cto.br.media Open in urlscan Pro
2606:4700:3036::ac43:cab9 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://editorcontent.com/mw/index.php/campaigns/ps514pch35443/track-url/vz907elgze80c/c89be32803b02724c041a310ff9bae43d86...
Effective URL:
https://cto.br.media/media-pack/
Submission: On February 01 via manual (February 1st 2023, 9:33:17 am UTC) from TR — Scanned from JP

Summary HTTP 184 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 22 IPs in 4 countries across 21 domains to perform 184 HTTP transactions. The main IP is 2606:4700:3036::ac43:cab9, located in United States and belongs to CLOUDFLARENET, US. The main domain is cto.br.media.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 9th 2022. Valid for: a year.

This is the only time cto.br.media was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	41.216.180.122 41.216.180.122	400377 (AS-DC) (AS-DC)
63	2606:4700:303... 2606:4700:3036::ac43:cab9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	192.0.77.37 192.0.77.37	2635 (AUTOMATTIC) (AUTOMATTIC)
4	2404:6800:400... 2404:6800:4004:81f::200a	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:81f::2008	15169 (GOOGLE) (GOOGLE)
19	2404:6800:400... 2404:6800:4004:823::2002	15169 (GOOGLE) (GOOGLE)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
6	2404:6800:400... 2404:6800:4004:822::2003	15169 (GOOGLE) (GOOGLE)
1	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
12	2404:6800:400... 2404:6800:4004:801::2002	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:821::200e	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:813::2002	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:81f::2002	15169 (GOOGLE) (GOOGLE)
1	192.0.77.48 192.0.77.48	2635 (AUTOMATTIC) (AUTOMATTIC)
22	2404:6800:400... 2404:6800:4004:827::2001	15169 (GOOGLE) (GOOGLE)
4	2404:6800:400... 2404:6800:400a:80a::2002	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4004:823::2003	15169 (GOOGLE) (GOOGLE)
14	2404:6800:400... 2404:6800:4004:826::200e	15169 (GOOGLE) (GOOGLE)
1 2	2404:6800:400... 2404:6800:4004:80a::2004	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:823::200e	15169 (GOOGLE) (GOOGLE)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
7	142.251.42.130 142.251.42.130	15169 (GOOGLE) (GOOGLE)
1 1	2600:9000:206... 2600:9000:2066:9e00:19:fc2c:a140:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	54.146.129.158 54.146.129.158	14618 (AMAZON-AES) (AMAZON-AES)
1 1	150.95.47.241 150.95.47.241	7506 (INTERQ GM...) (INTERQ GMO Internet)
1	133.186.161.88 133.186.161.88	45974 (NHN-AS-KR...) (NHN-AS-KR NHN)
1 1	3.114.212.252 3.114.212.252	16509 (AMAZON-02) (AMAZON-02)
2 2	103.43.90.114 103.43.90.114	29990 (ASN-APPNEX) (ASN-APPNEX)
184	22

1 41.216.180.122 (Tokyo, Japan) 1 redirects

ASN400377 (AS-DC, US)
PTR: host0.editorcontent.com

editorcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

63 2606:4700:3036::ac43:cab9 (United States)

ASN13335 (CLOUDFLARENET, US)

cto.br.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 192.0.77.37 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

c0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:81f::200a (Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:81f::2008 (Australia)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2404:6800:4004:823::2002 (Australia)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2404:6800:4004:822::2003 (Australia)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i2.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2404:6800:4004:801::2002 (Australia)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:821::200e (Australia)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:813::2002 (Australia)

ASN15169 (GOOGLE, US)

adservice.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:81f::2002 (Australia)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org

s.w.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2404:6800:4004:827::2001 (Australia)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:400a:80a::2002 (Osaka, Japan)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:823::2003 (Australia)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2404:6800:4004:826::200e (Australia)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:80a::2004 (Australia) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:823::200e (Australia)

ASN15169 (GOOGLE, US)

mts0.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.251.42.130 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s45-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2066:9e00:19:fc2c:a140:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.146.129.158 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-129-158.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 150.95.47.241 (Japan) 1 redirects

ASN7506 (INTERQ GMO Internet,Inc, JP)
PTR: v150-95-47-241.a00c.g.jpt1.static.cnode.io

sync.dsp.reemo-ad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 133.186.161.88 (Japan)

ASN45974 (NHN-AS-KR NHN, KR)

app.cauly.co.kr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.114.212.252 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-114-212-252.ap-northeast-1.compute.amazonaws.com

cc.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.43.90.114 (Singapore) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 602.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
63	br.media cto.br.media	359 KB
41	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	484 KB
20	wp.com c0.wp.com — Cisco Umbrella Rank: 6861 stats.wp.com — Cisco Umbrella Rank: 2634 i0.wp.com — Cisco Umbrella Rank: 2986 pixel.wp.com — Cisco Umbrella Rank: 2462	89 KB
19	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 70 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1957 www.google.com — Cisco Umbrella Rank: 2 mts0.google.com — Cisco Umbrella Rank: 3981	54 KB
18	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 29 cm.g.doubleclick.net — Cisco Umbrella Rank: 211	141 KB
9	gstatic.com fonts.gstatic.com www.gstatic.com	164 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 186	193 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34	3 KB
2	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 409	2 KB
2	google.co.jp adservice.google.co.jp — Cisco Umbrella Rank: 39751	696 B
1	adingo.jp 1 redirects cc.adingo.jp — Cisco Umbrella Rank: 5463	422 B
1	cauly.co.kr app.cauly.co.kr — Cisco Umbrella Rank: 88114	161 B
1	reemo-ad.jp 1 redirects sync.dsp.reemo-ad.jp — Cisco Umbrella Rank: 94795	362 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 651	696 B
1	agkn.com 1 redirects d.agkn.com — Cisco Umbrella Rank: 661	697 B
1	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 353	699 B
1	w.org s.w.org — Cisco Umbrella Rank: 1476	751 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 858	462 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 21	251 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	76 KB
1	editorcontent.com 1 redirects editorcontent.com	578 B
184	21

	Domain	Requested by
63	cto.br.media	cto.br.media
22	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
19	pagead2.googlesyndication.com	cto.br.media c0.wp.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
17	c0.wp.com	cto.br.media
14	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
11	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net cto.br.media
7	cm.g.doubleclick.net	googleads.g.doubleclick.net
6	fonts.gstatic.com	fonts.googleapis.com
4	www.googletagservices.com	googleads.g.doubleclick.net
4	fonts.googleapis.com	cto.br.media googleads.g.doubleclick.net
3	www.gstatic.com	googleads.g.doubleclick.net
2	secure.adnxs.com	2 redirects
2	www.google.com	1 redirects tpc.googlesyndication.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.co.jp	pagead2.googlesyndication.com
1	cc.adingo.jp	1 redirects
1	app.cauly.co.kr	googleads.g.doubleclick.net
1	sync.dsp.reemo-ad.jp	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	d.agkn.com	1 redirects
1	px.ads.linkedin.com	1 redirects
1	mts0.google.com	googleads.g.doubleclick.net
1	s.w.org	cto.br.media
1	pixel.wp.com	cto.br.media
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google-analytics.com	www.googletagmanager.com
1	i0.wp.com	cto.br.media
1	stats.wp.com	cto.br.media
1	www.googletagmanager.com	cto.br.media
1	editorcontent.com	1 redirects
184	30

This site contains links to these domains. Also see Links.

Domain
cfo.br.media
ceo.br.media
coo.br.media
www.linkedin.com
theaccountancycloud.com
www.fupping.media

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-07-09` - `2023-07-08`	a year	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-14` - `2023-12-15`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google.co.jp GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.w.org Sectigo ECC Domain Validation Secure Server CA	`2022-12-06` - `2024-01-06`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.cauly.co.kr Sectigo RSA Organization Validation Secure Server CA	`2022-02-24` - `2023-03-06`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh

This page contains 15 frames:

