMVCKGJQ3466 HTTP 302
• https://pixel.tapad.com/idsync/ex/receive?partner_id=3521&partner_device_id=ZTRjNjhmN2EwMzcyZjFkOWZhNjAyYjZkNDliNjdiOTA&gdpr=0&gdpr_consent= HTTP 302
• https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3521&partner_device_id=ZTRjNjhmN2EwMzcyZjFkOWZhNjAyYjZkNDliNjdiOTA&gdpr=0&gdpr_consent= HTTP 302
• https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=c43f6801-9977-455d-abf0-5511239ae0e1%252C%252C&gdpr=0&gdpr_consent= HTTP 302
• https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=c43f6801-9977-455d-abf0-5511239ae0e1%252C%252C&gdpr=0&gdpr_consent= HTTP 302
• https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=95bfe24f-55e8-438c-bb47-a963addfccd3&ttd_puid=c43f6801-9977-455d-abf0-5511239ae0e1%2C%2C

Request Chain 56

• https://d.adroll.com/cm/g/out?adroll_fpc=f6f18584f3f0dfa64880d1322d245465-1733018806519&flg=1&pv=17222300264.96989&arrfrr=https%3A%2F%2Fwww.ipqualityscore.com%2Fthreat-feeds%2Fmalicious-url-scanner%2Fharumon.hakusensha-cafe.com&advertisable=GAZYMRRILNEMVCKGJQ3466 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=5MaPegNy8dn6YCttSbZ7kA HTTP 302
• https://d.adroll.com/cm/g/in

Request Chain 57

• https://d.adroll.com/cm/index/out?adroll_fpc=f6f18584f3f0dfa64880d1322d245465-1733018806519&flg=1&pv=17222300264.96989&arrfrr=https%3A%2F%2Fwww.ipqualityscore.com%2Fthreat-feeds%2Fmalicious-url-scanner%2Fharumon.hakusensha-cafe.com&advertisable=GAZYMRRILNEMVCKGJQ3466 HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=ZTRjNjhmN2EwMzcyZjFkOWZhNjAyYjZkNDliNjdiOTA&expiration=1764554806 HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=ZTRjNjhmN2EwMzcyZjFkOWZhNjAyYjZkNDliNjdiOTA&expiration=1764554806&C=1

Request Chain 58

• https://d.adroll.com/cm/l/out?adroll_fpc=f6f18584f3f0dfa64880d1322d245465-1733018806519&flg=1&pv=17222300264.96989&arrfrr=https%3A%2F%2Fwww.ipqualityscore.com%2Fthreat-feeds%2Fmalicious-url-scanner%2Fharumon.hakusensha-cafe.com&advertisable=GAZYMRRILNEMVCKGJQ3466 HTTP 302
• https://idsync.rlcdn.com/377928.gif?partner_uid=e4c68f7a0372f1d9fa602b6d49b67b90 HTTP 307
• https://idsync.rlcdn.com/1000.gif?memo=CMiIFxIrCicIARDqIhogZTRjNjhmN2EwMzcyZjFkOWZhNjAyYjZkNDliNjdiOTAQABoNCLaJr7oGEgUI6AcQAEIASgA HTTP 307
• https://pippio.com/api/sync?pid=5324&it=1&iv=14a86af0419f6e66de5eadf805bd20771c34469e86b1443c435b8bbc05acc1f8791426b5417dce21&_=2

Request Chain 59

• https://d.adroll.com/cm/n/out?adroll_fpc=f6f18584f3f0dfa64880d1322d245465-1733018806519&flg=1&pv=17222300264.96989&arrfrr=https%3A%2F%2Fwww.ipqualityscore.com%2Fthreat-feeds%2Fmalicious-url-scanner%2Fharumon.hakusensha-cafe.com&advertisable=GAZYMRRILNEMVCKGJQ3466 HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=ZTRjNjhmN2EwMzcyZjFkOWZhNjAyYjZkNDliNjdiOTA&expires=365

Request Chain 60

• https://d.adroll.com/cm/o/out?adroll_fpc=f6f18584f3f0dfa64880d1322d245465-1733018806519&flg=1&pv=17222300264.96989&arrfrr=https%3A%2F%2Fwww.ipqualityscore.com%2Fthreat-feeds%2Fmalicious-url-scanner%2Fharumon.hakusensha-cafe.com&advertisable=GAZYMRRILNEMVCKGJQ3466 HTTP 302
• https://us-u.openx.net/w/1.0/sd?id=537103138&val=e4c68f7a0372f1d9fa602b6d49b67b90&gdpr=0&gdpr_consent= HTTP 302
• https://us-u.openx.net/w/1.0/sd?id=537103138&val=e4c68f7a0372f1d9fa602b6d49b67b90&gdpr=0&gdpr_consent=&cc=1

Request Chain 61

• https://d.adroll.com/cm/outbrain/out?adroll_fpc=f6f18584f3f0dfa64880d1322d245465-1733018806519&flg=1&pv=17222300264.96989&arrfrr=https%3A%2F%2Fwww.ipqualityscore.com%2Fthreat-feeds%2Fmalicious-url-scanner%2Fharumon.hakusensha-cafe.com&advertisable=GAZYMRRILNEMVCKGJQ3466 HTTP 302
• https://sync.outbrain.com/cookie-sync?p=adroll&uid=ZTRjNjhmN2EwMzcyZjFkOWZhNjAyYjZkNDliNjdiOTA&gdpr=0&gdpr_consent=&us_privacy=1---

Request Chain 62

• https://d.adroll.com/cm/pubmatic/out?adroll_fpc=f6f18584f3f0dfa64880d1322d245465-1733018806519&flg=1&pv=17222300264.96989&arrfrr=https%3A%2F%2Fwww.ipqualityscore.com%2Fthreat-feeds%2Fmalicious-url-scanner%2Fharumon.hakusensha-cafe.com&advertisable=GAZYMRRILNEMVCKGJQ3466 HTTP 302
• https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=ZTRjNjhmN2EwMzcyZjFkOWZhNjAyYjZkNDliNjdiOTA&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA

Request Chain 63

• https://d.adroll.com/cm/r/out?adroll_fpc=f6f18584f3f0dfa64880d1322d245465-1733018806519&flg=1&pv=17222300264.96989&arrfrr=https%3A%2F%2Fwww.ipqualityscore.com%2Fthreat-feeds%2Fmalicious-url-scanner%2Fharumon.hakusensha-cafe.com&advertisable=GAZYMRRILNEMVCKGJQ3466 HTTP 302
• https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=ZTRjNjhmN2EwMzcyZjFkOWZhNjAyYjZkNDliNjdiOTA&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
• https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=ZTRjNjhmN2EwMzcyZjFkOWZhNjAyYjZkNDliNjdiOTA&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true

Request Chain 64

• https://d.adroll.com/cm/taboola/out?adroll_fpc=f6f18584f3f0dfa64880d1322d245465-1733018806519&flg=1&pv=17222300264.96989&arrfrr=https%3A%2F%2Fwww.ipqualityscore.com%2Fthreat-feeds%2Fmalicious-url-scanner%2Fharumon.hakusensha-cafe.com&advertisable=GAZYMRRILNEMVCKGJQ3466 HTTP 302
• https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=ZTRjNjhmN2EwMzcyZjFkOWZhNjAyYjZkNDliNjdiOTA

Request Chain 65

• https://d.adroll.com/cm/triplelift/out?adroll_fpc=f6f18584f3f0dfa64880d1322d245465-1733018806519&flg=1&pv=17222300264.96989&arrfrr=https%3A%2F%2Fwww.ipqualityscore.com%2Fthreat-feeds%2Fmalicious-url-scanner%2Fharumon.hakusensha-cafe.com&advertisable=GAZYMRRILNEMVCKGJQ3466 HTTP 302
• https://eb2.3lift.com/xuid?mid=4714&xuid=ZTRjNjhmN2EwMzcyZjFkOWZhNjAyYjZkNDliNjdiOTA&dongle=c85e HTTP 302
• https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=ZTRjNjhmN2EwMzcyZjFkOWZhNjAyYjZkNDliNjdiOTA&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=

Request Chain 66

• https://d.adroll.com/cm/x/out?adroll_fpc=f6f18584f3f0dfa64880d1322d245465-1733018806519&flg=1&pv=17222300264.96989&arrfrr=https%3A%2F%2Fwww.ipqualityscore.com%2Fthreat-feeds%2Fmalicious-url-scanner%2Fharumon.hakusensha-cafe.com&advertisable=GAZYMRRILNEMVCKGJQ3466 HTTP 302
• https://ib.adnxs.com/setuid?entity=172&code=ZTRjNjhmN2EwMzcyZjFkOWZhNjAyYjZkNDliNjdiOTA HTTP 307
• https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DZTRjNjhmN2EwMzcyZjFkOWZhNjAyYjZkNDliNjdiOTA