Primary Page: https://cto.br.media/media-pack/
Frame ID: 5DCA8033459CEC70D73EC41CBD5C7192
Requests: 122 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20190131/zrt_lookup.html
Frame ID: B1C34A00EF5E66B5AA07FC6A025A2834
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1286340303513484&output=html&adk=1812271804&adf=3025194257&lmt=1675243990&plat=3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=188x945_r&format=0x0&url=https%3A%2F%2Fcto.br.media%2Fmedia-pack%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675243989897&bpp=3&bdt=1039&idt=209&shv=r20230124&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7636816473716&frm=20&pv=2&ga_vid=1555480699.1675243990&ga_sid=1675243990&ga_hid=1149820971&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071259%2C31071854%2C44779793&oid=2&pvsid=3437753840299782&tmod=220244313&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=239
Frame ID: 98AE7F91C28DD621F7DAC1B2587068F5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1286340303513484&output=html&h=280&slotname=8311518838&adk=3087661368&adf=4217086742&pi=t.ma~as.8311518838&w=1132&fwrn=4&fwrnh=100&lmt=1675243990&rafmt=1&format=1132x280&url=https%3A%2F%2Fcto.br.media%2Fmedia-pack%2F&host=ca-host-pub-2644536267352236&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675243989900&bpp=2&bdt=1042&idt=241&shv=r20230124&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7636816473716&frm=20&pv=1&ga_vid=1555480699.1675243990&ga_sid=1675243990&ga_hid=1149820971&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=234&ady=176&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071259%2C31071854%2C44779793&oid=2&pvsid=3437753840299782&tmod=220244313&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ztq1h8H7mx&p=https%3A//cto.br.media&dtd=245
Frame ID: 099793AE1AFCB67F8D98219A85E92F03
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/2e6kLxeeSlTXLHIHKIZu8zKMmhAlZmQUgR37z8_ueWI.js
Frame ID: 318E389BD1DEA1C8674AADEE598D5177
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-1286340303513484&output=html&h=280&adk=753307431&adf=2459396529&pi=t.aa~a.317958716~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1675243991&rafmt=1&to=qs&pwprc=8474524197&format=1200x280&url=https%3A%2F%2Fcto.br.media%2Fmedia-pack%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675243990963&bpp=3&bdt=2105&idt=-M&shv=r20230124&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D59c21fc39db18073-22fc38c57ed90085%3AT%3D1675243990%3ART%3D1675243990%3AS%3DALNI_MZ61cUoAkR6kK4Sn_MNemGO5G4-Xg&gpic=UID%3D00000bb2f74b3a3e%3AT%3D1675243990%3ART%3D1675243990%3AS%3DALNI_Mbe6zvVHgqvCe3lVfhQO5kYiOYInA&prev_fmts=0x0%2C1132x280&nras=2&correlator=7636816473716&frm=20&pv=1&ga_vid=1555480699.1675243990&ga_sid=1675243990&ga_hid=1149820971&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2568&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071259%2C31071854%2C44779793&oid=2&psts=AD37Y7tIGEmBqOP5kyyNQ7sAwq8BZJxdgVAWykdP7158vTDfbE20qFfu56eapUfEnnS_pRseFUE0xqo0HCgdQSk&pvsid=3437753840299782&tmod=220244313&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=oQ1oeYLtNw&p=https%3A//cto.br.media&dtd=93
Frame ID: D53694798F91F75BC91CA41FEEB3CBB9
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1
Frame ID: DD4D7804C32B14E5FB2F4A6A79D31675
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1
Frame ID: DD6BE796A753A302B0BDF7DCA200B1C1
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D6FBB60501431AA978609668C1EC474E
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/2e6kLxeeSlTXLHIHKIZu8zKMmhAlZmQUgR37z8_ueWI.js
Frame ID: 3D05F224161DF669E859F93A6A212CE6
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/2e6kLxeeSlTXLHIHKIZu8zKMmhAlZmQUgR37z8_ueWI.js
Frame ID: 097D1DF28CBA4E30059EAD3090768B35
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 308CBFD13B6B4F87F516442598A66F07
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/2e6kLxeeSlTXLHIHKIZu8zKMmhAlZmQUgR37z8_ueWI.js
Frame ID: 35CB8060A73C467DE79DF63AA4EC0014
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DF3D5D3F73912D8C0CBFA4D493C5845D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BF01370A6C79AC5956F88DFE8550380B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Media Pack - CTO

Page URL History Show full URLs

https://editorcontent.com/mw/index.php/campaigns/ps514pch35443/track-url/vz907elgze80c/c89be32803b0272... HTTP 301
https://cto.br.media/media-pack/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

184
Requests

97 %
HTTPS

61 %
IPv6

21
Domains

30
Subdomains

22
IPs

4
Countries

1566 kB
Transfer

4421 kB
Size

19
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://cfo.br.media/
Title: Chief Financial Officer

Search URL Search Domain Scan URL

URL: https://ceo.br.media/
Title: Chief Executive Officer

Search URL Search Domain Scan URL

URL: https://coo.br.media/
Title: Chief Operating Officer

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/cto-boardroom-media/
Title: linkedin

Search URL Search Domain Scan URL

URL: https://theaccountancycloud.com/resources/blogs/weve-been-showcased-as-one-of-the-top-business-intelligence-companies-startups-in-the-uk-by-welp-magazine
Title: https://theaccountancycloud.com/resources/blogs/weve-been-showcased-as-one-of-the-top-business-intelligence-companies-startups-in-the-uk-by-welp-magazine

Search URL Search Domain Scan URL

URL: https://www.fupping.media/%22
Title: Fupping Media

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://editorcontent.com/mw/index.php/campaigns/ps514pch35443/track-url/vz907elgze80c/c89be32803b02724c041a310ff9bae43d86384a1 HTTP 301
https://cto.br.media/media-pack/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 139

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 160

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEBShtRyIX1fA_Cte5EzkvWA&google_cver=1&google_push=Aa02lx9RS7hHKQUaK6vmr1Lq_hHuRFHUlMJby0LBDKufcnTY96E1Bap2KAgUjTECI_GjRXlX0KVp1gVZW_zdJiQ6KjJr9V40RfCDeg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=Aa02lx9RS7hHKQUaK6vmr1Lq_hHuRFHUlMJby0LBDKufcnTY96E1Bap2KAgUjTECI_GjRXlX0KVp1gVZW_zdJiQ6KjJr9V40RfCDeg

Request Chain 161

https://d.agkn.com/pixel/2175/?google_gid=CAESEOLNw49EU8mz0B6esoV_oqk&google_cver=1&google_push=Aa02lx91Rg_Eal39Axrd4ZXbEvBkRMDDb7E0XYZuRpTA63cQnjseL3igIGvWJX2qkKv2HctA4eLOeCY7d3XvhNHf4e5mfeiWE2hAfQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=Aa02lx91Rg_Eal39Axrd4ZXbEvBkRMDDb7E0XYZuRpTA63cQnjseL3igIGvWJX2qkKv2HctA4eLOeCY7d3XvhNHf4e5mfeiWE2hAfQ&google_hm=Q0FFU0VPTE53NDlFVThtejBCNmVzb1Zfb3Fr

Request Chain 162

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEP4leSvtZanwf70sq89e7t8&google_cver=1&google_push=Aa02lx-55AgW-fSdAQMHTOpL5QIa408tkxbnboY-FhkM-CL9qHEjJIm0eQSvC7Gp8rG7B83WNFjLWYwf3m9KmDNpE3NAlgTTHlVv2w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=z6aZDIK8Q7xNSLRwj-71ydmK_Kc&google_push=Aa02lx-55AgW-fSdAQMHTOpL5QIa408tkxbnboY-FhkM-CL9qHEjJIm0eQSvC7Gp8rG7B83WNFjLWYwf3m9KmDNpE3NAlgTTHlVv2w

Request Chain 163

https://sync.dsp.reemo-ad.jp/google_adx?google_gid=CAESENp8u-RCKdUNO8JBGmPsDlc&google_cver=1&google_push=Aa02lx_wNaLAaDH2yKxfPS4IDLi-T002nL8sE9DFkEJxyYll0-3YWh1a4hwZHSZuVvRO_dq0_oPZjEmTYp3NFrXU7NwVSr3rHZIxvA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=Aa02lx_wNaLAaDH2yKxfPS4IDLi-T002nL8sE9DFkEJxyYll0-3YWh1a4hwZHSZuVvRO_dq0_oPZjEmTYp3NFrXU7NwVSr3rHZIxvA

Request Chain 165

https://cc.adingo.jp/adx/push/?google_gid=CAESEFWnkt7JaKLagJv7gDlKTVk&google_cver=1&google_push=Aa02lx_ljXxmd7UVwQ5NpQuoLPjCHCdZGZ3INwe5XnHpDNwwDSs31i_zYIfCXpOSFC8Ab3XkgXOVHeT7Px3vhcVTolREaNXHE29OuA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=Aa02lx_ljXxmd7UVwQ5NpQuoLPjCHCdZGZ3INwe5XnHpDNwwDSs31i_zYIfCXpOSFC8Ab3XkgXOVHeT7Px3vhcVTolREaNXHE29OuA&google_hm=8afc5cad9784888324003aed90f3de8e

Request Chain 166

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEO2lWiuKw7-6sqXxJvSX5qo&google_cver=1&google_push=Aa02lx_6FJy5IKThmrQqp0TH6hOgXOu_MCrWHrrOB3UQSEDx3XR_Fg2SmymR9-7VUc6kmvHN3q5hgwcjBGgs8zNFfAsQQf1OIts_CA HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEO2lWiuKw7-6sqXxJvSX5qo%26google_cver%3D1%26google_push%3DAa02lx_6FJy5IKThmrQqp0TH6hOgXOu_MCrWHrrOB3UQSEDx3XR_Fg2SmymR9-7VUc6kmvHN3q5hgwcjBGgs8zNFfAsQQf1OIts_CA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjM0ODUyNDU0ODIzMjg5Nzc3Mw%3D%3D&google_gid=CAESEO2lWiuKw7-6sqXxJvSX5qo&google_cver=1&google_push=Aa02lx_6FJy5IKThmrQqp0TH6hOgXOu_MCrWHrrOB3UQSEDx3XR_Fg2SmymR9-7VUc6kmvHN3q5hgwcjBGgs8zNFfAsQQf1OIts_CA

184 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
cto.br.media/media-pack/
Redirect Chain

https://editorcontent.com/mw/index.php/campaigns/ps514pch35443/track-url/vz907elgze80c/c89be32803b02724c041a310ff9bae43d86384a1
https://cto.br.media/media-pack/

107 KB
21 KB

641ms
597ms

Document
text/html

2606:4700:3036::ac43:cab9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cto.br.media/media-pack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:cab9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.15

Resource Hash

9dac700d60700abff363d4ba6b2ecf46b879c9754f20bbc805a2c3ac4417edf7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=0, no-cache, s-maxage=10
cf-cache-status: DYNAMIC
cf-ray: 7929af0ebef7afc9-NRT
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 01 Feb 2023 09:33:08 GMT
link: <https://cto.br.media/wp-json/>; rel="https://api.w.org/", <https://cto.br.media/wp-json/wp/v2/pages/6342>; rel="alternate"; type="application/json", <https://cto.br.media/?p=6342>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=syqLiYoWnYz713chre836ktq%2FPcSL9K6MsMgLiT%2FqqJ%2FEOjKni2ObvEr0ZPLxE7Wm6Oc%2FIVCAsELpSmBJy0K0Tmg4yPxUGsUt7Mn7ljSSBT0ECWqWTrBAUHP1OJ7wtWMEcMQHB67%2FDtmblo%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-mod-pagespeed: 1.13.35.2-0
x-powered-by: PHP/7.4.15