73 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request harumon.hakusensha-cafe.com Show response www.ipqualityscore.com/threat-feeds/malicious-url-scanner/	41 KB 13 KB	1250ms 1233ms	Document text/html	172.67.72.12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ipqualityscore.com/threat-feeds/malicious-url-scanner/harumon.hakusensha-cafe.com Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.72.12 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8eb983d880152e3690a2007cce580f8c36e090a2693ffc97b7e1282ceac49735 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 8eaf850348b620a1-NRT content-encoding br content-type text/html; charset=UTF-8 date Sun, 01 Dec 2024 02:06:44 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache priority u=0,i report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=id%2F98%2Bh5O7Pk99b1ck6cKw6qj%2BfT6UHAH1aBl1tCZWqpRpg596QSt4MKjBXOaCb%2BxmEMmZYBRQZDsMlCY72AYcGHtGz9vRBpViTIC4hzgo3dY%2FS%2FV0bH3PiRuyac5pzyKjkc3echzFw%3D"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=QUIC&rtt=1660&min_rtt=1298&rtt_var=577&sent=12&recv=11&lost=0&retrans=0&sent_bytes=4316&recv_bytes=5785&delivery_rate=1021&cwnd=12000&unsent_bytes=0&cid=dc27732403d2b3bf&ts=1239&x=1" cfExtPri cfHdrFlush;dur=0
GET H3	200	pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 www.ipqualityscore.com/templates/fonts/	8 KB 8 KB	25ms 20ms	Font application/octet-stream	172.67.72.12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ipqualityscore.com/templates/fonts/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 Requested by Host: www.ipqualityscore.com URL: https://www.ipqualityscore.com/threat-feeds/malicious-url-scanner/harumon.hakusensha-cafe.com Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.72.12 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 56a522e79770e488da6015ed10f8c2bdafbcd87a7c6d443f7a293579bd0ef58d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://www.ipqualityscore.com Referer https://www.ipqualityscore.com/threat-feeds/malicious-url-scanner/harumon.hakusensha-cafe.com Response headers cf-cache-status HIT etag "65aaee22-1ef4" age 4633 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VcTj4SOKBGzZxVXM5AUZFR3FQg%2FCmk7%2FghRUOyTW3LrdcUSIs7EIo3B4xEptS9u%2FjAsJ6PBIaHffB7b%2BTTkIappMIg2rt4NCHaSiiAxSET5PuafjtcHQDxMNfVqBGeq4nfSUslH75gE%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=1909&min_rtt=1298&rtt_var=799&sent=18&recv=22&lost=0&retrans=0&sent_bytes=6960&recv_bytes=10252&delivery_rate=1254379&cwnd=12000&unsent_bytes=0&cid=dc27732403d2b3bf&ts=1291&x=1", cfExtPri, cfHdrFlush;dur=0 date Sun, 01 Dec 2024 02:06:45 GMT content-type application/octet-stream last-modified Fri, 19 Jan 2024 21:48:18 GMT vary Accept-Encoding priority u=1,i=?0 cache-control max-age=16070400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8eaf850b2dbf20a1-NRT accept-ranges bytes content-length 7924 server cloudflare
GET H3	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 www.ipqualityscore.com/templates/fonts/	15 KB 16 KB	25ms 19ms	Font application/octet-stream	172.67.72.12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ipqualityscore.com/templates/fonts/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: www.ipqualityscore.com URL: https://www.ipqualityscore.com/threat-feeds/malicious-url-scanner/harumon.hakusensha-cafe.com Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.72.12 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://www.ipqualityscore.com Referer https://www.ipqualityscore.com/threat-feeds/malicious-url-scanner/harumon.hakusensha-cafe.com Response headers cf-cache-status HIT etag "65aaee22-3dc8" age 18 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=suBnEo%2BesP0Bu3wcgM9pLbbPENrk%2BAvocyxH8gqyWWHPk3YYTBr0ipsUKzLwJEB6mM2bIXbVgLVmU2nHWJdNSWsPstj7sbr7f%2BppXGSnZZ2dqd33jcob1SQHraJIZvtv%2F6258yMoVgU%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=1909&min_rtt=1298&rtt_var=799&sent=29&recv=22&lost=0&retrans=0&sent_bytes=18960&recv_bytes=10252&delivery_rate=1254379&cwnd=12000&unsent_bytes=0&cid=dc27732403d2b3bf&ts=1292&x=1", cfExtPri, cfHdrFlush;dur=1 date Sun, 01 Dec 2024 02:06:45 GMT content-type application/octet-stream last-modified Fri, 19 Jan 2024 21:48:18 GMT vary Accept-Encoding priority u=1,i=?0 cache-control max-age=16070400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8eaf850b2dc220a1-NRT accept-ranges bytes content-length 15816 server cloudflare
GET H3	200	pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 www.ipqualityscore.com/templates/fonts/	8 KB 8 KB	28ms 23ms	Font application/octet-stream	172.67.72.12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ipqualityscore.com/templates/fonts/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 Requested by Host: www.ipqualityscore.com URL: https://www.ipqualityscore.com/threat-feeds/malicious-url-scanner/harumon.hakusensha-cafe.com Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.72.12 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 07d2b7c2df967b7820b8ce99be3f7db1a1db5a82797826cd9a06e6489e89f71a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://www.ipqualityscore.com Referer https://www.ipqualityscore.com/threat-feeds/malicious-url-scanner/harumon.hakusensha-cafe.com Response headers cf-cache-status HIT etag "65aaee22-1e9c" age 4634 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DMAugi%2BDTJq5nz7ifVzvbCrOpXBdCaN5FJR2U9%2ByVn%2FExabD9vg533nQppyXK7FuK7tYSBRCDMPczhvVGtpIBLg%2BaPT1sIXbMuTSVe5bh8ezUXyv2TWaBiwPLFJ4TY3P2EXdtfVxzLw%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=1951&min_rtt=1298&rtt_var=292&sent=49&recv=27&lost=0&retrans=0&sent_bytes=40979&recv_bytes=10467&delivery_rate=606579&cwnd=22800&unsent_bytes=0&cid=dc27732403d2b3bf&ts=1295&x=1", cfExtPri, cfHdrFlush;dur=0 date Sun, 01 Dec 2024 02:06:45 GMT content-type application/octet-stream last-modified Fri, 19 Jan 2024 21:48:18 GMT vary Accept-Encoding priority u=1,i=?0 cache-control max-age=16070400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8eaf850b2dc320a1-NRT accept-ranges bytes content-length 7836 server cloudflare
GET H3	200	KFOmCnqEu92Fr1Mu4mxK.woff2 www.ipqualityscore.com/templates/fonts/	15 KB 16 KB	24ms 18ms	Font application/octet-stream	172.67.72.12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ipqualityscore.com/templates/fonts/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.ipqualityscore.com URL: https://www.ipqualityscore.com/threat-feeds/malicious-url-scanner/harumon.hakusensha-cafe.com Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.72.12 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://www.ipqualityscore.com Referer https://www.ipqualityscore.com/threat-feeds/malicious-url-scanner/harumon.hakusensha-cafe.com Response headers cf-cache-status HIT etag "65aaee22-3d78" age 7168 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nkiOULa2M5Npn6ifHtTcnmKDTRCV4hZQwTGyKhGoJhkvbtUKNemIxxL%2Fd%2FprMyf%2BBiAd49P7xInunyBucj0TC0F3tyqYB8z1KiUo6wFO%2Bg2%2FLSTpuy2ZjCWU1bXvWVpJy8MctIZknpA%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=1909&min_rtt=1298&rtt_var=799&sent=26&recv=22&lost=0&retrans=0&sent_bytes=15779&recv_bytes=10252&delivery_rate=1254379&cwnd=12000&unsent_bytes=0&cid=dc27732403d2b3bf&ts=1292&x=1", cfExtPri, cfHdrFlush;dur=0 date Sun, 01 Dec 2024 02:06:45 GMT content-type application/octet-stream last-modified Fri, 19 Jan 2024 21:48:18 GMT vary Accept-Encoding priority u=1,i=?0 cache-control max-age=16070400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8eaf850b2dc420a1-NRT accept-ranges bytes content-length 15736 server cloudflare
GET H3	200	pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 www.ipqualityscore.com/templates/fonts/	8 KB 8 KB	28ms 23ms	Font application/octet-stream	172.67.72.12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ipqualityscore.com/templates/fonts/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 Requested by Host: www.ipqualityscore.com URL: https://www.ipqualityscore.com/threat-feeds/malicious-url-scanner/harumon.hakusensha-cafe.com Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.72.12 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5e07f937be00bbef113152fa46b2b2d5df97f405b152881c96e1c5069d8f405d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://www.ipqualityscore.com Referer https://www.ipqualityscore.com/threat-feeds/malicious-url-scanner/harumon.hakusensha-cafe.com Response headers cf-cache-status HIT etag "65aaee22-1f18" age 4633 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0llRJDiGywhm2eb2EXo7OlnbpAwN3%2Fnxve2Tdf2bIVLAJgB6Ox9wf4LeGk%2BTPFFmqlRXaUqhtwWBHTk80NV%2BXadX%2F8W8WhNUKSY1ayVmSim%2FI6qSzuUKDzblO%2F1DQn%2BEOerW00lsvoo%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=2238&min_rtt=1298&rtt_var=240&sent=86&recv=37&lost=0&retrans=0&sent_bytes=81530&recv_bytes=10897&delivery_rate=1165140&cwnd=44400&unsent_bytes=0&cid=dc27732403d2b3bf&ts=1297&x=1", cfExtPri, cfHdrFlush;dur=0 date Sun, 01 Dec 2024 02:06:45 GMT content-type application/octet-stream last-modified Fri, 19 Jan 2024 21:48:18 GMT vary Accept-Encoding priority u=1,i=?0 cache-control max-age=16070400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8eaf850b2dc520a1-NRT accept-ranges bytes content-length 7960 server cloudflare
GET H3	200	fonts.css www.ipqualityscore.com/templates/css/	5 KB 1 KB	26ms 21ms	Stylesheet text/css	172.67.72.12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ipqualityscore.com/templates/css/fonts.css Requested by Host: www.ipqualityscore.com URL: https://www.ipqualityscore.com/threat-feeds/malicious-url-scanner/harumon.hakusensha-cafe.com Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.72.12 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d1e83ea2b5e9ab2537604368631485cd5f960b45dd1cbf9e001cc97b4fc62d34 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.ipqualityscore.com/threat-feeds/malicious-url-scanner/harumon.hakusensha-cafe.com Response headers content-encoding br cf-cache-status HIT etag W/"65aaedb3-1400" age 4633 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K8SNce24MGr8a%2FKdOskcBr2J3z5jrQlvbg63F0E8MTt3GdxGeKm3TOzentUHnZj3BwWWtEuqcv6P6zRpLZ5ZkkBwrodDXSxq0i3ycKszKSKMi4XQB5YeYXfpkMAucxm1PYPyxSdkLD0%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=2238&min_rtt=1298&rtt_var=240&sent=49&recv=37&lost=0&retrans=0&sent_bytes=40979&recv_bytes=10897&delivery_rate=1165140&cwnd=44400&unsent_bytes=0&cid=dc27732403d2b3bf&ts=1295&x=1", cfExtPri, cfHdrFlush;dur=0 date Sun, 01 Dec 2024 02:06:45 GMT content-type text/css last-modified Fri, 19 Jan 2024 21:46:27 GMT vary Accept-Encoding priority u=0,i=?0 cache-control max-age=16070400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8eaf850b2dc620a1-NRT server cloudflare
GET H3	200	bootstrap.min.css www.ipqualityscore.com/templates/css/	107 KB 19 KB	25ms 22ms	Stylesheet text/css	172.67.72.12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ipqualityscore.com/templates/css/bootstrap.min.css Requested by Host: www.ipqualityscore.com URL: https://www.ipqualityscore.com/threat-feeds/malicious-url-scanner/harumon.hakusensha-cafe.com Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.72.12 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 685ced68d9bc2672bd0e20e8cb43638613c4760e36855189b32fcb06e93885f9 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.ipqualityscore.com/threat-feeds/malicious-url-scanner/harumon.hakusensha-cafe.com Response headers content-encoding br cf-cache-status HIT etag W/"65aaee22-1ac60" age 4634 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AEZ3Q0BK7xz89CO0DmLMOd%2BeFIdR2KkLkluaFRHgUyBjGA%2FfBWT2%2BkeE9uvGOvnPeIIWWdqSLI12HwID5m8xGULqdE6EAbi0uzQYE6Hivj%2F%2F8J1mkHEV0FGFQxZG50c0uFEXZMmVQo8%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=1951&min_rtt=1298&rtt_var=292&sent=49&recv=27&lost=0&retrans=0&sent_bytes=40979&recv_bytes=10467&delivery_rate=606579&cwnd=22800&unsent_bytes=0&cid=dc27732403d2b3bf&ts=1295&x=1", cfExtPri, cfHdrFlush;dur=0 date Sun, 01 Dec 2024 02:06:45 GMT content-type text/css last-modified Fri, 19 Jan 2024 21:48:18 GMT vary Accept-Encoding priority u=0,i=?0 cache-control max-age=16070400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8eaf850b2dc720a1-NRT server cloudflare
GET H3	200	main.css www.ipqualityscore.com/templates/css/	103 KB 21 KB	27ms 24ms	Stylesheet text/css	172.67.72.12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ipqualityscore.com/templates/css/main.css?v=6 Requested by Host: www.ipqualityscore.com URL: https://www.ipqualityscore.com/threat-feeds/malicious-url-scanner/harumon.hakusensha-cafe.com Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.72.12 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e35a3fe6afb98117e5e5055904fcfcb000e26990ebef6074c259834528ea9fc3 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.ipqualityscore.com/threat-feeds/malicious-url-scanner/harumon.hakusensha-cafe.com Response headers content-encoding br cf-cache-status HIT etag W/"66ec3409-19a89" age 4634 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iV%2B3ok2s%2BjNuQCrIWIRfbAJS1AuJrzvyVudyieAm6Vrgds2Hr5SsDVnvAYNyMkDfqWqq02rtDqGLr38JN%2Fs%2FlV%2B55NUJHwrE%2BzD9UfnreyjYIB8jEtQYW1jr8hPwG70yw5nOvrXSro8%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=2238&min_rtt=1298&rtt_var=240&sent=89&recv=37&lost=0&retrans=0&sent_bytes=84179&recv_bytes=10897&delivery_rate=1165140&cwnd=44400&unsent_bytes=0&cid=dc27732403d2b3bf&ts=1298&x=1", cfExtPri, cfHdrFlush;dur=0 date Sun, 01 Dec 2024 02:06:45 GMT content-type text/css last-modified Thu, 19 Sep 2024 14:24:09 GMT vary Accept-Encoding priority u=0,i=?0 cache-control max-age=16070400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8eaf850b2dc820a1-NRT server cloudflare
GET H3	200	main-responsive.css www.ipqualityscore.com/templates/css/	7 KB 2 KB	25ms 22ms	Stylesheet text/css	172.67.72.12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ipqualityscore.com/templates/css/main-responsive.css Requested by Host: www.ipqualityscore.com URL: https://www.ipqualityscore.com/threat-feeds/malicious-url-scanner/harumon.hakusensha-cafe.com Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.72.12 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 291fadd51fd72498b38ee663252c704ff99a983ec98305e706ad46a2bfab2d9c Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.ipqualityscore.com/threat-feeds/malicious-url-scanner/harumon.hakusensha-cafe.com Response headers content-encoding br cf-cache-status HIT etag W/"663157c1-1df4" age 4633 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K67gWc%2BSGiLeBdDYfbs8rus1xZRdG%2FLLMWOdXrxnRE1Ixbf%2BSqSxbCW2e8UAtT2ZkaVfcYLIUJIr0JsPwAdavM1EkIr1ZOSAF%2FNlseCpotlNB3rM7dRch3B%2F0HtL2cfof6bBT5wCHQk%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=2238&min_rtt=1298&rtt_var=240&sent=84&recv=37&lost=0&retrans=0&sent_bytes=79138&recv_bytes=10897&delivery_rate=1165140&cwnd=44400&unsent_bytes=0&cid=dc27732403d2b3bf&ts=1296&x=1", cfExtPri, cfHdrFlush;dur=0 date Sun, 01 Dec 2024 02:06:45 GMT content-type text/css last-modified Tue, 30 Apr 2024 20:42:41 GMT vary Accept-Encoding priority u=0,i=?0 cache-control max-age=16070400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8eaf850b2dca20a1-NRT server cloudflare
GET H3	200	logo.svg www.ipqualityscore.com/templates/frontend/img/	3 KB 2 KB	19ms 18ms	Image image/svg+xml	172.67.72.12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.ipqualityscore.com/templates/frontend/img/logo.svg Requested by Host: www.ipqualityscore.com URL: https://www.ipqualityscore.com/threat-feeds/malicious-url-scanner/harumon.hakusensha-cafe.com Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.72.12 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2be56562e98ebf6707cf0c7262259a0d5e4d13abc27dd0a004599f6b66375845 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.ipqualityscore.com/threat-feeds/malicious-url-scanner/harumon.hakusensha-cafe.com Response headers content-encoding br cf-cache-status HIT etag W/"65f45edb-d47" age 7168 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wi3AR8thBg1p%2FM3JB0k6ASdVl46PtnO923Ja8dvFbzI2CI6GXpNnpDBxl9Cfzsp6UJU6B5d1GcHyYLiwuIsoqmYoUnFYkqrnpijYJ0RNO4doqGUrrZlkQ9A5Efq20XBCI0vIAyEI1vQ%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=3105&min_rtt=1291&rtt_var=1091&sent=126&recv=69&lost=0&retrans=0&sent_bytes=122944&recv_bytes=12788&delivery_rate=969300&cwnd=60000&unsent_bytes=0&cid=dc27732403d2b3bf&ts=1317&x=1", cfExtPri, cfHdrFlush;dur=0 date Sun, 01 Dec 2024 02:06:45 GMT content-type image/svg+xml last-modified Fri, 15 Mar 2024 14:44:43 GMT vary Accept-Encoding priority u=3,i cache-control max-age=16070400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8eaf850b5df820a1-NRT server cloudflare
GET H3	200	pxiEyp8kv8JHgFVrJJfecg.woff2 www.ipqualityscore.com/templates/fonts/	8 KB 8 KB	17ms 17ms	Font application/octet-stream	172.67.72.12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ipqualityscore.com/templates/fonts/pxiEyp8kv8JHgFVrJJfecg.woff2 Requested by Host: www.ipqualityscore.com URL: https://www.ipqualityscore.com/templates/css/fonts.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.72.12 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fab32ccef85408b763c899ad7c0b910c96c76dc9ed7158ce304fdcd3c0bf8388 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://www.ipqualityscore.com Referer https://www.ipqualityscore.com/templates/css/fonts.css Response headers cf-cache-status HIT etag "65aaee22-1f20" age 7168 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r45pfAowwJA5YmHwAjkG%2F%2FfvX%2FOWksHz7gshUUjfGNsjD5ERROg5p79oZ1gOo9aUMJuvmLUdd8ut8v1hpNH4QkEFsPVoIEheJnvq9hWgGcNSn3tf%2FCTf0RfUDCoV7OGTh1UBqg8N%2ByE%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=2934&min_rtt=1291&rtt_var=1160&sent=130&recv=73&lost=0&retrans=0&sent_bytes=125250&recv_bytes=14269&delivery_rate=631294&cwnd=60000&unsent_bytes=0&cid=dc27732403d2b3bf&ts=1333&x=1", cfExtPri, cfHdrFlush;dur=0 date Sun, 01 Dec 2024 02:06:45 GMT content-type application/octet-stream last-modified Fri, 19 Jan 2024 21:48:18 GMT vary Accept-Encoding priority u=0,i=?0 cache-control max-age=16070400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8eaf850b6e0420a1-NRT accept-ranges bytes content-length 7968 server cloudflare
GET H3	200	bg-products-1920.jpg www.ipqualityscore.com/templates/img/	32 KB 33 KB	22ms 22ms	Image image/jpeg	172.67.72.12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.ipqualityscore.com/templates/img/bg-products-1920.jpg Requested by Host: www.ipqualityscore.com URL: https://www.ipqualityscore.com/templates/css/main.css?v=6 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.72.12 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 77dff46f16f87c9f654650389f37f2b010a9e7efceb9ee5e78d2bd1f7fd17c9e Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.ipqualityscore.com/templates/css/main.css?v=6 Response headers cf-bgj imgq:100,h2pri etag "65aaee22-8174" age 4632 cf-cache-status HIT report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NXf1zPem9gF%2F6QLerhBamtE8DTBl1DkGenYT99ybnJMox2VyZ43rOC6ywr5sLhRP3NQcEZvMIEgnzQdiU6xOvHs9EIH7jUZ%2FzkHD3vbsofvf3VwK9kqVAwttiErAuzPMh3klXEVx8zw%3D"}],"group":"cf-nel","max_age":604800} cf-polished status=not_needed alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=2655&min_rtt=1291&rtt_var=1162&sent=140&recv=75&lost=0&retrans=0&sent_bytes=135362&recv_bytes=14359&delivery_rate=430164&cwnd=60000&unsent_bytes=0&cid=dc27732403d2b3bf&ts=1352&x=1", cfExtPri, cfHdrFlush;dur=0 date Sun, 01 Dec 2024 02:06:45 GMT content-type image/jpeg last-modified Fri, 19 Jan 2024 21:48:18 GMT vary Accept-Encoding priority u=3,i cache-control max-age=16070400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8eaf850b8e0c20a1-NRT accept-ranges bytes content-length 33140 server cloudflare
GET H3	200	icon-check.svg www.ipqualityscore.com/templates/img/icons/	792 B 1 KB	18ms 18ms	Image image/svg+xml	172.67.72.12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.ipqualityscore.com/templates/img/icons/icon-check.svg Requested by Host: www.ipqualityscore.com URL: https://www.ipqualityscore.com/templates/css/main.css?v=6 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.72.12 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b4516db453f676a4efc873fb5801f173de6859c46d3215f6a8ce11ceb9663b2e Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.ipqualityscore.com/templates/css/main.css?v=6 Response headers content-encoding br cf-cache-status HIT etag W/"65aaee22-318" age 6767 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=doBJj9HLq6cyJdg1RdaaUbpD7ES65yfzoCWeJy1DcJT%2F%2FZoQtUcww7SR%2FPOuDkvOISQOo5G6A3pzHdkChwpnzC33mjcKDvzylJezWGdCQ3uGL6rKD47TtYdb%2B5StoOMkPxL6nHVkAiQ%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=2837&min_rtt=1291&rtt_var=1065&sent=138&recv=74&lost=0&retrans=0&sent_bytes=134116&recv_bytes=14314&delivery_rate=2467437&cwnd=60000&unsent_bytes=0&cid=dc27732403d2b3bf&ts=1347&x=1", cfExtPri, cfHdrFlush;dur=0 date Sun, 01 Dec 2024 02:06:45 GMT content-type image/svg+xml last-modified Fri, 19 Jan 2024 21:48:18 GMT vary Accept-Encoding priority u=3,i cache-control max-age=16070400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8eaf850b8e0e20a1-NRT server cloudflare
GET H3	200	rocket-loader.min.js Show response www.ipqualityscore.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/	12 KB 4 KB	6ms 5ms	Script application/javascript	172.67.72.12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ipqualityscore.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Requested by Host: www.ipqualityscore.com URL: https://www.ipqualityscore.com/threat-feeds/malicious-url-scanner/harumon.hakusensha-cafe.com Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.72.12 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.ipqualityscore.com/threat-feeds/malicious-url-scanner/harumon.hakusensha-cafe.com Response headers x-frame-options DENY nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cache-control max-age=172800, public content-encoding gzip etag W/"6740aa56-302c" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T51M952CHMGFawmPFMQBS2RQnk8o%2BcGea4CSlINs4l6Xt3J84NqZ5uzT8kp%2BwSkndoB0hMJelDRCxFq5j1Hn4kRFWrVJiMTVfO%2B%2B62c2y2o%2FaTTsdAg%2BdNbZoOQ0%2FITGyouoEMEA6jQ%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff cf-ray 8eaf850bde2f20a1-NRT expires Tue, 03 Dec 2024 02:06:45 GMT date Sun, 01 Dec 2024 02:06:45 GMT content-type application/javascript last-modified Fri, 22 Nov 2024 15:59:18 GMT server cloudflare vary Accept-Encoding
GET H3	200	learn.js Show response www.ipqualityscore.com/api/ipqualityscore.com/CE6pu4Htn20GN1hPLRYvoGBpfCcRIoUjbleo2JGPntwo306Mkl67eaAyx4trD13r4gAeX3wXILaoYxthNFRDMxgSHKopPqAIeWrPsLdf1xHOu1C71wcHHLPLMOhLFsjmrR9Mmj6wcGIUopqIY4BtYF3...	143 KB 71 KB	16ms 15ms	Script application/javascript	172.67.72.12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ipqualityscore.com/api/ipqualityscore.com/CE6pu4Htn20GN1hPLRYvoGBpfCcRIoUjbleo2JGPntwo306Mkl67eaAyx4trD13r4gAeX3wXILaoYxthNFRDMxgSHKopPqAIeWrPsLdf1xHOu1C71wcHHLPLMOhLFsjmrR9Mmj6wcGIUopqIY4BtYF3xFPOLDFylShb5SXqc2j1RNg5Le7Jn65jVWL53REunKqo1iv5gIZ0yOjJitQdpSuUHXLa14hEWX6467qEtLpkHJssc3JnyLHI7tVZdpg1Z/learn.js Requested by Host: www.ipqualityscore.com URL: https://www.ipqualityscore.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.72.12 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c7dca08bbf1fb72d288f03f66ba1e64669924fdda7ea86c15f578581fdf2a849 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.ipqualityscore.com/threat-feeds/malicious-url-scanner/harumon.hakusensha-cafe.com Response headers content-encoding br cf-cache-status HIT age 25609 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lQVKjLaX0TIOXJfeM0ErQ2qZDeLWLjr8Lsk735Kjdve%2FVrFBl83xzNpqvDNxuthJj%2B14vrrnIJUKCyjZ36CQ0fID24F0o%2BfaQSWuQTKRdwtXjqggn41OdTX745cR4qhzjpeCFxEwavU%3D"}],"group":"cf-nel","max_age":604800} expires Sun, 01 Dec 2024 13:59:55 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=2096&min_rtt=1291&rtt_var=878&sent=179&recv=89&lost=0&retrans=0&sent_bytes=175157&recv_bytes=19002&delivery_rate=768621&cwnd=60000&unsent_bytes=0&cid=dc27732403d2b3bf&ts=1404&x=1", cfExtPri, cfHdrFlush;dur=0 date Sun, 01 Dec 2024 02:06:45 GMT content-type application/javascript last-modified Sat, 30 Nov 2024 18:59:56 GMT vary Accept-Encoding priority u=1,i=?0 cache-control max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma cache cf-ray 8eaf850bee3420a1-NRT access-control-allow-origin https://www.ipqualityscore.com server cloudflare
GET H3	200	FreeURLLookup.js Show response www.ipqualityscore.com/templates/js/	480 B 923 B	434ms 433ms	Script application/javascript	172.67.72.12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ipqualityscore.com/templates/js/FreeURLLookup.js?v=23 Requested by Host: www.ipqualityscore.com URL: https://www.ipqualityscore.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.72.12 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6ea28af8eb327d1b446e5654d93cba6e82caf768f5339c849d3608997c444534 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.ipqualityscore.com/threat-feeds/malicious-url-scanner/harumon.hakusensha-cafe.com Response headers server cloudflare cache-control max-age=16070400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status REVALIDATED etag W/"65aaee22-1e0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2DhHgRan6gWHDbVXS%2FKSbScNmdpCSoyHKY5BKFM5S10pld5i8YLMvfB2IP4znQUNkQPCR1M6uBR0rOHnu%2F%2BpFFianmmNpaOKRp4pFRTOpH9Gk6wnNAIZfVVHUjujFnmAKKghSrvGQTY%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8eaf850bee3520a1-NRT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=1823&min_rtt=1186&rtt_var=235&sent=305&recv=104&lost=0&retrans=0&sent_bytes=322649&recv_bytes=19673&delivery_rate=185208&cwnd=96000&unsent_bytes=0&cid=dc27732403d2b3bf&ts=1822&x=1", cfExtPri, cfHdrFlush;dur=0 date Sun, 01 Dec 2024 02:06:45 GMT content-type application/javascript last-modified Fri, 19 Jan 2024 21:48:18 GMT vary Accept-Encoding priority u=1,i=?0
GET H3	200	app.js Show response www.ipqualityscore.com/templates/js/	11 KB 4 KB	19ms 18ms	Script application/javascript	172.67.72.12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ipqualityscore.com/templates/js/app.js Requested by Host: www.ipqualityscore.com URL: https://www.ipqualityscore.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.72.12 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 655197c4023277f180e17497e08c273f22e84493964797cef7a8514be36d2660 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.ipqualityscore.com/threat-feeds/malicious-url-scanner/harumon.hakusensha-cafe.com Response headers content-encoding br cf-cache-status HIT etag W/"664b9918-2da9" age 4632 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0px6MBPOgrYr2IHpMVeHF4s8H%2F43ocPMozq5lqK9wQqslP5dunR%2F3ubU0QAP5jyulDJ91RYcmSxlBaHTLab4tBN8HFjKmEmEKlUGWGaTzb6bZ9PApbVE%2FnTvscCZF3k14z8TZQvBJuw%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=2059&min_rtt=1291&rtt_var=376&sent=251&recv=95&lost=0&retrans=0&sent_bytes=260148&recv_bytes=19266&delivery_rate=2520119&cwnd=96000&unsent_bytes=0&cid=dc27732403d2b3bf&ts=1408&x=1", cfExtPri, cfHdrFlush;dur=0 date Sun, 01 Dec 2024 02:06:45 GMT content-type application/javascript last-modified Mon, 20 May 2024 18:40:24 GMT vary Accept-Encoding priority u=1,i=?0 cache-control max-age=16070400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8eaf850bee3620a1-NRT server cloudflare