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
Connection: Keep-Alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Wed, 01 Feb 2023 09:33:07 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Keep-Alive: timeout=5, max=100
Last-Modified: Wed, 01 Feb 2023 09:33:07 GMT
Location: https://cto.br.media/media-pack/
Pragma: no-cache
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
X-Frame-Options: SAMEORIGIN
X-Powered-By: PHP/7.2.34
X-XSS-Protection: 1; mode=block

GET
H2 200 mediaelementplayer-legacy.min.css
c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/ 11 KB
3 KB 33ms
1ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-nc: HIT nrt 1
date: Wed, 01 Feb 2023 09:33:08 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Thu, 01 Feb 2024 09:33:08 GMT

GET
H2 200 wp-mediaelement.min.css
c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/ 4 KB
1 KB 33ms
1ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/wp-mediaelement.min.css

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-nc: HIT nrt 1
date: Wed, 01 Feb 2023 09:33:08 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Thu, 01 Feb 2024 09:33:08 GMT

GET
H2 200 blocks.style.build.css
cto.br.media/wp-content/plugins/metronet-profile-picture/dist/ 27 KB
3 KB 36ms
6ms Stylesheet
text/css 2606:4700:3036::ac43:cab9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cto.br.media/wp-content/plugins/metronet-profile-picture/dist/blocks.style.build.css?ver=2.6.0

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:cab9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0da2aee6cc32a9bc1dc66cfba7518a6d47d1337202d6ee94a6174f25c720e94

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/media-pack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:08 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5
cf-polished: origSize=27760
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 25 Jun 2021 13:21:19 GMT
server: cloudflare
etag: W/"6c70-5c59703ea7782-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0V4FwroysNC7VejWL3FQeWdEGZRR%2FUCLHBkz%2B8mw2bgi%2FySlTU6uJoFMOJQM6nESvHwrDw8zDaY2xcmTK0HPHvoXzEk%2Fl8KR48qQzWSnHOcRDtmNp74%2BDSvHNYxYCGpM7FD4QLwwSu6y7WY%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400, s-maxage=10
cf-ray: 7929af12ac4fafc9-NRT

GET
H2 200 classic-themes.min.css
c0.wp.com/c/6.1.1/wp-includes/css/ 217 B
280 B 33ms
2ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.1.1/wp-includes/css/classic-themes.min.css

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-nc: HIT nrt 1
date: Wed, 01 Feb 2023 09:33:08 GMT
strict-transport-security: max-age=15552000
last-modified: Tue, 25 Oct 2022 13:45:16 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
content-length: 217
expires: Thu, 01 Feb 2024 09:33:08 GMT

GET
H3 200 style.min.css
cto.br.media/wp-content/plugins/ad-ace/assets/css/ 7 KB
2 KB 533ms
510ms Stylesheet
text/css 2606:4700:3036::ac43:cab9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cto.br.media/wp-content/plugins/ad-ace/assets/css/style.min.css?ver=1.3.27

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:cab9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49e350f949fb0eb20cfddc436ad42abeddb557c89836e533db621897cf47466c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/media-pack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:09 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Tue, 30 Aug 2022 19:31:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1a34-5e77a6cc0a478-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vc9DJzG7jRIQMS%2BkgPxdz8c5ovTraOHueHq5ajSdZQGc0gmzdjYF5tI%2FjLEjss82OcxNrh9WrHExLOEUukkxnwNSoXOncD2fgsEuAkDA2IvSGXufJgDSZZXtoKLmJa5HnWroKq3MeGPgW0w%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400, s-maxage=10
cf-ray: 7929af12ab5a3535-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 shoppable-images-front.min.css
cto.br.media/wp-content/plugins/ad-ace/assets/css/ 6 KB
2 KB 535ms
511ms Stylesheet
text/css 2606:4700:3036::ac43:cab9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cto.br.media/wp-content/plugins/ad-ace/assets/css/shoppable-images-front.min.css?ver=1.3.27

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:cab9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30cd961db82d46c3ac5c6a4abb291fcdc9e1bd4ded973363d2c8dad8039bf3df

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/media-pack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:09 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Tue, 30 Aug 2022 19:31:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"19e6-5e77a6cc0a478-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZXBdDOoM5XRoOWDfq4FIKeaMOca4zFjg0COeeJKXDQ%2BA2zI0PaSDjmBmMfsE%2BZDnf6fK3WVePgoERaOshfxIq4PbhDYmAeBXqfQa4YElx3SP8FfrNXEW1XIj7krE6oWix0rXaSl%2BDentxvw%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400, s-maxage=10
cf-ray: 7929af12ab5b3535-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 all.min.css
cto.br.media/wp-content/plugins/comment-ace/assets/css/ 10 KB
3 KB 522ms
498ms Stylesheet
text/css 2606:4700:3036::ac43:cab9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cto.br.media/wp-content/plugins/comment-ace/assets/css/all.min.css?ver=1.0.7

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:cab9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b265c14f4af40744077ce7b5de3ac6488aa0806e709f9d185ab65e31610b060

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/media-pack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:09 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Tue, 30 Aug 2022 19:31:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2686-5e77a6cc288d7-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hNK%2BWrUct%2BLPxaz1pG0B2f707lPsNqyvZ%2Fi4XNcuhJ0SHzlJEslQwU6vxsrumtPhwfjBLW6O8e%2BvL%2BonFcL6Wq6MWKKW7BiJhfaZH0pqwXHLs3vgqhjapvPzLNIy8RXIKhBQL1QKy0zGxxc%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400, s-maxage=10
cf-ray: 7929af12ab5c3535-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 mashsb.min.css
cto.br.media/wp-content/plugins/mashsharer/assets/css/ 46 KB
28 KB 824ms
801ms Stylesheet
text/css 2606:4700:3036::ac43:cab9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cto.br.media/wp-content/plugins/mashsharer/assets/css/mashsb.min.css?ver=3.8.7

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:cab9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0500bd58f47403106f2f10da96d8d196941a02a4046e88611a59494557861f98

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/media-pack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:09 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sat, 21 Jan 2023 19:32:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"b6e3-5f2cb39fb72ac-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=63f%2FqczOYq%2FlS57DY5efivDlp9FCPEbhVbrjwRuf8HcmyAur0Oh72Esa%2FI7%2FDHrSfJ3KYWFlo2rPnH8b%2FAP0HyW34F62BD%2BoWJhjF%2FAv70zB1T1TAFV7FhV6U0IRWGoILz3u%2FpuVoZ8zUgw%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400, s-maxage=10
cf-ray: 7929af12ab5d3535-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 youtube.min.css
cto.br.media/wp-content/plugins/media-ace/includes/lazy-load/assets/css/ 1019 B
908 B 509ms
486ms Stylesheet
text/css 2606:4700:3036::ac43:cab9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cto.br.media/wp-content/plugins/media-ace/includes/lazy-load/assets/css/youtube.min.css?ver=1.4.12

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:cab9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91f8456df712188504db6297b5a7e05225cf9466910e68c754a138ba79060546

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/media-pack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:09 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sat, 29 May 2021 20:45:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3fb-5c37e112a8203-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C8YgorgJJOObKPrGUFd9%2BmPgYXml%2Fjn4bAk6gp4uaf03tt3ipmBFDZdXMf7pWHPpct4Nu4L5ELOsoT%2FalV0h1AHgYtv4Ew9hAiO0XmY638P8nfYH1GLnUTUMnXt9hKIb1vI4LuCD0V%2BapD4%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400, s-maxage=10
cf-ray: 7929af12ab5e3535-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 gallery.min.css
cto.br.media/wp-content/plugins/media-ace/includes/gallery/css/ 13 KB
3 KB 505ms
483ms Stylesheet
text/css 2606:4700:3036::ac43:cab9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cto.br.media/wp-content/plugins/media-ace/includes/gallery/css/gallery.min.css?ver=6.1.1

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:cab9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65125c9094777f67a9ff4142953b40709a43718de763e7fd23e63fa18d53fa79

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/media-pack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:09 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sat, 29 May 2021 20:45:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3425-5c37e112a62c3-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SXoUQOgLHLAhftSJ7A0NRXn%2Fv5bbf1h83tEsTA4wAGWIYZq2N2v0%2B8IULqPamfD59WDD14mFFViba17935yTeJ%2FGJkO5Pb2ghNOO0V5sju%2BuMTkEBic0f3oC3HG054lJjOy%2BXYWV0puYeY8%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400, s-maxage=10
cf-ray: 7929af12ab5f3535-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 magnific-popup.css
cto.br.media/wp-content/plugins/snax/assets/js/jquery.magnific-popup/ 7 KB
2 KB 561ms
540ms Stylesheet
text/css 2606:4700:3036::ac43:cab9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cto.br.media/wp-content/plugins/snax/assets/js/jquery.magnific-popup/magnific-popup.css?ver=6.1.1

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:cab9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45d1f5f6cf913746c45dd697b1a8f3b719c02d8b3f678dc7fc2766d54e1aaf6e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/media-pack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:09 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Tue, 30 Aug 2022 19:31:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1b27-5e77a6cc84592-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bwA4D0w38lHeNgdUcEpKl%2BK0AuIKDhhHlr9LKWUlXZdDXOEQNXDCrTpzUBLtEL9OfWCXjANN5XifZ6X89zYuWnqNvK3MRYorVKTs3L8SArVMflazuo8G%2B6kWyPX2HkLpnPh0UHH4uuN%2FBk8%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400, s-maxage=10
cf-ray: 7929af12ab603535-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 snax.min.css
cto.br.media/wp-content/plugins/snax/css/ 48 KB
8 KB 560ms
538ms Stylesheet
text/css 2606:4700:3036::ac43:cab9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cto.br.media/wp-content/plugins/snax/css/snax.min.css?ver=1.93

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:cab9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8bd0ece453523856db6704ce9e88360cd63332528e1fe83cc60731e21109f6f1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/media-pack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:09 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Tue, 30 Aug 2022 19:31:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"be74-5e77a6cc85532-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dcmi8C4ayP9nAyFEoVbZxxTHa04IJ0DrSAp44bzzifsL6FMFvBs0UC%2By5C1Q9k02zc6lyvYgmtg6Wb2LaoMBml9YSkG8RIGaEPNgJKu%2BmrVPuPMzvJimBkICk8PQY3jhfRcLe9KO%2FTPuvOg%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400, s-maxage=10
cf-ray: 7929af12ab623535-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 main.min.css
cto.br.media/wp-content/plugins/whats-your-reaction/css/ 5 KB
1 KB 497ms
476ms Stylesheet
text/css 2606:4700:3036::ac43:cab9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cto.br.media/wp-content/plugins/whats-your-reaction/css/main.min.css?ver=1.3.19

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:cab9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be782e7a599f69742b110ad7060bb33567b4cf4c0a2178a0691529bdecd0bae5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/media-pack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:09 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Tue, 30 Aug 2022 19:31:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1249-5e77a6cd87224-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0s%2BU4xpRM76QS5Kb5fW7Gko6eSjhJWDKpXI%2FqxOVRx5tZGYNnvW1OLtyeNjQolcEtEA9kl6On%2FQdU%2FMGF7c7vTjr3PzasXp6d7ODUtBXsAcUvGUXWxYNIkFuVAz2Wjvqzrn%2BFG7PVb3D%2B0M%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400, s-maxage=10
cf-ray: 7929af12ab633535-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 wpp.css
cto.br.media/wp-content/plugins/wordpress-popular-posts/assets/css/ 438 B
738 B 536ms
514ms Stylesheet
text/css 2606:4700:3036::ac43:cab9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cto.br.media/wp-content/plugins/wordpress-popular-posts/assets/css/wpp.css?ver=6.1.1

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:cab9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07a391e09587513aa78421c34ed482a17a5e003c2132edd96227d53831a131b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/media-pack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-original-content-length: 1672
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
etag: W/"PSA-aj-rh3OQpf9JT"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u7JhO85tZpggHf4ZLXJL17llVj%2BzvumsqeWHUD%2FWueA2UFL0l3iS83ZRFhlVEgsSCQdQjz6A77%2Fvp209ECxZA65X4cofD23hvG1WElyGZ%2FhvGDu5MOk55MfoXKn39vXQOZ4Wv3jVsOzNomU%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 7929af12ab643535-NRT
expires: Wed, 01 Feb 2023 09:37:47 GMT

GET
H3 200 all-light.min.css
cto.br.media/wp-content/themes/bimber/css/9.2.3/styles/news/ 204 KB
33 KB 831ms
810ms Stylesheet
text/css 2606:4700:3036::ac43:cab9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cto.br.media/wp-content/themes/bimber/css/9.2.3/styles/news/all-light.min.css?ver=9.2.3

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:cab9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b1fd3009652799cf308c79dac8f461c2781000df76072eeffd4206d1df3978e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/media-pack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:09 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Mon, 29 Aug 2022 22:04:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"330a3-5e76873783ea6-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7gRB4AzTdQmJLith8SWMjxRdZ1zhduYd2LEj%2F5sRDbkzTmcst2nwLyHmxfwoEa%2FkMgwdy%2FuUQuPN2YGPAwpG366PnXD98AJRvfmJbTHZDWQsC9xK1e0J5wy6psNGNCL1P9JLTRl82c4INNE%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400, s-maxage=10
cf-ray: 7929af12ab653535-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 single-light.min.css
cto.br.media/wp-content/themes/bimber/css/9.2.3/styles/news/ 52 KB
9 KB 546ms
526ms Stylesheet
text/css 2606:4700:3036::ac43:cab9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cto.br.media/wp-content/themes/bimber/css/9.2.3/styles/news/single-light.min.css?ver=9.2.3

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:cab9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c68f62e403b46bce8f99fac833852234dcbe775b6102df80ea668e11e5d0028f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/media-pack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:09 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Mon, 29 Aug 2022 22:04:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"ce79-5e76873784e46-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kl%2BX922N7Pc84Wo7sgfHmWMcVlUv9uMt9JJ029o%2FBn9cUR9XK9aEC%2BVZfIdHdmcO7YYGkJpimNSXP4gA4FgVIIKGFBOIqvju%2FT14Ria%2BenECyurU3eZqrpWXt5G4C8M28kymIVbnp94m%2Btg%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400, s-maxage=10
cf-ray: 7929af12ab663535-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 comments-light.min.css
cto.br.media/wp-content/themes/bimber/css/9.2.3/styles/news/ 5 KB
2 KB 517ms
497ms Stylesheet
text/css 2606:4700:3036::ac43:cab9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cto.br.media/wp-content/themes/bimber/css/9.2.3/styles/news/comments-light.min.css?ver=9.2.3

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:cab9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a645f960e35a35cdc7b4de70fb2d471865d2ba6d9587e0e500f4f4c79b5e15e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/media-pack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:09 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Mon, 29 Aug 2022 22:04:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"12f3-5e76873784e46-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oqZEL3%2Flp%2F7TxKk75VL%2F8zKMSRvyShJOJJOk9Z7ICbPPpsImcVXWtU7ElSskwKikPjBZo%2FdXyR%2Bygf4ymV5GJRqsAhmgX21dIlO4GBWwWFpw1SUSHXC5XGc%2FWk2N%2FZik56LvzWj55zKbqTQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400, s-maxage=10
cf-ray: 7929af12ab673535-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1001 B 102ms
43ms Stylesheet
text/css 2404:6800:4004:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat%3A400%2C500%2C700&subset=latin%2Clatin-ext&display=swap&ver=9.2.3

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81f::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fe4ded55789f78204754a353d124951e36b60128ca671450e55b5f328927f786

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 01 Feb 2023 09:33:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 09:33:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 01 Feb 2023 09:33:08 GMT

GET
H3 200 dynamic-style-1662767166.css
cto.br.media/wp-content/uploads/ 12 KB
3 KB 530ms
512ms Stylesheet
text/css 2606:4700:3036::ac43:cab9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cto.br.media/wp-content/uploads/dynamic-style-1662767166.css

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:cab9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e6b20b7ed414b689efecfbe17b3319fb3555564a5245e258a18af342efd9a81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/media-pack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-original-content-length: 13952
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
etag: W/"PSA-aj-EkrtRdqSdl"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g%2FOgBW9xP8Sncd%2Fhs86FtAN66nM5LVROvbVCsJdtW0Rf6RWhi7bJeRoBg8czj2ifxyB%2FIOfHX3IneF%2B6U53ZVW8ceYvHlf3PodkPetvgfipvZV%2FR79QKRg0kYXLw4oaapANEXu9R01s17oc%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 7929af12ab683535-NRT
expires: Wed, 01 Feb 2023 09:37:48 GMT

GET
H3 200 style.css
cto.br.media/wp-content/themes/bimber-child-theme/ 0
522 B 557ms
539ms Stylesheet
text/css 2606:4700:3036::ac43:cab9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cto.br.media/wp-content/themes/bimber-child-theme/style.css?ver=6.1.1

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:cab9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/media-pack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-original-content-length: 500
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
etag: W/"PSA-aj-1B2M2Y8Asg"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BblJeL%2BsIJQE0PY2aXuk58iL%2Fzl006iBi4OYOi2grbh2D7uHSNCnyPQDHx%2FnEE4ENQlde8bFwVX3x%2BslyLfbbFsA%2FbOeb9pQ03UbDkNEM0KzzrlrR6mldivMqhFHNUiCdlcWUjBsJQrys4s%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 7929af12ab693535-NRT
expires: Wed, 01 Feb 2023 09:37:47 GMT

GET
H3 200 snax-extra-light.min.css
cto.br.media/wp-content/themes/bimber/css/9.2.3/styles/news/ 24 KB
5 KB 537ms
521ms Stylesheet
text/css 2606:4700:3036::ac43:cab9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cto.br.media/wp-content/themes/bimber/css/9.2.3/styles/news/snax-extra-light.min.css?ver=9.2.3

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:cab9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75c5395697a6947e4b34817ce5eb71dba0566e2ede89712932e48f8eb8eded7f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/media-pack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:09 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Mon, 29 Aug 2022 22:04:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5f04-5e76873784e46-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GxaHHgTLUkITXCrTpNlFGt%2B4tQWH7faWZ%2B8Q7UGREsGokZjZ3AAG1HnBYhUgcbxuV4wa46KKMCBB4%2Bjljkeb5ShAfnz2deDsVy8%2BAtgdJTnbaR0bdINKkwNaHwecswzTwb5QiCTFsB6bw%2BU%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400, s-maxage=10
cf-ray: 7929af12ab6a3535-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 vc-light.min.css
cto.br.media/wp-content/themes/bimber/css/9.2.3/styles/news/ 327 B
696 B 525ms
510ms Stylesheet
text/css 2606:4700:3036::ac43:cab9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cto.br.media/wp-content/themes/bimber/css/9.2.3/styles/news/vc-light.min.css?ver=9.2.3