GET H3	200	select2.min.js Show response www.ipqualityscore.com/templates/js/	65 KB 19 KB	23ms 22ms	Script application/javascript	172.67.72.12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ipqualityscore.com/templates/js/select2.min.js Requested by Host: www.ipqualityscore.com URL: https://www.ipqualityscore.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.72.12 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fa659dfc6ebd4b8aad80fa304842c879502fefe16e2fcef55976a89605e7af04 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.ipqualityscore.com/threat-feeds/malicious-url-scanner/harumon.hakusensha-cafe.com Response headers content-encoding br cf-cache-status HIT etag W/"65aaee22-10468" age 4631 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hfwyS01SoulpsIrKaY2dd0%2BgKQOcTgPCRh0M4TcyLL7STdJRoe1iKMQhUJ%2BNL1WIt7oYZZ1cHxTpilrRDL4rRo1wC392GVKKQxOpgh7LgcvJuUiRin9a4ov6lN%2FwvoycTv%2FJM1MKwY8%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=1804&min_rtt=1186&rtt_var=558&sent=257&recv=98&lost=0&retrans=0&sent_bytes=265838&recv_bytes=19401&delivery_rate=3234613&cwnd=96000&unsent_bytes=0&cid=dc27732403d2b3bf&ts=1411&x=1", cfExtPri, cfHdrFlush;dur=0 date Sun, 01 Dec 2024 02:06:45 GMT content-type application/javascript last-modified Fri, 19 Jan 2024 21:48:18 GMT vary Accept-Encoding priority u=1,i=?0 cache-control max-age=16070400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8eaf850bee3720a1-NRT server cloudflare
GET H3	200	bootstrap.min.js Show response www.ipqualityscore.com/templates/js/	36 KB 11 KB	18ms 16ms	Script application/javascript	172.67.72.12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ipqualityscore.com/templates/js/bootstrap.min.js Requested by Host: www.ipqualityscore.com URL: https://www.ipqualityscore.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.72.12 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 628c8d75bfefdaac70d7deaba27fc6c7c0236c8777abba32e106160ae295ac72 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.ipqualityscore.com/threat-feeds/malicious-url-scanner/harumon.hakusensha-cafe.com Response headers content-encoding br cf-cache-status HIT etag W/"65aaee22-910b" age 4631 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T9wN9KNPZxLoxp%2FvbwkXrgM%2F9e6tBf%2FDqNKbjoX5dNv2I4ek75ZcyVWOMjQLa0Xw7lscZjt1NnDT4j6IHTO6XqTBvifQvMVnptgPKRN0oES2R4uis68HTM%2FgoKzdTLj6kRX5LhgC8hI%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=2102&min_rtt=1291&rtt_var=387&sent=241&recv=94&lost=0&retrans=0&sent_bytes=248958&recv_bytes=19222&delivery_rate=4266678&cwnd=96000&unsent_bytes=0&cid=dc27732403d2b3bf&ts=1407&x=1", cfExtPri, cfHdrFlush;dur=0 date Sun, 01 Dec 2024 02:06:45 GMT content-type application/javascript last-modified Fri, 19 Jan 2024 21:48:18 GMT vary Accept-Encoding priority u=1,i=?0 cache-control max-age=16070400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8eaf850bee3820a1-NRT server cloudflare
GET H3	200	FreeURLLookup.js Show response www.ipqualityscore.com/templates/js/	480 B 928 B	406ms 405ms	Script application/javascript	172.67.72.12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ipqualityscore.com/templates/js/FreeURLLookup.js Requested by Host: www.ipqualityscore.com URL: https://www.ipqualityscore.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.72.12 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6ea28af8eb327d1b446e5654d93cba6e82caf768f5339c849d3608997c444534 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.ipqualityscore.com/threat-feeds/malicious-url-scanner/harumon.hakusensha-cafe.com Response headers server cloudflare cache-control max-age=16070400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status REVALIDATED etag W/"65aaee22-1e0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fwjs8HBh%2B8kDKn9YZRufZ7oaAqXOLk3GUTjNy1h9OxcCO3gXo1SjzTEMl0Gw9qtKTJUEdVXuEi5q3xgQwJJLt%2Be202PUKB%2F%2B%2FQpsFTaE2iUBx2aAIhCqTqZGXFTDebtb3sF9x2%2FUwF4%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8eaf850bee3920a1-NRT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=1810&min_rtt=1186&rtt_var=280&sent=304&recv=103&lost=0&retrans=0&sent_bytes=321697&recv_bytes=19627&delivery_rate=28678452&cwnd=96000&unsent_bytes=0&cid=dc27732403d2b3bf&ts=1793&x=1", cfExtPri, cfHdrFlush;dur=0 date Sun, 01 Dec 2024 02:06:45 GMT content-type application/javascript last-modified Fri, 19 Jan 2024 21:48:18 GMT vary Accept-Encoding priority u=1,i=?0
GET H3	200	1.11.1-jquery.min.js Show response www.ipqualityscore.com/templates/js/	94 KB 34 KB	23ms 22ms	Script application/javascript	172.67.72.12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ipqualityscore.com/templates/js/1.11.1-jquery.min.js Requested by Host: www.ipqualityscore.com URL: https://www.ipqualityscore.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.72.12 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.ipqualityscore.com/threat-feeds/malicious-url-scanner/harumon.hakusensha-cafe.com Response headers content-encoding br cf-cache-status HIT etag W/"65aaee22-1762a" age 4631 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mg599Y5jx8nYUXBz0Tahe8EK88NCVnfWVHk8pyZi4Rzc858hrvxQyCvn6zCL6yE9FFtPKTOWRpBn07DoXxhbweWR2gDaVU1X6F1oXIZvuL06fwv70CREJM9Z7cCmMK3l2ZdZt4sZ114%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=1804&min_rtt=1186&rtt_var=558&sent=274&recv=98&lost=0&retrans=0&sent_bytes=285911&recv_bytes=19401&delivery_rate=3234613&cwnd=96000&unsent_bytes=0&cid=dc27732403d2b3bf&ts=1412&x=1", cfExtPri, cfHdrFlush;dur=0 date Sun, 01 Dec 2024 02:06:45 GMT content-type application/javascript last-modified Fri, 19 Jan 2024 21:48:18 GMT vary Accept-Encoding priority u=1,i=?0 cache-control max-age=16070400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8eaf850bee3a20a1-NRT server cloudflare
GET H3	200	favicon-32x32.png www.ipqualityscore.com/templates/img/icons/fav/	492 B 1 KB	16ms 16ms	Other image/webp	172.67.72.12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ipqualityscore.com/templates/img/icons/fav/favicon-32x32.png Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.72.12 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d8e52714a335975f77d7e0cf88304739ab81ab8eac0c5cc2a2c1fc41ecd3380f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.ipqualityscore.com/threat-feeds/malicious-url-scanner/harumon.hakusensha-cafe.com Response headers cf-bgj imgq:100,h2pri etag "65aaee22-5bd" age 7165 cf-cache-status HIT report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gmwBlJeDrvhVpJgx3lZcNCDQ%2BCQhmZHDVjxcVBUciq7n35kO2HgeLBKy0YdZGDgnJJaxaxBk0Lfzfh2eG%2B1aclSumJryuy3ZAbdJ%2F%2BF2jYGVfaxR%2BIrWQYhIE%2B7aV3q%2Bd%2BZTHjCC%2F70%3D"}],"group":"cf-nel","max_age":604800} cf-polished origFmt=png, origSize=1469 alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=1988&min_rtt=1291&rtt_var=424&sent=255&recv=96&lost=0&retrans=0&sent_bytes=264523&recv_bytes=19311&delivery_rate=1562057&cwnd=96000&unsent_bytes=0&cid=dc27732403d2b3bf&ts=1409&x=1", cfExtPri, cfHdrFlush;dur=0 date Sun, 01 Dec 2024 02:06:45 GMT content-type image/webp content-disposition inline; filename="favicon-32x32.webp" vary Accept last-modified Fri, 19 Jan 2024 21:48:18 GMT priority u=1,i cache-control max-age=16070400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8eaf850bee3b20a1-NRT accept-ranges bytes content-length 492 server cloudflare
GET H2	200	insight.min.js Show response snap.licdn.com/li.lms-analytics/	1 KB 981 B	28ms 3ms	Script application/javascript	2600:140b:1a00:4::17c1:b89e AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: www.ipqualityscore.com URL: https://www.ipqualityscore.com/threat-feeds/malicious-url-scanner/harumon.hakusensha-cafe.com Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:140b:1a00:4::17c1:b89e Tokyo, Japan, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS Software / Resource Hash 3628be465ec3d28413b23bd425c36d30ab28016eb5f6d2f702ca7f5ae883e93f Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.ipqualityscore.com/ Response headers cache-control max-age=45865 content-encoding gzip x-cdn AKAM x-content-type-options nosniff accept-ranges bytes content-length 771 date Sun, 01 Dec 2024 02:06:45 GMT last-modified Tue, 26 Nov 2024 13:42:29 GMT content-type application/javascript;charset=utf-8 vary Accept-Encoding x-amz-server-side-encryption AES256
GET H3	200	fbevents.js Show response connect.facebook.net/en_US/	239 KB 61 KB	18ms 4ms	Script application/x-javascript	31.13.82.7 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: www.ipqualityscore.com URL: https://www.ipqualityscore.com/threat-feeds/malicious-url-scanner/harumon.hakusensha-cafe.com Protocol H3 Security QUIC, , AES_128_GCM Server 31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-01-nrt1.fbcdn.net Software / Resource Hash 527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-sGOaeWr0' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.ipqualityscore.com/ Response headers content-encoding gzip report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Sun, 01 Dec 2024 02:06:45 GMT content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-frame-options DENY strict-transport-security max-age=31536000; preload; includeSubDomains reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src 'self' data: blob: *;script-src 'nonce-sGOaeWr0' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; cache-control public, max-age=1200 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality EXCELLENT; q=0.9, rtt=3, rtx=0, c=23, mss=1232, tbw=4413, tp=9, tpl=0, uplat=1, ullat=-1 pragma public x-fb-debug JkI1rEnfNYFBAMDh+aW8BWQ4EWrrV7815WCSWAH0xfgBRhYyzPM4etwMH1bP++/kOctxfzwnjBr7ari0MYKKaA== cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" document-policy force-load-at-top content-length 62107 x-xss-protection 0 origin-agent-cluster ?1
GET H2	200	gtm.js Show response www.googletagmanager.com/	305 KB 106 KB	93ms 49ms	Script application/javascript	2404:6800:4004:81e::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-M96CT2P Requested by Host: www.ipqualityscore.com URL: https://www.ipqualityscore.com/threat-feeds/malicious-url-scanner/harumon.hakusensha-cafe.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:81e::2008 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash b7c8db0b1e5290041724ef0aa5c88a8b36b0b85844ddb4eb2a77f42061bc404a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.ipqualityscore.com/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],} expires Sun, 01 Dec 2024 02:06:45 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sun, 01 Dec 2024 02:06:45 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding last-modified Sun, 01 Dec 2024 00:00:00 GMT access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 108035 x-xss-protection 0 server Google Tag Manager
GET H/1.1	200 OK	roundtrip.js Show response s.adroll.com/j/GAZYMRRILNEMVCKGJQ3466/	99 KB 30 KB	487ms 426ms	Script text/javascript	2600:9000:2157:6000:6:9280:1080:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.adroll.com/j/GAZYMRRILNEMVCKGJQ3466/roundtrip.js Requested by Host: www.ipqualityscore.com URL: https://www.ipqualityscore.com/threat-feeds/malicious-url-scanner/harumon.hakusensha-cafe.com Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2157:6000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash d7f307f85f2540d4dc5f38117746812d565a64f9394ae8fd1bcf6ec4d65f18cf Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.ipqualityscore.com/ Response headers Access-Control-Max-Age 600 Content-Encoding gzip X-Amz-Version-Id xlBy4aXExTegN_Nitd7WdOK9Nzh2fG8b Etag W/"6ff2467974daf3f32a41879d623dd3d8" Access-Control-Allow-Methods GET X-Cache RefreshHit from cloudfront X-Amz-Cf-Id gdAh708oz7LUVm07OVvX3kz-IZtqcj1danATBSNdJTKohwJZ7q4Gfw== Date Sun, 01 Dec 2024 02:06:47 GMT Content-Type text/javascript; charset=utf-8 Vary accept-encoding Last-Modified Fri, 15 Nov 2024 11:58:38 GMT Access-Control-Allow-Headers * Transfer-Encoding chunked Cache-Control max-age=3600, must-revalidate Connection keep-alive Access-Control-Allow-Credentials false Via 1.1 04c2f7c6be96060d3defd0bb02b9dbde.cloudfront.net (CloudFront) Access-Control-Allow-Origin * X-Amz-Cf-Pop NRT12-C3 Server AmazonS3 X-Amz-Server-Side-Encryption AES256
GET H2	200	5.2.0 Show response instant.page/	3 KB 1 KB	25ms 10ms	Script text/javascript	2606:4700::6813:e663 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://instant.page/5.2.0 Requested by Host: www.ipqualityscore.com URL: https://www.ipqualityscore.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:e663 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8b3644ac5b264c8d3d09222feeea6aa208432f4e46900037dd60bc9834b3c250 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://www.ipqualityscore.com Referer https://www.ipqualityscore.com/ Response headers cache-control max-age=2592000 content-encoding br cf-ray 8eaf850f2ed73463-NRT access-control-allow-origin * date Sun, 01 Dec 2024 02:06:45 GMT content-type text/javascript vary Accept-Encoding server cloudflare
GET H2	200	insight.old.min.js Show response snap.licdn.com/li.lms-analytics/	40 KB 40 KB	3ms 3ms	Script text/javascript	2600:140b:1a00:4::17c1:b89e AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.old.min.js Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:140b:1a00:4::17c1:b89e Tokyo, Japan, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS Software / Resource Hash e6b8a90a2870483ace67380ff4a64b39bfecb7952a432393470d76a6614fc62c Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.ipqualityscore.com/ Response headers x-cdn AKAM x-content-type-options nosniff accept-ranges bytes content-length 41181 date Sun, 01 Dec 2024 02:06:45 GMT last-modified Tue, 26 Nov 2024 13:49:02 GMT content-type text/javascript x-amz-server-side-encryption AES256
GET H3	200	1214830138666937 Show response connect.facebook.net/signals/config/	65 KB 13 KB	168ms 168ms	Script application/x-javascript	31.13.82.7 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/1214830138666937?v=2.9.176&r=stable&domain=www.ipqualityscore.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-01-nrt1.fbcdn.net Software / Resource Hash b46121b51204f53b8de29c1a6932a4826b0b1e358cfef0c86b6c4dc9885736ae Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-bEJkBh9U' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.ipqualityscore.com/ Response headers content-encoding gzip report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Sun, 01 Dec 2024 02:06:45 GMT content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-frame-options DENY strict-transport-security max-age=31536000; preload; includeSubDomains reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src 'self' data: blob: *;script-src 'nonce-bEJkBh9U' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; cache-control public, max-age=1200 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality EXCELLENT; q=0.9, rtt=2, rtx=0, c=70, mss=1232, tbw=70267, tp=66, tpl=0, uplat=164, ullat=0 pragma public x-fb-debug R7V+DQ6IqykOZLT6czaeVjMzrAd7Mr3BC/zbP3K7ojdOokKLQ7eKs3mvKsQ9kVKnhSq+fISAC0s5GOS2RCR97g== cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" document-policy force-load-at-top x-xss-protection 0 origin-agent-cluster ?1