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:cab9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8baf69be2c589d0051b5177cf6c3f1302c4c1e1e4a9088b3222d3be5053e9257

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/media-pack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:09 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Mon, 29 Aug 2022 22:04:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"147-5e76873784e46-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FHlbsDzoPV9ve%2BlPvRT1%2B34SBMXMEpwAzrGMhesftgsV%2B1US8pKp3svSEKei9DBuOGlYAbBfOulazYZSXZuxqX30Tk%2BCGo%2F2Qxofg%2BhhH2ss8JFMf1WJezGNue9gfte%2FdOy9a9HqKQ11mzI%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400, s-maxage=10
cf-ray: 7929af12ab6b3535-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 mashshare-light.min.css
cto.br.media/wp-content/themes/bimber/css/9.2.3/styles/news/ 8 KB
2 KB 486ms
472ms Stylesheet
text/css 2606:4700:3036::ac43:cab9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cto.br.media/wp-content/themes/bimber/css/9.2.3/styles/news/mashshare-light.min.css?ver=9.2.3

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:cab9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c5f8b67fe14370e5f0ec74fa02cb2780978fb17df20e17c023a9f2d582c72f2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/media-pack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:09 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Mon, 29 Aug 2022 22:04:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1f9e-5e76873783ea6-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FVaYf%2F4Koaw3fPMvgAX%2BS1pYiIahmtqdk4k9G16AF9q7kPgm4%2FCv9kV3BAUj%2Fawc9wjkDZ%2BPXbL3rWde4CnRaQbHMeyykwmd3jmhu0hGYzbbej7VOvCFxpNKueOKvXB%2FhroXsyHZgoho2WE%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400, s-maxage=10
cf-ray: 7929af12ab6c3535-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jetpack.css
c0.wp.com/p/jetpack/11.7.1/css/ 85 KB
15 KB 19ms
3ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/11.7.1/css/jetpack.css

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

867db731598a60f3bcec5f74c3775d11d0acbfe1ebbc51db63231568f3226716

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-nc: HIT nrt 1
date: Wed, 01 Feb 2023 09:33:08 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Mon, 16 Jan 2023 17:26:50 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Thu, 01 Feb 2024 09:33:08 GMT

GET
H2 200 jquery.min.js Show response
c0.wp.com/c/6.1.1/wp-includes/js/jquery/ 88 KB
30 KB 19ms
3ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery.min.js

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-nc: HIT nrt 1
date: Wed, 01 Feb 2023 09:33:08 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Mon, 19 Sep 2022 14:16:24 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Thu, 01 Feb 2024 09:33:08 GMT

GET
H2 200 jquery-migrate.min.js Show response
c0.wp.com/c/6.1.1/wp-includes/js/jquery/ 11 KB
4 KB 18ms
3ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery-migrate.min.js

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-nc: HIT nrt 1
date: Wed, 01 Feb 2023 09:33:08 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Thu, 01 Feb 2024 09:33:08 GMT

GET
H3 200 slot-slideup.js Show response
cto.br.media/wp-content/plugins/ad-ace/assets/js/ 2 KB
1 KB 490ms
477ms Script
application/javascript 2606:4700:3036::ac43:cab9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cto.br.media/wp-content/plugins/ad-ace/assets/js/slot-slideup.js?ver=1.3.27

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:cab9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7acfb3926865d68cafe8359320b0fa8959de6de7d2422ec43bd2a3736c40754

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/media-pack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:09 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Tue, 30 Aug 2022 19:31:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6cf-5e77a6cc0a478-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s62f1ENWHiVWF4jzX7VdulNivfOY4pL0fno8%2F2%2BfBeaZX8gm%2FH6ukI2fDjtAWqM%2FNYPksCcRPVviC8%2B0O%2F8cDr9r3yUS0nHLPgPTKCc5x5FTz0Q2shoT9auJl0aTmeLt33e0aEZ5ZKkx3vU%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400, s-maxage=10
cf-ray: 7929af12ab6d3535-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 shoppable-images-front.js Show response
cto.br.media/wp-content/plugins/ad-ace/includes/shoppable-images/assets/js/ 2 KB
1 KB 516ms
503ms Script
application/javascript 2606:4700:3036::ac43:cab9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cto.br.media/wp-content/plugins/ad-ace/includes/shoppable-images/assets/js/shoppable-images-front.js?ver=1.3.27

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:cab9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d355cf98aeecbb16480cc19e5f0afa9cf9b0a92526437d3e91a084a5ca78d400

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/media-pack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:09 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Tue, 30 Aug 2022 19:31:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"700-5e77a6cc0b418-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6TUUy7L8VkB4Lhiwo0AWalNjIF6yEs2h6wcSMUbguB0C5IvTPVrb8HHHyVts9TE0qPEdtfdO97UiIU5O0%2B25MLfeYhOXfdAvQtqx5kpD1ki7zj38Riw6pp016bJAIwdzuh3cvK1eOiYFb0U%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400, s-maxage=10
cf-ray: 7929af12ab6e3535-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 coupons.js Show response
cto.br.media/wp-content/plugins/ad-ace/assets/js/ 1 KB
1010 B 510ms
498ms Script
application/javascript 2606:4700:3036::ac43:cab9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cto.br.media/wp-content/plugins/ad-ace/assets/js/coupons.js?ver=1.3.27

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:cab9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7b1f8d4e7f0706e8de5491cc52f0a32ba91211cd57743e769489fc6efd6fea1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/media-pack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-original-content-length: 1557
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
etag: W/"PSA-aj-bM7VL3rNld"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YBYASjJ%2FfcvgJ6U04jyfzzRJ6wa%2FHdpvOtHHYd3QdQPFr63VnhndhHzkzNtv1Xij1UwMV7ob4QlTHgWC0Lrviz%2BtQcAUXlaOqoM7sfaumJ%2FgymG01fV6syD4bzSliE9NqcP1d6Q12II6cVw%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 7929af12ab6f3535-NRT
expires: Wed, 01 Feb 2023 09:37:47 GMT

GET
H3 200 mashsb.min.js Show response
cto.br.media/wp-content/plugins/mashsharer/assets/js/ 4 KB
2 KB 546ms
535ms Script
application/javascript 2606:4700:3036::ac43:cab9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cto.br.media/wp-content/plugins/mashsharer/assets/js/mashsb.min.js?ver=3.8.7

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:cab9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

876f181150664af9e30a4c1da6f8f95eb462aebeb8781db732ff6bc48a1f6632

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/media-pack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:09 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sat, 21 Jan 2023 19:32:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"114d-5f2cb39fb72ac-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n4I6CQGMhXN025A5g4jVZR9pevLUYA%2B1b6F39Gbwu1CQAOQDrKxScFmQLt5QsaRVWx7QHvAn5mnwptYwSXUWxLmN%2FeVxt68kz0Q%2BY2sy0ic7hjtgrs1bf2ea9ezpsfZDQ1okFq6gIxNNpY0%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400, s-maxage=10
cf-ray: 7929af12ab703535-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 wpp.min.js Show response
cto.br.media/wp-content/plugins/wordpress-popular-posts/assets/js/ 3 KB
2 KB 537ms
526ms Script
application/javascript 2606:4700:3036::ac43:cab9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cto.br.media/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=6.1.1

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:cab9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efa915afe973e463c1ed4fce76fc3d9d54482fa8ad5bb0e1018831aa3761a31b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/media-pack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-original-content-length: 3031
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
etag: W/"PSA-aj-6WWbcIS1Ob"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y3fUETjegKZV1Qv9UtJyTSD%2BH3TJb%2Fmjt4xm6oDDg5DpNZQOblC0JdBI5KPMOE5jZyp4eFTUL8MJpwQFtTajTGenw%2BkNu999Jm11L9N8mXatkvMXGvvPOaFRqFmLf9v09ckeiizJfg6ND3Q%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 7929af12ab713535-NRT
expires: Wed, 01 Feb 2023 09:37:47 GMT

GET
H3 200 modernizr-custom.min.js Show response
cto.br.media/wp-content/themes/bimber/js/modernizr/ 7 KB
3 KB 509ms
499ms Script
application/javascript 2606:4700:3036::ac43:cab9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cto.br.media/wp-content/themes/bimber/js/modernizr/modernizr-custom.min.js?ver=3.3.0

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:cab9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e838f60738bfd243d135cf9cc404f5d7cf8b31f68bf07ce3529187cff9b8bd29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/media-pack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-original-content-length: 7024
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
etag: W/"PSA-aj-OVxJVEYiYm"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HtihPS10EIecKSLP4BKqk7Fhx7vj7c0D6hw6j5J3%2FRjSOjV7JfXNfA9%2FYW0t68JdI7P1zIoZ6C%2Fg0DtnNDZw4%2Ffhn%2FHmHBYqOxwgNCTFLvG4hDGOU6wYvPNNjd3OR4P3MGWrXGXtXZheYL0%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 7929af12ab723535-NRT
expires: Wed, 01 Feb 2023 09:37:47 GMT

GET
H3 200 g1-socials.woff
cto.br.media/wp-content/plugins/g1-socials/css/iconfont/fonts/ 9 KB
9 KB 528ms
518ms Font
font/woff 2606:4700:3036::ac43:cab9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cto.br.media/wp-content/plugins/g1-socials/css/iconfont/fonts/g1-socials.woff