GET H2	200	attribution_trigger Show response px.ads.linkedin.com/	2 B 760 B	184ms 154ms	XHR application/json	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://px.ads.linkedin.com/attribution_trigger?pid=2073108&time=1733018805628&url=https%3A%2F%2Fwww.ipqualityscore.com%2Fthreat-feeds%2Fmalicious-url-scanner%2Fharumon.hakusensha-cafe.com Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Accept * Referer https://www.ipqualityscore.com/ Response headers x-li-pop afd-prod-ltx1-x content-encoding gzip x-fs-uuid 0006282be24df49fce44014430862a2a x-msedge-ref Ref A: 365F9507BC9F40FAA6480FC47DFA8A06 Ref B: TYBEDGE0911 Ref C: 2024-12-01T02:06:45Z x-li-fabric prod-ltx1 x-restli-protocol-version 1.0.0 access-control-allow-methods GET, OPTIONS x-li-uuid AAYoK+JN9J/ORAFEMIYqKg== x-li-proto http/2 access-control-allow-origin * x-cache CONFIG_NOCACHE date Sun, 01 Dec 2024 02:06:45 GMT content-type application/json access-control-allow-headers *
GET H2	200	collect px4.ads.linkedin.com/ Redirect Chain https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2073108&time=1733018805628&li_adsId=9f5e63b2-bc4f-417a-846b-943a7b143fa9&url=https%3A%2F%2Fwww.ipqualityscore.com%2Fthreat-feeds%2Fmalicious-url-s... https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2073108&time=1733018805628&li_adsId=9f5e63b2-bc4f-417a-846b-943a7b143fa9&url=https%3A%2F%2Fwww.ipqualityscore.com%2Fthreat-feeds%2Fmalicious-url-s... https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2073108%26time%3D1733018805628%26li_adsId%3D9f5e63b2-bc4f-417a-846b-943a7b143fa9%... https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2073108&time=1733018805628&li_adsId=9f5e63b2-bc4f-417a-846b-943a7b143fa9&url=https%3A%2F%2Fwww.ipqualityscore.com%2Fthreat-feeds%2Fmalicious-url-s... https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2073108&time=1733018805628&li_adsId=9f5e63b2-bc4f-417a-846b-943a7b143fa9&url=https%3A%2F%2Fwww.ipqualityscore.com%2Fthreat-feeds%2Fmalicious-url-...	0 703 B	175ms 147ms	Image application/javascript	13.107.42.14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2073108&time=1733018805628&li_adsId=9f5e63b2-bc4f-417a-846b-943a7b143fa9&url=https%3A%2F%2Fwww.ipqualityscore.com%2Fthreat-feeds%2Fmalicious-url-scanner%2Fharumon.hakusensha-cafe.com&cookiesTest=true&liSync=true&e_ipv6=AQJb1UdOEKSQ3gAAAZN_-Gk7eZZdR5ZMAfricF5azlWs_kYJdl6BxproDEy6S1donUuVgQ Protocol H2 Server 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.ipqualityscore.com/ Response headers linkedin-action 1 x-li-pop afd-prod-ltx1-x nel {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true} x-msedge-ref Ref A: FD28D1CE7D0044A4A4A83C09C3768CEE Ref B: TYAEDGE0709 Ref C: 2024-12-01T02:06:46Z x-li-fabric prod-ltx1 report-to {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true} x-li-uuid AAYoK+JdniI5mEunICXILA== x-li-proto http/2 x-cache CONFIG_NOCACHE content-length 0 date Sun, 01 Dec 2024 02:06:46 GMT content-type application/javascript Redirect headers linkedin-action 1 x-li-pop afd-prod-ltx1-x nel {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true} location https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2073108&time=1733018805628&li_adsId=9f5e63b2-bc4f-417a-846b-943a7b143fa9&url=https%3A%2F%2Fwww.ipqualityscore.com%2Fthreat-feeds%2Fmalicious-url-scanner%2Fharumon.hakusensha-cafe.com&cookiesTest=true&liSync=true&e_ipv6=AQJb1UdOEKSQ3gAAAZN_-Gk7eZZdR5ZMAfricF5azlWs_kYJdl6BxproDEy6S1donUuVgQ x-msedge-ref Ref A: AEF1EBD3DEEB4F2AA190DDF25D5AAC7A Ref B: TYAEDGE0716 Ref C: 2024-12-01T02:06:46Z x-li-fabric prod-ltx1 report-to {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true} x-li-uuid AAYoK+Ja9f1g8dLRPCXVHw== x-li-proto http/2 x-cache CONFIG_NOCACHE content-length 0 date Sun, 01 Dec 2024 02:06:45 GMT
GET H/1.1	200 OK	udid.json Show response fn.us.ipqualityscore.com/udid/	28 B 306 B	483ms 164ms	XHR application/json	192.158.224.59 TIER-NET
General Check archive.org Show headers Download Go to Full URL https://fn.us.ipqualityscore.com/udid/udid.json Requested by Host: www.ipqualityscore.com URL: https://www.ipqualityscore.com/threat-feeds/malicious-url-scanner/harumon.hakusensha-cafe.com Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 192.158.224.59 Charlotte, United States, ASN397423 (TIER-NET, US), Reverse DNS intimeclick.com Software / Resource Hash 3fdcc2e28849e2e1db279977ed40efa7c309c28d45e4f78e197714c6fcd0cebf Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.ipqualityscore.com/ Response headers Cache-Control max-age=31536000 Connection close Expires Mon, 01 Dec 2025 02:06:46 GMT Access-Control-Allow-Origin * Content-Length 28 Date Sun, 01 Dec 2024 02:06:46 GMT Content-Type application/json Last-Modified Sun, 01 Dec 2024 02:06:46 GMT
GET H3	200	/ www.facebook.com/tr/	0 19 B	11ms 4ms	Image text/plain	31.13.82.36 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1214830138666937&ev=PageView&dl=https%3A%2F%2Fwww.ipqualityscore.com&rl=&if=false&ts=1733018806129&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4124&fbp=fb.1.1733018806127.413973603319095059&pm=1&hrl=c4d9ac&ler=empty&cdl=API_unavailable&it=1733018805623&coo=false&cs_cc=1&cas=6479553132124839%2C6411980495528977%2C1993146430809271&rqm=GET Protocol H3 Security QUIC, , AES_128_GCM Server 31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-nrt1.facebook.com Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.ipqualityscore.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains x-fb-connection-quality EXCELLENT; q=0.9, rtt=1, rtx=0, c=23, mss=1232, tbw=4494, tp=10, tpl=0, uplat=0, ullat=0 cross-origin-resource-policy cross-origin access-control-allow-credentials true access-control-allow-origin alt-svc h3=":443"; ma=86400 content-length 0 date Sun, 01 Dec 2024 02:06:46 GMT content-type text/plain server proxygen-bolt priority u=3,i
GET H3	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 192 B	197ms 190ms	Image image/png	31.13.82.36 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1214830138666937&ev=PageView&dl=https%3A%2F%2Fwww.ipqualityscore.com&rl=&if=false&ts=1733018806129&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4124&fbp=fb.1.1733018806127.413973603319095059&pm=1&hrl=c4d9ac&ler=empty&cdl=API_unavailable&it=1733018805623&coo=false&cs_cc=1&cas=6479553132124839%2C6411980495528977%2C1993146430809271&rqm=FGET Protocol H3 Security QUIC, , AES_128_GCM Server 31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-nrt1.facebook.com Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.ipqualityscore.com/ Response headers content-encoding zstd report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7443259096829765226"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Sun, 01 Dec 2024 02:06:46 GMT content-type image/png vary Accept-Encoding x-fb-debug c4D5oJ66qfSwU4wVPqrxsGsl7eLfuqH49r+4NPaI6t8Sup93agfxc7rEKWEV9DBzQh10Ko1K2L+n7I7Eftj2HA== priority u=3,i x-frame-options DENY strict-transport-security max-age=15552000; preload reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7443259096829765226", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; cache-control private, no-store, no-cache, must-revalidate x-fb-connection-quality EXCELLENT; q=0.9, rtt=1, rtx=0, c=23, mss=1232, tbw=4862, tp=13, tpl=0, uplat=186, ullat=0 cross-origin-opener-policy same-origin-allow-popups pragma no-cache cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" document-policy force-load-at-top x-xss-protection 0 origin-agent-cluster ?1
POST H3	200	collect www.google.com/ccm/	0 0	78ms 38ms	Ping text/plain	142.251.42.164 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fwww.ipqualityscore.com%2Fthreat-feeds%2Fmalicious-url-scanner%2Fharumon.hakusensha-cafe.com&scrsrc=www.googletagmanager.com&frm=0&rnd=1269257134.1733018806&auid=1614906886.1733018806&npa=0&gtm=45He4bk0v850256007za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&tft=1733018806153&tfd=2450&apve=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-M96CT2P Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.42.164 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS nrt12s46-in-f4.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.ipqualityscore.com/ Response headers
GET H2	200	js Show response www.googletagmanager.com/gtag/	442 KB 138 KB	53ms 52ms	Script application/javascript	2404:6800:4004:81e::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-RXKZE1NPG8&l=dataLayer&cx=c&gtm=45He4bk0v850256007za200 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-M96CT2P Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:81e::2008 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 00b9d2c244460e15d50cb851fc96f46c838e6df52b8ea59dc51490baa9006aee Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.ipqualityscore.com/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],} expires Sun, 01 Dec 2024 02:06:46 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sun, 01 Dec 2024 02:06:46 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 140598 x-xss-protection 0 server Google Tag Manager
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	49ms 4ms	Script text/javascript	2404:6800:4004:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-M96CT2P Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:810::200e , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.ipqualityscore.com/ Response headers content-encoding gzip age 1274 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],} x-content-type-options nosniff expires Sun, 01 Dec 2024 03:45:32 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sun, 01 Dec 2024 01:45:32 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT content-type text/javascript vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=7200 cross-origin-resource-policy cross-origin content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0 cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 20994 server Golfe2
GET H2	200	destination Show response www.googletagmanager.com/gtag/	442 KB 138 KB	90ms 90ms	Script application/javascript	2404:6800:4004:81e::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/destination?id=AW-723801030&l=dataLayer&cx=c&gtm=45He4bk0v850256007za200 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-M96CT2P Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:81e::2008 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 7fe5f239a87420573c5d53b3d848ecc0fb29b274b3e19da70534c2a587cdd66c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.ipqualityscore.com/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],} expires Sun, 01 Dec 2024 02:06:46 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sun, 01 Dec 2024 02:06:46 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 140488 x-xss-protection 0 server Google Tag Manager
GET H2	200	sw_iframe.html www.googletagmanager.com/static/service_worker/4bj0/ Frame 358A	0 0	39ms 3ms	Document text/html	2404:6800:4004:81e::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fwww.ipqualityscore.com Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-M96CT2P Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:81e::2008 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers accept-ranges bytes age 94197 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding br content-length 1476 content-type text/html cross-origin-opener-policy same-origin; report-to="analytics-container-tag-serving" cross-origin-resource-policy cross-origin date Fri, 29 Nov 2024 23:56:49 GMT expires Sat, 29 Nov 2025 23:56:49 GMT last-modified Tue, 19 Nov 2024 10:38:00 GMT report-to {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]} server sffe service-worker-allowed /static/service_worker vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
POST H2	200	collect Show response www.google-analytics.com/j/	3 B 426 B	38ms 36ms	XHR text/plain	2404:6800:4004:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2136336230&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ipqualityscore.com%2Fthreat-feeds%2Fmalicious-url-scanner%2Fharumon.hakusensha-cafe.com&ul=ja-jp&de=UTF-8&dt=Malicious%20URL%20Scanner%20%7C%20Scan%20URLs%20for%20Malware%20%7C%20Malware%20URL%20Checker&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=852372030&gjid=772313287&cid=510392251.1733018806&tid=UA-103051872-1&_gid=1383134201.1733018806&_r=1&_slc=1&gtm=45He4bk0n81M96CT2Pv850256007za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=493253629 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:810::200e , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Content-Type text/plain Referer https://www.ipqualityscore.com/ Response headers report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],} x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sun, 01 Dec 2024 02:06:46 GMT last-modified Sun, 17 May 1998 03:00:00 GMT content-type text/plain cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0 access-control-allow-origin https://www.ipqualityscore.com cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 3 server Golfe2
POST H/1.1	200 OK	fetch Show response fn.us.ipqualityscore.com/api/ipqualityscore.com/CE6pu4Htn20GN1hPLRYvoGBpfCcRIoUjbleo2JGPntwo306Mkl67eaAyx4trD13r4gAeX3wXILaoYxthNFRDMxgSHKopPqAIeWrPsLdf1xHOu1C71wcHHLPLMOhLFsjmrR9Mmj6wcGIUopqIY4BtY...	0 268 B	487ms 162ms	XHR text/html	192.158.224.59 TIER-NET