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:cab9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fee992fe9fe9fb5bebd96f8a7a0bc978f755703a818fccff9d78d3ba2d7dc6c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://cto.br.media/media-pack/
Origin: https://cto.br.media
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:09 GMT
cf-cache-status: REVALIDATED
last-modified: Sat, 29 May 2021 20:45:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2204-5c37e10e75eff"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AjwxSq8PMOeiXHHtpaUJoofbEypkanAw%2Bh%2BwQ1yCJb2pjGhLQTdBf0ttk%2BtEpFc4Z2mOt%2B%2FWfGfWFXbfTp691tGPzc%2B2WOjEqJF00TB03IxJWH9j9p2CgU232727DycuC2jezdlHyftX0UM%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7929af12ab733535-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8708

GET
H3 200 snaxicon.woff
cto.br.media/wp-content/plugins/snax/css/snaxicon/fonts/ 12 KB
13 KB 498ms
488ms Font
font/woff 2606:4700:3036::ac43:cab9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cto.br.media/wp-content/plugins/snax/css/snaxicon/fonts/snaxicon.woff

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:cab9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7eb4dfaeb3a5b3370523b353c14853d801722a62325eb88ef60b3fd08f016f4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://cto.br.media/media-pack/
Origin: https://cto.br.media
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:09 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 30 Aug 2022 19:31:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "31fc-5e77a6cc88411"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pxbZqP4lDYj76OMFRs%2BSiTTE5mOVLMxzhF3H%2Bf83KqnD811el6u%2Braz6XG6iS4ejvWvz7BhvYsk8pVV5WO1ENMCcLlTLL5Gu7PimmYUQwf3jvYfLk%2BzJG%2FUMIqapou0jVahO%2FVgXjQtbUl4%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7929af12ab743535-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12796

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 217 KB
76 KB 107ms
54ms Script
application/javascript 2404:6800:4004:81f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6357W9VP29

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81f::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2055d00b49e44386bb1026bbf75c525763d6c4d9ab977595f7f9f54e52e370ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77738
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 01 Feb 2023 09:33:09 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 153 KB
50 KB 104ms
55ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1286340303513484

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

80d434164435c3ba6698eebc0fb16879cd4eb449c077e32ba1e0c8cf9f78b3df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cto.br.media/
Origin: https://cto.br.media
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50450
x-xss-protection: 0
server: cafe
etag: 18292578684259038387
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 01 Feb 2023 09:33:09 GMT

GET
H3 200 CTO.png
cto.br.media/wp-content/uploads/2022/07/ 45 KB
46 KB 515ms
509ms Image
image/png 2606:4700:3036::ac43:cab9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cto.br.media/wp-content/uploads/2022/07/CTO.png

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:cab9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

991853707a5744d3f7ff976f0ddc1a45c40b457abdad832e0d8df37cb6080d90

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/media-pack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:10 GMT
cf-cache-status: REVALIDATED
last-modified: Sat, 23 Jul 2022 00:00:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "b42a-5e46da4f3840e"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4vHS0HEGwFzdCstPktewtJAZFhYq5guBLfVsSCP9nVs6w%2BftTbeCjXHnwocnsirXQS56jLE3zH5GfQQ4Vn79fCRj3PnSXFc15b1glX9%2FtVcwfK4KsdFR555SK56QTSB%2BS22Lczj%2FZW%2BuTcQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7929af182fb03535-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 46122

GET
H3 200 wp-emoji-release.min.js Show response
cto.br.media/wp-includes/js/ 18 KB
5 KB 533ms
528ms Script
application/javascript 2606:4700:3036::ac43:cab9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cto.br.media/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:cab9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68656a04dc9b855f8cbde2e5ae7b4d90c9350c21b80f9f42b6c7e9eec68ad818

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/media-pack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-original-content-length: 18617
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
etag: W/"PSA-aj-clI42Usbfj"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kJsDflkJ8owZN8ZcUyff7gWRiKjf4VMBnkec7WPOQoMtVW3HI5Svy8SJoZOdhwj3UlwHoBmo4R%2Bk6hfAza7KO0EqU6B%2Fmrh5yN4KEygB2CsukIUmnzBpW%2FVLq3nLb2%2F4kOGbfzeEBIOkJug%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 7929af182fb23535-NRT
expires: Wed, 01 Feb 2023 09:37:47 GMT

GET
H3 200 screen-basic.min.css
cto.br.media/wp-content/plugins/g1-socials/css/ 8 KB
2 KB 498ms
497ms Stylesheet
text/css 2606:4700:3036::ac43:cab9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cto.br.media/wp-content/plugins/g1-socials/css/screen-basic.min.css?ver=1.2.27

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:cab9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

003be4b32aad80509340d6c2a4769486788681e0af02c36987a6a3fab9522b7f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/media-pack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:10 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sat, 29 May 2021 20:45:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1e7d-5c37e10e74f60-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sj2YFlihCdGxAQOSEwQfGNdhOLrk54%2FHmUQoRUWdzdkXkGrAcMSrX%2FiNg3uMZk14Mox9xQwdpoXwTgAS%2FSaOX1lcjycqPcvnn2UoYGi7YvKGwwRmiM3rXdbk%2FRNPEnmBiaaWK77DfJ0sBjc%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400, s-maxage=10
cf-ray: 7929af17bf3f3535-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 snapcode.min.css
cto.br.media/wp-content/plugins/g1-socials/css/ 718 B
754 B 496ms
495ms Stylesheet
text/css 2606:4700:3036::ac43:cab9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cto.br.media/wp-content/plugins/g1-socials/css/snapcode.min.css?ver=1.2.27

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:cab9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

001de631b72480e07e7246acc12f9552f023cef5159872d10b2eb036c7ed3fcc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/media-pack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:10 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sat, 29 May 2021 20:45:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2ce-5c37e10e75eff-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yvmGzst7s3WhLF0uk69M%2BUkEp4OMDmZgo8cCSP00fh1O2qb2436CMpTm0E08L9Fu00zQ6bKJBbI%2BI6d6DHQC83u0Z92lNs2kPSm4JjTZ1Z%2FHQblJcCIwd%2Fe6WGAGiCsay2jZ3l3Uq%2B68C4s%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400, s-maxage=10
cf-ray: 7929af17cf473535-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 photon.min.js Show response
c0.wp.com/p/jetpack/11.7.1/_inc/build/photon/ 685 B
417 B 11ms
2ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/11.7.1/_inc/build/photon/photon.min.js

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

5cfd3418ebf7c95f8f7a9024ebfa383ff5a267a8568c9a2708c26733824bdf07

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-nc: HIT nrt 1
date: Wed, 01 Feb 2023 09:33:09 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Tue, 07 Dec 2021 16:56:47 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Thu, 01 Feb 2024 09:33:09 GMT

GET
H3 200 mpp-frontend.js Show response
cto.br.media/wp-content/plugins/metronet-profile-picture/js/ 290 B
666 B 490ms
482ms Script
application/javascript 2606:4700:3036::ac43:cab9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cto.br.media/wp-content/plugins/metronet-profile-picture/js/mpp-frontend.js?ver=2.6.0

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:cab9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efbc00575f13f02c406f902fe55444cc283c09ec68d4404dc82c9ed7b23ad053

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/media-pack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-original-content-length: 331
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
etag: W/"PSA-aj-nWHhs_zrQE"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YpAqNIsluNts9mEeZ822PMmpkcigv1k90CrODavf8cvJxAHHPBNxi0vroUniVdstp%2Fjp%2Fg5pSE54lDpIawroCTOBVWL7g62HqnFBjUncSPcxvfGczWycfhNRJx4JVpvSRWjfJulpMizH6%2Bo%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 7929af182f913535-NRT
expires: Wed, 01 Feb 2023 09:37:47 GMT

GET
H3 200 youtube.js Show response
cto.br.media/wp-content/plugins/media-ace/includes/lazy-load/assets/js/ 1 KB
1 KB 539ms
531ms Script
application/javascript 2606:4700:3036::ac43:cab9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cto.br.media/wp-content/plugins/media-ace/includes/lazy-load/assets/js/youtube.js?ver=1.4.12

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:cab9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a32dc63c8177758a1c78f5f18f4b21ccd00b0f0cbb9d5267aeefa2da47997952

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/media-pack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-original-content-length: 2045
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
etag: W/"PSA-aj-6n5NaF5yc3"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d3UXMsJnSjy9xRj64cjkmlAQZP4dsiSLbvP5CoTEolWXQDt1tgJsNJtAFyTLf5MR3iOqEBJNitpKVxhJrvUBOPfTVQcKl0id1cYRaV74pz8vGZFNeq026FGMd4zUqT4%2F7lXMh%2BW7%2FGSY8H8%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 7929af182f923535-NRT
expires: Wed, 01 Feb 2023 09:37:47 GMT

GET
H3 200 lazysizes.min.js Show response
cto.br.media/wp-content/plugins/media-ace/includes/lazy-load/assets/js/lazysizes/ 7 KB
4 KB 263ms
255ms Script
application/javascript 2606:4700:3036::ac43:cab9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cto.br.media/wp-content/plugins/media-ace/includes/lazy-load/assets/js/lazysizes/lazysizes.min.js?ver=4.0

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:cab9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff7f41fb46f8e9ecafe2c34d443535baec1dcf56cea4701d82e3e387fee68353

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/media-pack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:10 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sat, 29 May 2021 20:45:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1cd4-5c37e112a8203-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BtvYoWiUlpqsDcTpG7xqGTaVekoqK8nlMvcwq6xJU59ETdRbrufJYNLji%2FzUwNpkMaSzom6BqaSmD9swDO2PURWFShEF%2FCvRfaAmoxrJIGBzgoUOHm0xI7cXVr4PVwDzUSsZZH%2Ft%2BLKjxEk%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400, s-maxage=10
cf-ray: 7929af182f933535-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 ls.unveilhooks.min.js Show response
cto.br.media/wp-content/plugins/media-ace/includes/lazy-load/assets/js/lazysizes/plugins/unveilhooks/ 2 KB
1 KB 479ms
471ms Script
application/javascript 2606:4700:3036::ac43:cab9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cto.br.media/wp-content/plugins/media-ace/includes/lazy-load/assets/js/lazysizes/plugins/unveilhooks/ls.unveilhooks.min.js?ver=5.2.0

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:cab9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

488cf81244df2942ebbef913733b8e4f4dd91ec9356a170fbdf2adfdf2f4c6fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/media-pack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-original-content-length: 1649
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
etag: W/"PSA-aj-KaDkzmTrw7"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=stKV5mYM0uBh0SNfacCwP8vx6foTPVXvJG%2F7FjFzWDCd9nbZEWJliGBdHa4LDaF%2BItitM832DZ%2F9eSmeujzNmxViEWw5b1ojYbpMRRuF0BsQN8GBZJajBIO7zG5j43sM6fjLSu4h6Csd764%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 7929af182f953535-NRT
expires: Wed, 01 Feb 2023 09:37:47 GMT

GET
H3 200 gallery.js Show response
cto.br.media/wp-content/plugins/media-ace/includes/gallery/js/ 12 KB
3 KB 503ms
495ms Script
application/javascript 2606:4700:3036::ac43:cab9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cto.br.media/wp-content/plugins/media-ace/includes/gallery/js/gallery.js?ver=1.4.12

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:cab9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

143955879d55a60dc7ecb3bedf93773f4559db893a1748a18ed7878a67ca2670

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/media-pack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:10 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sat, 29 May 2021 20:45:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2ffb-5c37e112a62c3-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R%2B4jCiFV7LQSHk1sv1ien8xTj3T42mwiuSEoa%2FX6XAUf9fa%2BsYXS6pGJkuFuh1HpiTJ44xL0HxeeMfVA7aqZ05tGsXszqDKOiGAKqRBHx829bCQWld4JrYczqPCo7C6LzdDNAgWTNxMqRks%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 7929af182f973535-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 collections.min.js Show response
cto.br.media/wp-content/plugins/snax/assets/js/ 9 KB
3 KB 512ms
504ms Script
application/javascript 2606:4700:3036::ac43:cab9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cto.br.media/wp-content/plugins/snax/assets/js/collections.min.js?ver=1.93

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:cab9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f0989a9002df46b705fb45e14d611df0d8ecc6f6ad2f6587bfe88c1adb0ed60

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/media-pack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:10 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Tue, 30 Aug 2022 19:31:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2582-5e77a6cc80712-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DYl66Tc4m3sDeBbGUuI7qoDWYoD5OzhW5KbKsctUwraIPjrd2qPtDRZkiVu9%2BQ%2BUjJLwW2fx3RTO3i96100rY0hb%2FFewXLYmDb4wFzK7qjwzggMrzJ9Fa1ujMuHhBUnZYowtnLHiRzlTklA%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400, s-maxage=10
cf-ray: 7929af182f983535-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery.magnific-popup.min.js Show response
cto.br.media/wp-content/plugins/snax/assets/js/jquery.magnific-popup/ 20 KB
8 KB 497ms
489ms Script
application/javascript 2606:4700:3036::ac43:cab9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cto.br.media/wp-content/plugins/snax/assets/js/jquery.magnific-popup/jquery.magnific-popup.min.js?ver=1.1.0

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:cab9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/media-pack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:10 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Tue, 30 Aug 2022 19:31:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"4ef8-5e77a6cc84592-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EwRKvdjuCDhle8tIvP2zfBHtYngQHNJAkAIRq6GchqX3B4ds9ZgDrf1yxwol8oLqmWoHs4RXr%2BnQzSvV0S%2B44b3rngIpr35%2BQVq1WnqHsYxC4FhDbtxRkXE33poRQvUTBG9vYAqlJdW37IQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 7929af182f993535-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery.timeago.js Show response
cto.br.media/wp-content/plugins/snax/assets/js/jquery.timeago/ 7 KB
3 KB 519ms
511ms Script
application/javascript 2606:4700:3036::ac43:cab9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cto.br.media/wp-content/plugins/snax/assets/js/jquery.timeago/jquery.timeago.js?ver=1.5.2

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:cab9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8a2ce0ff737cb50745bcd2b534fa03c462d897895dadb9af2d46e37db45c2f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/media-pack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-original-content-length: 7239
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 30 Aug 2022 19:31:20 GMT
server: cloudflare
etag: W/"1c47-5e77a6cc80712"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LmoMO4Du7HRZ6HbxcUc%2Be7ucfi6xkGAxDyH%2F3IXZ4SC5xS6DD%2FMIkDy2S7BDKTziJPVvyiYiYe8kqiE9R7c2HqzkU4inn4MprZ6QhbTjdrpw66QCwzaV3Ig%2B6q%2FPOq5fhKPG1HuYfm3mDao%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400, s-maxage=10
cf-ray: 7929af182f9a3535-NRT
expires: Wed, 01 Feb 2023 09:37:47 GMT

GET
H3 200 jquery.timeago.en.js Show response
cto.br.media/wp-content/plugins/snax/assets/js/jquery.timeago/locales/ 455 B
784 B 512ms
505ms Script
application/javascript 2606:4700:3036::ac43:cab9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cto.br.media/wp-content/plugins/snax/assets/js/jquery.timeago/locales/jquery.timeago.en.js

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:cab9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0284d42b43b431163138ad07c2e26fee046b82609761b503949c054fe67cf38a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/media-pack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-original-content-length: 455
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 30 Aug 2022 19:31:20 GMT
server: cloudflare
etag: W/"1c7-5e77a6cc82652"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WWpASheGi0htef4KxOHXJl4eRYA0XDcbZy1B3YpDqFUhmjA2XzB70UKZcpxGD3nnGKCJr5YJerNILRzIlvvaRP9LQUj0XO1dFALsMP8SO%2BcfmcO%2Fr32vmlvlAoaadMHA8G2GdxDooaYc5IU%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400, s-maxage=10
cf-ray: 7929af182f9b3535-NRT
expires: Wed, 01 Feb 2023 09:37:47 GMT

GET
H3 200 front.js Show response
cto.br.media/wp-content/plugins/snax/assets/js/ 75 KB
15 KB 737ms
730ms Script
application/javascript 2606:4700:3036::ac43:cab9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cto.br.media/wp-content/plugins/snax/assets/js/front.js?ver=1.93

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:cab9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9bf6fdc5d560b08cfe28b39afe13f4c3a946b3fc3f4fc02591552a5bf1443d42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/media-pack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-original-content-length: 77267
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 30 Aug 2022 19:31:20 GMT
server: cloudflare
etag: W/"12dd3-5e77a6cc82652"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rOYS3qFDLRIwBxMBGQEJj2Aa%2BTxlWn797fZ7iPknEqITb2K88Xh%2BP6EKjhsyWY%2BwB4L0UeOLYAN1UGM7vtvJnkAfJpcJkCKm8KPVq65JC2bwO4QA4%2FveCk70D8y1M8x0GJpXtqWsVq%2FMcUo%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400, s-maxage=10
cf-ray: 7929af182f9c3535-NRT
expires: Wed, 01 Feb 2023 09:37:47 GMT

GET
H3 200 front.js Show response
cto.br.media/wp-content/plugins/whats-your-reaction/js/ 11 KB
3 KB 485ms
478ms Script
application/javascript 2606:4700:3036::ac43:cab9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cto.br.media/wp-content/plugins/whats-your-reaction/js/front.js?ver=1.3.19

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:cab9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d1fd02bcde85db6ced117991aa0a62380bf0c81b3558bdb0d15e27352ac3f32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/media-pack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-original-content-length: 10988
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 30 Aug 2022 19:31:21 GMT
server: cloudflare
etag: W/"2aec-5e77a6cd881c4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UCbeY6dPVYLmOZvakygTaH1UlwKt01zF%2FrIcA9fJPazKPkEe0JeuzzMKlqr5%2B%2B64hWCdzQ0tGzYcU0sKfzRhkth09Ab7b0oaK13K0QCzx8U005dhbnEFqtZEaOXO3qAyrQ4JvoDRooulMrQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400, s-maxage=10
cf-ray: 7929af182f9d3535-NRT
expires: Wed, 01 Feb 2023 09:37:47 GMT

GET
H2 200 comment-reply.min.js Show response
c0.wp.com/c/6.1.1/wp-includes/js/ 3 KB
1 KB 14ms
4ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.1.1/wp-includes/js/comment-reply.min.js

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-nc: HIT nrt 1
date: Wed, 01 Feb 2023 09:33:09 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Thu, 01 Feb 2024 09:33:09 GMT

GET
H3 200 stickyfill.min.js Show response
cto.br.media/wp-content/themes/bimber/js/stickyfill/ 6 KB
3 KB 514ms
506ms Script
application/javascript 2606:4700:3036::ac43:cab9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cto.br.media/wp-content/themes/bimber/js/stickyfill/stickyfill.min.js?ver=2.0.3

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:cab9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77bf60e84e126d1609cc0a302c3953dc25ae054aaee3514d04a4726d4f2609fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/media-pack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-original-content-length: 6291
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 29 Aug 2022 22:04:43 GMT
server: cloudflare
etag: W/"1893-5e768737d3fe1"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VO8S%2FtkKIOk280DqlAyTCTREX623RIZs9sHXYdnk5wdah6WXfQRI0yNOolNCnHkn%2BKOWramEiNpvkY9wlB%2FfQan9rxVE9rYd4GpwQcHGcxjQ1ycAaDe%2FVHHLn5TpvbwNj2UduBTgQQwPfr8%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400, s-maxage=10
cf-ray: 7929af182f9e3535-NRT
expires: Wed, 01 Feb 2023 09:37:47 GMT