General Check archive.org Show headers Download Go to Full URL https://fn.us.ipqualityscore.com/api/ipqualityscore.com/CE6pu4Htn20GN1hPLRYvoGBpfCcRIoUjbleo2JGPntwo306Mkl67eaAyx4trD13r4gAeX3wXILaoYxthNFRDMxgSHKopPqAIeWrPsLdf1xHOu1C71wcHHLPLMOhLFsjmrR9Mmj6wcGIUopqIY4BtYF3xFPOLDFylShb5SXqc2j1RNg5Le7Jn65jVWL53REunKqo1iv5gIZ0yOjJitQdpSuUHXLa14hEWX6467qEtLpkHJssc3JnyLHI7tVZdpg1Z/learn/fetch Requested by Host: www.ipqualityscore.com URL: https://www.ipqualityscore.com/threat-feeds/malicious-url-scanner/harumon.hakusensha-cafe.com Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 192.158.224.59 Charlotte, United States, ASN397423 (TIER-NET, US), Reverse DNS intimeclick.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Content-type application/x-www-form-urlencoded Referer https://www.ipqualityscore.com/ Response headers Transfer-Encoding chunked X-Robots-Tag noindex Content-Encoding gzip Connection close Access-Control-Allow-Origin * Date Sun, 01 Dec 2024 02:06:46 GMT Content-Type text/html; charset=UTF-8 Server nginx
GET H2	200	GAZYMRRILNEMVCKGJQ3466 Show response d.adroll.com/consent/check/	548 B 1 KB	219ms 70ms	Script application/javascript	2406:da18:22e:4f05:813a:ea90:ea76:71d7 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d.adroll.com/consent/check/GAZYMRRILNEMVCKGJQ3466?flg=1&pv=17222300264.96989&arrfrr=https%3A%2F%2Fwww.ipqualityscore.com%2Fthreat-feeds%2Fmalicious-url-scanner%2Fharumon.hakusensha-cafe.com&_s=e50b316015236f7a1511b4309b985782&_b=2 Requested by Host: s.adroll.com URL: https://s.adroll.com/j/GAZYMRRILNEMVCKGJQ3466/roundtrip.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2406:da18:22e:4f05:813a:ea90:ea76:71d7 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.22.1 / Resource Hash d1174071d229f01dab68eb327dedf0c0ca5e5d1faf8f1692245a88c1b6a09a0d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.ipqualityscore.com/ Response headers cache-control no-store, no-cache, must-revalidate content-length 548 p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" date Sun, 01 Dec 2024 02:06:46 GMT pragma no-cache content-type application/javascript server nginx/1.22.1
GET H3	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/723801030/	6 KB 2 KB	92ms 49ms	Script text/javascript	142.251.222.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/723801030/?random=1733018806348&cv=11&fst=1733018806348&bg=ffffff&guid=ON&async=1&gtm=45je4bk0v899280775z8850256007za201&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ipqualityscore.com%2Fthreat-feeds%2Fmalicious-url-scanner%2Fharumon.hakusensha-cafe.com&hn=www.googleadservices.com&frm=0&tiba=Malicious%20URL%20Scanner%20%7C%20Scan%20URLs%20for%20Malware%20%7C%20Malware%20URL%20Checker&npa=0&pscdl=noapi&auid=1614906886.1733018806&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-RXKZE1NPG8&l=dataLayer&cx=c&gtm=45He4bk0v850256007za200 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.222.34 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS nrt13s72-in-f2.1e100.net Software cafe / Resource Hash bfd925c2ad224420b9cd503699b8cf7b8cef76e9b91b1315f57588c44e739c4b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.ipqualityscore.com/ Response headers cache-control no-cache, must-revalidate timing-allow-origin * content-encoding br pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-length 2390 date Sun, 01 Dec 2024 02:06:46 GMT x-xss-protection 0 content-type text/javascript; charset=UTF-8 content-disposition attachment; filename="f.txt" server cafe
GET H2	200	723801030 td.doubleclick.net/td/rul/ Frame 3509	0 0	84ms 46ms	Document text/html	2404:6800:4004:820::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://td.doubleclick.net/td/rul/723801030?random=1733018806348&cv=11&fst=1733018806348&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45je4bk0v899280775z8850256007za201&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ipqualityscore.com%2Fthreat-feeds%2Fmalicious-url-scanner%2Fharumon.hakusensha-cafe.com&hn=www.googleadservices.com&frm=0&tiba=Malicious%20URL%20Scanner%20%7C%20Scan%20URLs%20for%20Malware%20%7C%20Malware%20URL%20Checker&npa=0&pscdl=noapi&auid=1614906886.1733018806&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-RXKZE1NPG8&l=dataLayer&cx=c&gtm=45He4bk0v850256007za200 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ipqualityscore.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, must-revalidate content-encoding br content-length 16 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 01 Dec 2024 02:06:46 GMT expires Fri, 01 Jan 1990 00:00:00 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" pragma no-cache server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
POST H2	204	collect analytics.google.com/g/	0 0	82ms 37ms	Fetch text/plain	2001:4860:4802:34::181 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://analytics.google.com/g/collect?v=2&tid=G-RXKZE1NPG8&gtm=45be4bk0v899280775z8850256007za200&_p=1733018805544&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=510392251.1733018806&ul=ja-jp&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1733018806&sct=1&seg=0&dl=https%3A%2F%2Fwww.ipqualityscore.com%2Fthreat-feeds%2Fmalicious-url-scanner%2Fharumon.hakusensha-cafe.com&dt=Malicious%20URL%20Scanner%20%7C%20Scan%20URLs%20for%20Malware%20%7C%20Malware%20URL%20Checker&en=page_view&_fv=1&_ss=1&tfd=2763 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/destination?id=AW-723801030&l=dataLayer&cx=c&gtm=45He4bk0v850256007za200 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.ipqualityscore.com/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://www.ipqualityscore.com cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sun, 01 Dec 2024 02:06:46 GMT content-type text/plain server Golfe2
POST H2	204	collect stats.g.doubleclick.net/g/	0 559 B	157ms 51ms	Ping text/plain	2404:6800:4008:c15::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-RXKZE1NPG8&cid=510392251.1733018806&gtm=45be4bk0v899280775z8850256007za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/destination?id=AW-723801030&l=dataLayer&cx=c&gtm=45He4bk0v850256007za200 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4008:c15::9a Taipei, Taiwan, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.ipqualityscore.com/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://www.ipqualityscore.com cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sun, 01 Dec 2024 02:06:46 GMT content-type text/plain server Golfe2
GET H2	200	rul td.doubleclick.net/td/ga/ Frame E725	0 0	44ms 43ms	Document text/html	2404:6800:4004:820::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://td.doubleclick.net/td/ga/rul?tid=G-RXKZE1NPG8&gacid=510392251.1733018806&gtm=45be4bk0v899280775z8850256007za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=1801445547 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/destination?id=AW-723801030&l=dataLayer&cx=c&gtm=45He4bk0v850256007za200 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ipqualityscore.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, must-revalidate content-encoding br content-length 16 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 01 Dec 2024 02:06:46 GMT expires Fri, 01 Jan 1990 00:00:00 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" pragma no-cache server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/723801030/	6 KB 2 KB	63ms 63ms	Script text/javascript	142.251.222.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/723801030/?random=1733018806496&cv=11&fst=1733018806496&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v899280775z8850256007za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ipqualityscore.com%2Fthreat-feeds%2Fmalicious-url-scanner%2Fharumon.hakusensha-cafe.com&hn=www.googleadservices.com&frm=0&tiba=Malicious%20URL%20Scanner%20%7C%20Scan%20URLs%20for%20Malware%20%7C%20Malware%20URL%20Checker&npa=0&pscdl=noapi&auid=1614906886.1733018806&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/destination?id=AW-723801030&l=dataLayer&cx=c&gtm=45He4bk0v850256007za200 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.222.34 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS nrt13s72-in-f2.1e100.net Software cafe / Resource Hash 02a1ea1dd50a0a94ea65cd32d687924b77768b31bea6305f192489ee626d37fd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.ipqualityscore.com/ Response headers cache-control no-cache, must-revalidate timing-allow-origin * content-encoding br pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-length 2427 date Sun, 01 Dec 2024 02:06:46 GMT x-xss-protection 0 content-type text/javascript; charset=UTF-8 content-disposition attachment; filename="f.txt" server cafe
GET H2	200	723801030 td.doubleclick.net/td/rul/ Frame A0A9	0 0	47ms 45ms	Document text/html	2404:6800:4004:820::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://td.doubleclick.net/td/rul/723801030?random=1733018806496&cv=11&fst=1733018806496&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v899280775z8850256007za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ipqualityscore.com%2Fthreat-feeds%2Fmalicious-url-scanner%2Fharumon.hakusensha-cafe.com&hn=www.googleadservices.com&frm=0&tiba=Malicious%20URL%20Scanner%20%7C%20Scan%20URLs%20for%20Malware%20%7C%20Malware%20URL%20Checker&npa=0&pscdl=noapi&auid=1614906886.1733018806&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/destination?id=AW-723801030&l=dataLayer&cx=c&gtm=45He4bk0v850256007za200 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ipqualityscore.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, must-revalidate content-encoding br content-length 16 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 01 Dec 2024 02:06:46 GMT expires Fri, 01 Jan 1990 00:00:00 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" pragma no-cache server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	ga-audiences www.google.co.jp/ads/	42 B 63 B	80ms 41ms	Image image/gif	142.250.198.3 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.co.jp/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-RXKZE1NPG8&cid=510392251.1733018806&gtm=45be4bk0v899280775z8850256007za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&tag_exp=101925629~102067555~102067808~102077855~102081485&z=2094768248 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.198.3 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt12s58-in-f3.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.ipqualityscore.com/ Response headers cache-control no-cache, no-store, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 42 date Sun, 01 Dec 2024 02:06:46 GMT x-xss-protection 0 content-type image/gif server cafe
GET H3	200	/ www.google.com/pagead/1p-user-list/723801030/	42 B 64 B	43ms 42ms	Image image/gif	142.251.42.164 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/723801030/?random=1733018806348&cv=11&fst=1733018400000&bg=ffffff&guid=ON&async=1&gtm=45je4bk0v899280775z8850256007za201&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ipqualityscore.com%2Fthreat-feeds%2Fmalicious-url-scanner%2Fharumon.hakusensha-cafe.com&hn=www.googleadservices.com&frm=0&tiba=Malicious%20URL%20Scanner%20%7C%20Scan%20URLs%20for%20Malware%20%7C%20Malware%20URL%20Checker&npa=0&pscdl=noapi&auid=1614906886.1733018806&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dAiszq90YHRoNHFiLYL6SNbZZgwuy4g&random=1735379597&rmt_tld=0&ipr=y Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.42.164 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS nrt12s46-in-f4.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.ipqualityscore.com/ Response headers content-security-policy script-src 'none'; object-src 'none' cache-control no-cache, no-store, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 42 date Sun, 01 Dec 2024 02:06:46 GMT x-xss-protection 0 content-type image/gif server cafe
GET H3	200	/ www.google.co.jp/pagead/1p-user-list/723801030/	42 B 64 B	73ms 41ms	Image image/gif	142.250.198.3 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.co.jp/pagead/1p-user-list/723801030/?random=1733018806348&cv=11&fst=1733018400000&bg=ffffff&guid=ON&async=1&gtm=45je4bk0v899280775z8850256007za201&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ipqualityscore.com%2Fthreat-feeds%2Fmalicious-url-scanner%2Fharumon.hakusensha-cafe.com&hn=www.googleadservices.com&frm=0&tiba=Malicious%20URL%20Scanner%20%7C%20Scan%20URLs%20for%20Malware%20%7C%20Malware%20URL%20Checker&npa=0&pscdl=noapi&auid=1614906886.1733018806&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dAiszq90YHRoNHFiLYL6SNbZZgwuy4g&random=1735379597&rmt_tld=1&ipr=y Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.198.3 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt12s58-in-f3.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.ipqualityscore.com/ Response headers content-security-policy script-src 'none'; object-src 'none' cache-control no-cache, no-store, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 42 date Sun, 01 Dec 2024 02:06:46 GMT x-xss-protection 0 content-type image/gif server cafe
GET H2	200	iframe_content.html x.adroll.com/pxl/ Frame FFD9	0 0	270ms 69ms	Document text/html	2406:da18:22e:4f09:2010:e9cb:70ba:92c1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://x.adroll.com/pxl/iframe_content.html?adroll_fpc=f6f18584f3f0dfa64880d1322d245465-1733018806519&flg=1&pv=17222300264.96989&arrfrr=https%3A%2F%2Fwww.ipqualityscore.com%2Fthreat-feeds%2Fmalicious-url-scanner%2Fharumon.hakusensha-cafe.com&advertisable=GAZYMRRILNEMVCKGJQ3466 Requested by Host: s.adroll.com URL: https://s.adroll.com/j/GAZYMRRILNEMVCKGJQ3466/roundtrip.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2406:da18:22e:4f09:2010:e9cb:70ba:92c1 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash Request headers Referer https://www.ipqualityscore.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers accept-ranges bytes ad-auction-allowed true content-encoding zstd content-length 427 content-type text/html date Sun, 01 Dec 2024 02:06:46 GMT last-modified Mon, 25 Nov 2024 21:07:41 GMT
GET H2	200	QH5KNCPWVVGO3ASVBQ3YGR Show response d.adroll.com/segment/GAZYMRRILNEMVCKGJQ3466/	42 B 2 KB	72ms 70ms	XHR image/gif	2406:da18:22e:4f05:813a:ea90:ea76:71d7 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d.adroll.com/segment/GAZYMRRILNEMVCKGJQ3466/QH5KNCPWVVGO3ASVBQ3YGR?adroll_fpc=f6f18584f3f0dfa64880d1322d245465-1733018806519&flg=1&pv=17222300264.96989&arrfrr=https%3A%2F%2Fwww.ipqualityscore.com%2Fthreat-feeds%2Fmalicious-url-scanner%2Fharumon.hakusensha-cafe.com&cookie=&adroll_s_ref=&keyw=&p0=1194&adroll_external_data=&xa4=1&adroll_version=2.0 Requested by Host: s.adroll.com URL: https://s.adroll.com/j/GAZYMRRILNEMVCKGJQ3466/roundtrip.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2406:da18:22e:4f05:813a:ea90:ea76:71d7 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.22.1 / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.ipqualityscore.com/ Response headers x-rule-type s access-control-expose-headers X-Advertisable-Eid, X-Attribution-Url, X-Segment-Eid, X-Segment-Display-Name, X-Segment-Name, X-Conversion-Currency, X-Conversion-Value, X-Rule, X-Rule-Type, X-Organization-Eid, X-Pixel-Eid x-organization-eid CG4TNFOYFVE6LE4RFU7I6Z access-control-allow-methods GET x-segment-eid XS76XFU4BNADRO5ARLN52I x-advertisable-eid GAZYMRRILNEMVCKGJQ3466 p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" date Sun, 01 Dec 2024 02:06:46 GMT x-pixel-eid QH5KNCPWVVGO3ASVBQ3YGR content-type image/gif x-attribution-url https%3A%2F%2Fx.adroll.com%2Fattribution%2Ftrigger%3Ffpc%3Df6f18584f3f0dfa64880d1322d245465%26advertisable_eid%3DGAZYMRRILNEMVCKGJQ3466%26conversion_type%3DPageView%26conversion_value%3D0.0%26currency%3DUSC%26flg%3D1%26pv%3D17222300264.96989%26arrfrr%3Dhttps%253A%252F%252Fwww.ipqualityscore.com%252Fthreat-feeds%252Fmalicious-url-scanner%252Fharumon.hakusensha-cafe.com access-control-allow-headers Content-Type, * x-segment-display-name Ad - Re-engage Browse Abandoners - 2023-07-02 - 7CUTSOJ2CZHIRHCJTI8AUT - Entry - Extension (1) cache-control no-store, no-cache, must-revalidate access-control-request-methods GET pragma no-cache x-conversion-currency access-control-allow-credentials true x-conversion-value 0.0 access-control-allow-origin https://www.ipqualityscore.com x-segment-name ad_reengage_browse_abandoners_20230702_7cutsoj2czhirhcjti8aut_entry_extension_1_ content-length 42 server nginx/1.22.1 x-rule */*
GET H2	200	sync x.bidswitch.net/ul_cb/ Redirect Chain https://d.adroll.com/cm/b/out?adroll_fpc=f6f18584f3f0dfa64880d1322d245465-1733018806519&flg=1&pv=17222300264.96989&arrfrr=https%3A%2F%2Fwww.ipqualityscore.com%2Fthreat-feeds%2Fmalicious-url-scanner... https://x.bidswitch.net/sync?dsp_id=44&user_id=ZTRjNjhmN2EwMzcyZjFkOWZhNjAyYjZkNDliNjdiOTA https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=ZTRjNjhmN2EwMzcyZjFkOWZhNjAyYjZkNDliNjdiOTA	43 B 287 B	8ms 7ms	Image image/gif	35.213.7.90 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=ZTRjNjhmN2EwMzcyZjFkOWZhNjAyYjZkNDliNjdiOTA Protocol H2 Server 35.213.7.90 Tokyo, Japan, ASN15169 (GOOGLE, US), Reverse DNS 90.7.213.35.bc.googleusercontent.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.ipqualityscore.com/ Response headers via 1.1 google cache-control no-cache, no-store, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 date Sun, 01 Dec 2024 02:06:46 GMT content-type image/gif Redirect headers via 1.1 google cache-control no-cache, no-store, must-revalidate location https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=ZTRjNjhmN2EwMzcyZjFkOWZhNjAyYjZkNDliNjdiOTA content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sun, 01 Dec 2024 02:06:46 GMT
GET H3	200	receive pixel.tapad.com/idsync/ex/ Redirect Chain https://d.adroll.com/cm/experian/out?adroll_fpc=f6f18584f3f0dfa64880d1322d245465-1733018806519&flg=1&pv=17222300264.96989&arrfrr=https%3A%2F%2Fwww.ipqualityscore.com%2Fthreat-feeds%2Fmalicious-url-... https://pixel.tapad.com/idsync/ex/receive?partner_id=3521&partner_device_id=ZTRjNjhmN2EwMzcyZjFkOWZhNjAyYjZkNDliNjdiOTA&gdpr=0&gdpr_consent= https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3521&partner_device_id=ZTRjNjhmN2EwMzcyZjFkOWZhNjAyYjZkNDliNjdiOTA&gdpr=0&gdpr_consent= https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=c43f6801-9977-455d-abf0-5511239ae0e1%252C%252C&gdpr=0&gdpr_consent= https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=c43f6801-9977-455d-abf0-5511239ae0e1%252C%252C&gdpr=0&gdpr_consent= https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=95bfe24f-55e8-438c-bb47-a963addfccd3&ttd_puid=c43f6801-9977-455d-abf0-5511239ae0e1%2C%2C	95 B 124 B	43ms 42ms	Image image/png	34.111.113.62 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=95bfe24f-55e8-438c-bb47-a963addfccd3&ttd_puid=c43f6801-9977-455d-abf0-5511239ae0e1%2C%2C Protocol H3 Server 34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 62.113.111.34.bc.googleusercontent.com Software Jetty(11.0.13) / Resource Hash 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.ipqualityscore.com/ Response headers strict-transport-security max-age=31536000 accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 via 1.1 google access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-length 95 date Sun, 01 Dec 2024 02:06:46 GMT content-type image/png server Jetty(11.0.13) Redirect headers location https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=95bfe24f-55e8-438c-bb47-a963addfccd3&ttd_puid=c43f6801-9977-455d-abf0-5511239ae0e1%2C%2C content-length 359 date Sun, 01 Dec 2024 02:06:46 GMT server Kestrel
GET H2	200	in d.adroll.com/cm/g/ Redirect Chain https://d.adroll.com/cm/g/out?adroll_fpc=f6f18584f3f0dfa64880d1322d245465-1733018806519&flg=1&pv=17222300264.96989&arrfrr=https%3A%2F%2Fwww.ipqualityscore.com%2Fthreat-feeds%2Fmalicious-url-scanner... https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=5MaPegNy8dn6YCttSbZ7kA https://d.adroll.com/cm/g/in	42 B 821 B	70ms 70ms	Image image/gif	2406:da18:22e:4f05:813a:ea90:ea76:71d7 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d.adroll.com/cm/g/in Protocol H2 Server 2406:da18:22e:4f05:813a:ea90:ea76:71d7 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.22.1 / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.ipqualityscore.com/ Response headers cache-control no-store, no-cache, must-revalidate pragma no-cache x-result g.-1.-1.-1 content-length 42 p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" date Sun, 01 Dec 2024 02:06:46 GMT content-type image/gif server nginx/1.22.1 Redirect headers cache-control no-cache, must-revalidate location https://d.adroll.com/cm/g/in pragma no-cache cross-origin-resource-policy cross-origin expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-length 225 date Sun, 01 Dec 2024 02:06:46 GMT x-xss-protection 0 content-type text/html; charset=UTF-8 server HTTP server (unknown)
GET H2	200	rum dsum-sec.casalemedia.com/ Redirect Chain https://d.adroll.com/cm/index/out?adroll_fpc=f6f18584f3f0dfa64880d1322d245465-1733018806519&flg=1&pv=17222300264.96989&arrfrr=https%3A%2F%2Fwww.ipqualityscore.com%2Fthreat-feeds%2Fmalicious-url-sca... https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=ZTRjNjhmN2EwMzcyZjFkOWZhNjAyYjZkNDliNjdiOTA&expiration=1764554806 https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=ZTRjNjhmN2EwMzcyZjFkOWZhNjAyYjZkNDliNjdiOTA&expiration=1764554806&C=1	43 B 336 B	18ms 18ms	Image image/gif	104.18.27.193 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=ZTRjNjhmN2EwMzcyZjFkOWZhNjAyYjZkNDliNjdiOTA&expiration=1764554806&C=1 Protocol H2 Server 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.ipqualityscore.com/ Response headers cache-control no-cache nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} cf-cache-status DYNAMIC pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nwKrcmd71II7UFw9OS1CX7qwJ1TcIk%2FSr0H2RrM9fR5iTlJ%2BIF3FaxDeciV2Y8R0VyrfNKseE3M5tsa36y2L3SDdO5M9qht5%2BitdtSufFRIbaVrIBD5vcZ%2FG5brPWqk93Pdcqn59eCjbsA%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8eaf85159d188a9e-NRT expires 0 alt-svc h3=":443"; ma=86400 content-length 43 p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" date Sun, 01 Dec 2024 02:06:46 GMT content-type image/gif vary Accept-Encoding server cloudflare Redirect headers cache-control no-cache location /rum?cm_dsp_id=105&external_user_id=ZTRjNjhmN2EwMzcyZjFkOWZhNjAyYjZkNDliNjdiOTA&expiration=1764554806&C=1 cf-cache-status DYNAMIC pragma no-cache nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5bf8v21SERWHF12BntjlooYpBAykDL6bGwg9ysP9Ym8DWS1h5IkVj8uBgX3hSmeT%2F3dt6bVbS8%2B91Uvv1clZo4PfiEHmHudXCduunm8U55m0fKZB4WRN1yeGVmjfGUQyOWlcfE%2BjIH4zAw%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8eaf85156cf78a9e-NRT expires 0 alt-svc h3=":443"; ma=86400 content-length 0 p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" date Sun, 01 Dec 2024 02:06:46 GMT vary Accept-Encoding server cloudflare
GET H2	200	sync pippio.com/api/ Redirect Chain https://d.adroll.com/cm/l/out?adroll_fpc=f6f18584f3f0dfa64880d1322d245465-1733018806519&flg=1&pv=17222300264.96989&arrfrr=https%3A%2F%2Fwww.ipqualityscore.com%2Fthreat-feeds%2Fmalicious-url-scanner... https://idsync.rlcdn.com/377928.gif?partner_uid=e4c68f7a0372f1d9fa602b6d49b67b90 https://idsync.rlcdn.com/1000.gif?memo=CMiIFxIrCicIARDqIhogZTRjNjhmN2EwMzcyZjFkOWZhNjAyYjZkNDliNjdiOTAQABoNCLaJr7oGEgUI6AcQAEIASgA https://pippio.com/api/sync?pid=5324&it=1&iv=14a86af0419f6e66de5eadf805bd20771c34469e86b1443c435b8bbc05acc1f8791426b5417dce21&_=2	42 B 571 B	179ms 153ms	Image image/gif	107.178.254.65 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://pippio.com/api/sync?pid=5324&it=1&iv=14a86af0419f6e66de5eadf805bd20771c34469e86b1443c435b8bbc05acc1f8791426b5417dce21&_=2 Protocol H2 Server 107.178.254.65 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 65.254.178.107.bc.googleusercontent.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.ipqualityscore.com/ Response headers cache-control no-cache, no-store timing-allow-origin * via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" content-length 42 date Sun, 01 Dec 2024 02:06:47 GMT content-type image/gif Redirect headers cache-control no-cache, no-store timing-allow-origin * location https://pippio.com/api/sync?pid=5324&it=1&iv=14a86af0419f6e66de5eadf805bd20771c34469e86b1443c435b8bbc05acc1f8791426b5417dce21&_=2 via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" content-length 0 date Sun, 01 Dec 2024 02:06:46 GMT
GET H/1.1	200 OK	tap.php pixel.rubiconproject.com/ Redirect Chain https://d.adroll.com/cm/n/out?adroll_fpc=f6f18584f3f0dfa64880d1322d245465-1733018806519&flg=1&pv=17222300264.96989&arrfrr=https%3A%2F%2Fwww.ipqualityscore.com%2Fthreat-feeds%2Fmalicious-url-scanner... https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=ZTRjNjhmN2EwMzcyZjFkOWZhNjAyYjZkNDliNjdiOTA&expires=365	42 B 1 KB	357ms 72ms	Image image/gif	69.173.158.64 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=ZTRjNjhmN2EwMzcyZjFkOWZhNjAyYjZkNDliNjdiOTA&expires=365 Protocol HTTP/1.1 Server 69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.ipqualityscore.com/ Response headers Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" X-RPHost d264e84c9dc1a645a3048554992c5d82 Pragma no-cache content-length 42 Content-Type image/gif Redirect headers cache-control no-store, no-cache, must-revalidate location https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=ZTRjNjhmN2EwMzcyZjFkOWZhNjAyYjZkNDliNjdiOTA&expires=365 content-length 124 p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" date Sun, 01 Dec 2024 02:06:46 GMT pragma no-cache server nginx/1.22.1
GET H2	200	sd us-u.openx.net/w/1.0/ Redirect Chain https://d.adroll.com/cm/o/out?adroll_fpc=f6f18584f3f0dfa64880d1322d245465-1733018806519&flg=1&pv=17222300264.96989&arrfrr=https%3A%2F%2Fwww.ipqualityscore.com%2Fthreat-feeds%2Fmalicious-url-scanner... https://us-u.openx.net/w/1.0/sd?id=537103138&val=e4c68f7a0372f1d9fa602b6d49b67b90&gdpr=0&gdpr_consent= https://us-u.openx.net/w/1.0/sd?id=537103138&val=e4c68f7a0372f1d9fa602b6d49b67b90&gdpr=0&gdpr_consent=&cc=1	43 B 172 B	37ms 36ms	Image image/gif	34.98.64.218 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://us-u.openx.net/w/1.0/sd?id=537103138&val=e4c68f7a0372f1d9fa602b6d49b67b90&gdpr=0&gdpr_consent=&cc=1 Protocol H2 Server 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 218.64.98.34.bc.googleusercontent.com Software OXGW/0.0.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.ipqualityscore.com/ Response headers cache-control private, max-age=0, no-cache pragma no-cache x-forwarded-for 31.204.145.168 via 1.1 google expires Mon, 26 Jul 1997 05:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 p3p CP="CUR ADM OUR NOR STA NID" date Sun, 01 Dec 2024 02:06:46 GMT content-type image/gif vary Accept server OXGW/0.0.0 Redirect headers location https://us-u.openx.net/w/1.0/sd?id=537103138&val=e4c68f7a0372f1d9fa602b6d49b67b90&gdpr=0&gdpr_consent=&cc=1 x-forwarded-for 31.204.145.168 via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 p3p CP="CUR ADM OUR NOR STA NID" date Sun, 01 Dec 2024 02:06:46 GMT content-type text/plain; charset=utf-8 vary Origin server OXGW/0.0.0
GET H/1.1	200 OK	cookie-sync sync.outbrain.com/ Redirect Chain https://d.adroll.com/cm/outbrain/out?adroll_fpc=f6f18584f3f0dfa64880d1322d245465-1733018806519&flg=1&pv=17222300264.96989&arrfrr=https%3A%2F%2Fwww.ipqualityscore.com%2Fthreat-feeds%2Fmalicious-url-... https://sync.outbrain.com/cookie-sync?p=adroll&uid=ZTRjNjhmN2EwMzcyZjFkOWZhNjAyYjZkNDliNjdiOTA&gdpr=0&gdpr_consent=&us_privacy=1---	0 360 B	559ms 111ms	Image text/plain	52.250.45.119 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://sync.outbrain.com/cookie-sync?p=adroll&uid=ZTRjNjhmN2EwMzcyZjFkOWZhNjAyYjZkNDliNjdiOTA&gdpr=0&gdpr_consent=&us_privacy=1--- Protocol HTTP/1.1 Server 52.250.45.119 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.ipqualityscore.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control no-cache content-length 0 date Sun, 01 Dec 2024 02:06:47 GMT x-traceid 48765b516765b4631d8dfad94503bf96 Redirect headers cache-control no-store, no-cache, must-revalidate location https://sync.outbrain.com/cookie-sync?p=adroll&uid=ZTRjNjhmN2EwMzcyZjFkOWZhNjAyYjZkNDliNjdiOTA&gdpr=0&gdpr_consent=&us_privacy=1--- content-length 137 p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" date Sun, 01 Dec 2024 02:06:46 GMT pragma no-cache server nginx/1.22.1
GET H2	200	Pug image2.pubmatic.com/AdServer/ Redirect Chain https://d.adroll.com/cm/pubmatic/out?adroll_fpc=f6f18584f3f0dfa64880d1322d245465-1733018806519&flg=1&pv=17222300264.96989&arrfrr=https%3A%2F%2Fwww.ipqualityscore.com%2Fthreat-feeds%2Fmalicious-url-... https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=ZTRjNjhmN2EwMzcyZjFkOWZhNjAyYjZkNDliNjdiOTA&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXy...	42 B 586 B	32ms 4ms	Image image/gif	207.65.34.80 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=ZTRjNjhmN2EwMzcyZjFkOWZhNjAyYjZkNDliNjdiOTA&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA Protocol H2 Server 207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.ipqualityscore.com/ Response headers cache-control no-store, no-cache, private content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" date Sat, 30 Nov 2024 04:51:58 GMT content-type image/gif; charset=utf-8 server nginx Redirect headers cache-control no-store, no-cache, must-revalidate location https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=ZTRjNjhmN2EwMzcyZjFkOWZhNjAyYjZkNDliNjdiOTA&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA content-length 212 p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" date Sun, 01 Dec 2024 02:06:46 GMT pragma no-cache server nginx/1.22.1
GET H2	204	sync ups.analytics.yahoo.com/ups/55980/ Redirect Chain https://d.adroll.com/cm/r/out?adroll_fpc=f6f18584f3f0dfa64880d1322d245465-1733018806519&flg=1&pv=17222300264.96989&arrfrr=https%3A%2F%2Fwww.ipqualityscore.com%2Fthreat-feeds%2Fmalicious-url-scanner... https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=ZTRjNjhmN2EwMzcyZjFkOWZhNjAyYjZkNDliNjdiOTA&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=ZTRjNjhmN2EwMzcyZjFkOWZhNjAyYjZkNDliNjdiOTA&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true	0 316 B	81ms 81ms	Image text/html	2406:2000:a4:807:: YAHOO-SG internet...
General Check archive.org Show headers Download Go to Show image Full URL https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=ZTRjNjhmN2EwMzcyZjFkOWZhNjAyYjZkNDliNjdiOTA&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true Protocol H2 Server 2406:2000:a4:807:: , Taiwan, ASN10230 (YAHOO-SG internet content provider, SG), Reverse DNS Software ATS / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.ipqualityscore.com/ Response headers strict-transport-security max-age=31536000 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV date Sun, 01 Dec 2024 02:06:47 GMT age 1 content-type text/html server ATS referrer-policy no-referrer-when-downgrade Redirect headers strict-transport-security max-age=31536000 location https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=ZTRjNjhmN2EwMzcyZjFkOWZhNjAyYjZkNDliNjdiOTA&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true age 0 referrer-policy no-referrer-when-downgrade content-length 0 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV date Sun, 01 Dec 2024 02:06:46 GMT content-type text/html server ATS
GET H2	204	rtb-h sync.taboola.com/sg/adroll-network/1/ Redirect Chain https://d.adroll.com/cm/taboola/out?adroll_fpc=f6f18584f3f0dfa64880d1322d245465-1733018806519&flg=1&pv=17222300264.96989&arrfrr=https%3A%2F%2Fwww.ipqualityscore.com%2Fthreat-feeds%2Fmalicious-url-s... https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=ZTRjNjhmN2EwMzcyZjFkOWZhNjAyYjZkNDliNjdiOTA	0 366 B	264ms 55ms	Image text/plain	141.226.231.48 TABOOLA-AS Tabool...
General Check archive.org Show headers Download Go to Show image Full URL https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=ZTRjNjhmN2EwMzcyZjFkOWZhNjAyYjZkNDliNjdiOTA Protocol H2 Server 141.226.231.48 , Hong Kong, ASN200478 (TABOOLA-AS Taboola.com ltd, IL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.ipqualityscore.com/ Response headers x-fastly-to-nlb-rtt 53478 date Sun, 01 Dec 2024 02:06:46 GMT server nginx access-control-allow-credentials true Redirect headers cache-control no-store, no-cache, must-revalidate location https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=ZTRjNjhmN2EwMzcyZjFkOWZhNjAyYjZkNDliNjdiOTA content-length 111 p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" date Sun, 01 Dec 2024 02:06:46 GMT pragma no-cache server nginx/1.22.1
GET H2	200	xuid eb2.3lift.com/ Redirect Chain https://d.adroll.com/cm/triplelift/out?adroll_fpc=f6f18584f3f0dfa64880d1322d245465-1733018806519&flg=1&pv=17222300264.96989&arrfrr=https%3A%2F%2Fwww.ipqualityscore.com%2Fthreat-feeds%2Fmalicious-ur... https://eb2.3lift.com/xuid?mid=4714&xuid=ZTRjNjhmN2EwMzcyZjFkOWZhNjAyYjZkNDliNjdiOTA&dongle=c85e https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=ZTRjNjhmN2EwMzcyZjFkOWZhNjAyYjZkNDliNjdiOTA&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=	37 B 474 B	76ms 75ms	Image image/gif	35.71.178.8 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=ZTRjNjhmN2EwMzcyZjFkOWZhNjAyYjZkNDliNjdiOTA&dongle=c85e&gdpr=0&cmp_cs=&us_privacy= Protocol H2 Server 35.71.178.8 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ade9ecc7904667038.awsglobalaccelerator.com Software / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.ipqualityscore.com/ Response headers cache-control no-cache, no-store, must-revalidate content-length 37 p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" date Sun, 01 Dec 2024 02:06:47 GMT content-type image/gif Redirect headers cache-control no-cache, no-store, must-revalidate location /xuid?ld=1&mid=4714&xuid=ZTRjNjhmN2EwMzcyZjFkOWZhNjAyYjZkNDliNjdiOTA&dongle=c85e&gdpr=0&cmp_cs=&us_privacy= content-length 0 p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" date Sun, 01 Dec 2024 02:06:46 GMT
GET H2	200	bounce ib.adnxs.com/ Redirect Chain https://d.adroll.com/cm/x/out?adroll_fpc=f6f18584f3f0dfa64880d1322d245465-1733018806519&flg=1&pv=17222300264.96989&arrfrr=https%3A%2F%2Fwww.ipqualityscore.com%2Fthreat-feeds%2Fmalicious-url-scanner... https://ib.adnxs.com/setuid?entity=172&code=ZTRjNjhmN2EwMzcyZjFkOWZhNjAyYjZkNDliNjdiOTA https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DZTRjNjhmN2EwMzcyZjFkOWZhNjAyYjZkNDliNjdiOTA	43 B 1 KB	77ms 77ms	Image image/gif	103.43.90.179 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DZTRjNjhmN2EwMzcyZjFkOWZhNjAyYjZkNDliNjdiOTA Protocol H2 Server 103.43.90.179 Singapore, Singapore, ASN29990 (ASN-APPNEX, US), Reverse DNS 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net Software nginx/1.23.4 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.ipqualityscore.com/ Response headers cache-control no-store, no-cache, private pragma no-cache accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness access-control-allow-credentials true x-proxy-origin 31.204.145.168; 31.204.145.168; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com expires Sat, 15 Nov 2008 16:00:00 GMT access-control-allow-origin * an-x-request-uuid 68abde72-ae5b-41b3-91bf-d1a028436a1f content-length 43 p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" date Sun, 01 Dec 2024 02:06:47 GMT x-xss-protection 0 content-type image/gif server nginx/1.23.4 Redirect headers cache-control no-store, no-cache, private location https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DZTRjNjhmN2EwMzcyZjFkOWZhNjAyYjZkNDliNjdiOTA pragma no-cache accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness x-proxy-origin 31.204.145.168; 31.204.145.168; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com expires Sat, 15 Nov 2008 16:00:00 GMT an-x-request-uuid 7fe1c572-5122-4dc3-b650-8ac78fd05977 content-length 0 p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" date Sun, 01 Dec 2024 02:06:46 GMT x-xss-protection 0 content-type text/html; charset=utf-8 server nginx/1.23.4
GET H2	200	QH5KNCPWVVGO3ASVBQ3YGR ipv4.d.adroll.com/seg4/GAZYMRRILNEMVCKGJQ3466/	42 B 695 B	254ms 70ms	Image image/gif	13.250.82.172 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ipv4.d.adroll.com/seg4/GAZYMRRILNEMVCKGJQ3466/QH5KNCPWVVGO3ASVBQ3YGR?adroll_fpc=f6f18584f3f0dfa64880d1322d245465-1733018806519&flg=1&pv=17222300264.96989&arrfrr=https%3A%2F%2Fwww.ipqualityscore.com%2Fthreat-feeds%2Fmalicious-url-scanner%2Fharumon.hakusensha-cafe.com&cookie=&adroll_s_ref=&keyw=&p0=1194&adroll_external_data=&xa4=1&adroll_version=2.0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.250.82.172 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-250-82-172.ap-southeast-1.compute.amazonaws.com Software nginx/1.22.1 / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.ipqualityscore.com/ Response headers x-rule-type s access-control-expose-headers X-Conversion-Value, X-Conversion-Currency, X-Advertisable-Eid, X-Segment-Eid, X-Rule-Type, X-Pixel-Eid x-segment-eid XS76XFU4BNADRO5ARLN52I x-advertisable-eid GAZYMRRILNEMVCKGJQ3466 date Sun, 01 Dec 2024 02:06:46 GMT x-pixel-eid QH5KNCPWVVGO3ASVBQ3YGR content-type image/gif access-control-allow-headers * x-segment-display-name Ad - Re-engage Browse Abandoners - 2023-07-02 - 7CUTSOJ2CZHIRHCJTI8AUT - Entry - Extension (1) cache-control no-store, no-cache, must-revalidate access-control-request-methods GET pragma no-cache x-conversion-currency access-control-allow-credentials true x-conversion-value 0.0 access-control-allow-origin x-segment-name ad_reengage_browse_abandoners_20230702_7cutsoj2czhirhcjti8aut_entry_extension_1_ content-length 42 server nginx/1.22.1 x-rule */*
GET H3	200	/ www.google.com/pagead/1p-user-list/723801030/	42 B 64 B	42ms 42ms	Image image/gif	142.251.42.164 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/723801030/?random=1733018806496&cv=11&fst=1733018400000&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v899280775z8850256007za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ipqualityscore.com%2Fthreat-feeds%2Fmalicious-url-scanner%2Fharumon.hakusensha-cafe.com&hn=www.googleadservices.com&frm=0&tiba=Malicious%20URL%20Scanner%20%7C%20Scan%20URLs%20for%20Malware%20%7C%20Malware%20URL%20Checker&npa=0&pscdl=noapi&auid=1614906886.1733018806&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7dmxSePlNM2M9DwCOM1PmR1_2p5RCX6Hj5EnI85BHVezxnmMk_&random=994899252&rmt_tld=0&ipr=y Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.42.164 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS nrt12s46-in-f4.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.ipqualityscore.com/ Response headers content-security-policy script-src 'none'; object-src 'none' cache-control no-cache, no-store, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 42 date Sun, 01 Dec 2024 02:06:46 GMT x-xss-protection 0 content-type image/gif server cafe
GET H3	200	/ www.google.co.jp/pagead/1p-user-list/723801030/	42 B 64 B	42ms 42ms	Image image/gif	142.250.198.3 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.co.jp/pagead/1p-user-list/723801030/?random=1733018806496&cv=11&fst=1733018400000&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v899280775z8850256007za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ipqualityscore.com%2Fthreat-feeds%2Fmalicious-url-scanner%2Fharumon.hakusensha-cafe.com&hn=www.googleadservices.com&frm=0&tiba=Malicious%20URL%20Scanner%20%7C%20Scan%20URLs%20for%20Malware%20%7C%20Malware%20URL%20Checker&npa=0&pscdl=noapi&auid=1614906886.1733018806&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7dmxSePlNM2M9DwCOM1PmR1_2p5RCX6Hj5EnI85BHVezxnmMk_&random=994899252&rmt_tld=1&ipr=y Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.198.3 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt12s58-in-f3.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.ipqualityscore.com/ Response headers content-security-policy script-src 'none'; object-src 'none' cache-control no-cache, no-store, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 42 date Sun, 01 Dec 2024 02:06:46 GMT x-xss-protection 0 content-type image/gif server cafe
GET H2	200	trigger x.adroll.com/attribution/	2 B 468 B	211ms 69ms	Image text/plain	2406:da18:22e:4f09:2010:e9cb:70ba:92c1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://x.adroll.com/attribution/trigger?fpc=f6f18584f3f0dfa64880d1322d245465&advertisable_eid=GAZYMRRILNEMVCKGJQ3466&conversion_type=PageView&conversion_value=0.0&currency=USC&flg=1&pv=17222300264.96989&arrfrr=https%3A%2F%2Fwww.ipqualityscore.com%2Fthreat-feeds%2Fmalicious-url-scanner%2Fharumon.hakusensha-cafe.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2406:da18:22e:4f09:2010:e9cb:70ba:92c1 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.ipqualityscore.com/ Response headers content-length 2 date Sun, 01 Dec 2024 02:06:46 GMT attribution-reporting-register-trigger {"event_trigger_data":[{"trigger_data":"0","priority":"0","deduplication_key":"8946668266630156850","filters":{"source_type":["event"]}},{"trigger_data":"0","priority":"0","deduplication_key":"8946668266630156850","filters":{"source_type":["navigation"]}}],"debug_key":"14369704751882323108","debug_reporting":true,"filters":{"0":["GAZYMRRILNEMVCKGJQ3466"]}} content-type text/plain; charset=utf-8
POST H2	204	/ Show response px.ads.linkedin.com/wa/	0 201 B	149ms 147ms	XHR text/plain	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://px.ads.linkedin.com/wa/ Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.ipqualityscore.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Accept * Content-Type text/plain;charset=UTF-8 Response headers linkedin-action 1 x-li-pop afd-prod-ltx1-x nel {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true} x-msedge-ref Ref A: 039C8F85795E43BFB0701D678A970280 Ref B: TYAEDGE0716 Ref C: 2024-12-01T02:06:46Z x-li-fabric prod-ltx1 access-control-allow-credentials true report-to {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true} x-li-uuid AAYoK+Jf8ahKCJf/4ASv6Q== x-li-proto http/2 access-control-allow-origin https://www.ipqualityscore.com x-cache CONFIG_NOCACHE date Sun, 01 Dec 2024 02:06:46 GMT vary Origin