GET
H3 200 placeholders.jquery.min.js Show response
cto.br.media/wp-content/themes/bimber/js/jquery.placeholder/ 5 KB
3 KB 520ms
513ms Script
application/javascript 2606:4700:3036::ac43:cab9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cto.br.media/wp-content/themes/bimber/js/jquery.placeholder/placeholders.jquery.min.js?ver=4.0.1

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:cab9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aabc30ee10c2b23a718fe443f43b051563fa5c58aa4b48cb64155a424e451468

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/media-pack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-original-content-length: 5461
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 29 Aug 2022 22:04:43 GMT
server: cloudflare
etag: W/"1555-5e768737d4f81"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y0fLIZavZKvdkPL3ylumUhbqyqpq0gbtQT0PDc38jd5NtVMi1syiiMg6DMYCSvvgH6q0oa%2F7GGVQA%2BAJVU0R5L8YORUAkuKPsYxDFykGSRhW%2FDMRiftYtifHhBojwRIGAyd8CEcNOZQdT7I%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400, s-maxage=10
cf-ray: 7929af182f9f3535-NRT
expires: Wed, 01 Feb 2023 09:37:47 GMT

GET
H3 200 matchmedia.js Show response
cto.br.media/wp-content/themes/bimber/js/matchmedia/ 2 KB
1 KB 529ms
522ms Script
application/javascript 2606:4700:3036::ac43:cab9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cto.br.media/wp-content/themes/bimber/js/matchmedia/matchmedia.js

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:cab9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76b8c213b84808d8f2986bfa38e79e3f2d1a94f065e517a143999b198abd8bd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/media-pack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-original-content-length: 1700
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 29 Aug 2022 22:04:43 GMT
server: cloudflare
etag: W/"6a4-5e768737d4f81"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GfgWi0ALpOONleQWydOQ8g5bF66%2FghjZ%2FAoObkYTdVOa5vhLIZbb4i%2F6eOAiA83A3TsLc9AXFF%2FclOFhOtZ80hhk2QbDflTsp94345rZIbdFkF2zYQ5fFJpsPX9YY9BDGXHUXVsFPgiILmo%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400, s-maxage=10
cf-ray: 7929af182fa03535-NRT
expires: Wed, 01 Feb 2023 09:37:47 GMT

GET
H3 200 matchmedia.addlistener.js Show response
cto.br.media/wp-content/themes/bimber/js/matchmedia/ 3 KB
1 KB 521ms
514ms Script
application/javascript 2606:4700:3036::ac43:cab9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cto.br.media/wp-content/themes/bimber/js/matchmedia/matchmedia.addlistener.js

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:cab9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4492a4f252febe84a00d7f8246e50e43475a11d7192a279aab3c189cd3721456

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/media-pack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-original-content-length: 2816
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 29 Aug 2022 22:04:43 GMT
server: cloudflare
etag: W/"b00-5e768737d4f81"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PhTfgoWb0emqeyU7qp1LXfWSD9KWucS%2FJ%2FRZ2wOscKUlOeHpXzoap%2B4at%2FXjeRrrw9laHKckjbWvCZhHq2GVzfAR5fOse%2BY1y%2BU0zdW7Kn76Pj8sR0dsANxTjiTMNG4tVyN8itZ4lPiiD7I%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400, s-maxage=10
cf-ray: 7929af182fa13535-NRT
expires: Wed, 01 Feb 2023 09:37:47 GMT

GET
H3 200 picturefill.min.js Show response
cto.br.media/wp-content/themes/bimber/js/picturefill/ 8 KB
4 KB 521ms
514ms Script
application/javascript 2606:4700:3036::ac43:cab9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cto.br.media/wp-content/themes/bimber/js/picturefill/picturefill.min.js?ver=2.3.1

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:cab9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d603b6e5c404d28a9f1c12bb0b57d8c9967836a8f53cce046a2ab3fd1f3b2f52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/media-pack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-original-content-length: 7707
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 29 Aug 2022 22:04:43 GMT
server: cloudflare
etag: W/"1e1b-5e768737d4f81"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EvLA1nyUWBUhWD5RUEprHZrqTwYDh3EKRpMiacXhXzmXEU7QZW4KUDDZHoyzMMX06c6k9k8uxngk%2BBXFeYwR614pg%2FOVOzBDKH%2BUhBF1PShnS9hHJdX7MW3RwnHXDp8nQI%2FNMPXxiXQn62s%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400, s-maxage=10
cf-ray: 7929af182fa23535-NRT
expires: Wed, 01 Feb 2023 09:37:47 GMT

GET
H3 200 jquery.waypoints.min.js Show response
cto.br.media/wp-content/themes/bimber/js/jquery.waypoints/ 9 KB
3 KB 501ms
494ms Script
application/javascript 2606:4700:3036::ac43:cab9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cto.br.media/wp-content/themes/bimber/js/jquery.waypoints/jquery.waypoints.min.js?ver=4.0.0

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:cab9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c7bd3dadf6edc19d3b8876a8e2b0b0ae6b54f403d7e987ec82b041128cfdd35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/media-pack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-original-content-length: 8833
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 29 Aug 2022 22:04:43 GMT
server: cloudflare
etag: W/"2281-5e768737d3041"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e5h%2FWjYgqSFZmW9dc133PLmfc6dMDzEPnVKAqw17mk7UU8%2FXVaxl9J%2FxtAusodI75iA2PjeGQuH%2BMHLI0jEufXzYlM6nDaDAJRCoihdC8LTGy8p1fvkWz5T%2Fkrw7pYq8YsFpDO6w8LUaGo0%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400, s-maxage=10
cf-ray: 7929af182fa33535-NRT
expires: Wed, 01 Feb 2023 09:37:47 GMT

GET
H3 200 enquire.min.js Show response
cto.br.media/wp-content/themes/bimber/js/enquire/ 2 KB
2 KB 525ms
519ms Script
application/javascript 2606:4700:3036::ac43:cab9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cto.br.media/wp-content/themes/bimber/js/enquire/enquire.min.js?ver=2.1.2

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:cab9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

324dbc3f38a9f0a20763e0c0d817aadea2b441e2b872b81c69f453857da67489

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/media-pack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-original-content-length: 2254
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 29 Aug 2022 22:04:43 GMT
server: cloudflare
etag: W/"8ce-5e768737d3fe1"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FsJpWND73OjapTQ19JKybNw4bEt3WGDTKfQ6rOCABei8GPfGHyAKte5c5IrhJZx7aRB%2BUbalFOYnWlDocTO2IUdrecQHRQxuUxB6CM1YmARSJ1q35BJzPH4B%2FAtXx7f9idI957Otqt%2F2xq8%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400, s-maxage=10
cf-ray: 7929af182fa43535-NRT
expires: Wed, 01 Feb 2023 09:37:47 GMT

GET
H3 200 global.js Show response
cto.br.media/wp-content/themes/bimber/js/ 46 KB
12 KB 521ms
514ms Script
application/javascript 2606:4700:3036::ac43:cab9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cto.br.media/wp-content/themes/bimber/js/global.js?ver=9.2.3

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:cab9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6abddbe5d6b87ebdfc3ef94d51cb72b139804c2ad38ee3ed1aeb591012b5076

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/media-pack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-original-content-length: 47419
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 29 Aug 2022 22:04:43 GMT
server: cloudflare
etag: W/"b93b-5e768737d4f81"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zNFsnbC3If%2B3eQkF0m8SOknQZIxiWUE7skaDkIfNRGf%2BfARiEBu3XBnLIbFGHWttcXRM5J5u9IM3qVIPh7r0hoYPaINiE87G7pMEUtFuTefeJrw59Z2wlQpb0MmoQmpdx2xjW7mSVKwjIjg%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400, s-maxage=10
cf-ray: 7929af182fa63535-NRT
expires: Wed, 01 Feb 2023 09:37:47 GMT

GET
H3 200 libgif.js Show response
cto.br.media/wp-content/themes/bimber/js/libgif/ 33 KB
9 KB 496ms
490ms Script
application/javascript 2606:4700:3036::ac43:cab9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cto.br.media/wp-content/themes/bimber/js/libgif/libgif.js

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:cab9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff1ce8732e74bc97205dfb4009d268a21dcbd5eac386e19e45f93db0defd51b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/media-pack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-original-content-length: 34128
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 29 Aug 2022 22:04:43 GMT
server: cloudflare
etag: W/"8550-5e768737d3fe1"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Iq8JEC9IJeppNmPJhvrL20UVmOkei5KRIPX5%2FVmmmpc5%2BUaILiCX8r6HxNmKkd4zN2AM3V6xf7rNtCJ6c6u0%2BsoG6mxlUF0nBRF3tbByeU1fGTolf9DYne4%2BZ1Rordu6qRcuNpM6%2Be1o508%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400, s-maxage=10
cf-ray: 7929af182fa73535-NRT
expires: Wed, 01 Feb 2023 09:37:47 GMT

GET
H3 200 players.js Show response
cto.br.media/wp-content/themes/bimber/js/ 23 KB
5 KB 485ms
478ms Script
application/javascript 2606:4700:3036::ac43:cab9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cto.br.media/wp-content/themes/bimber/js/players.js?ver=9.2.3

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:cab9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aaf9bb091f781b24996837d1b06acb2a0aed55b54c154d605b193b9731bb37d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/media-pack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-original-content-length: 23772
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 29 Aug 2022 22:04:43 GMT
server: cloudflare
etag: W/"5cdc-5e768737d4f81"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FfCyBTUZclHAOxISIszY3j2b5PAW8VvOidHjoT17%2FEQFlkW6td%2ByDPFMpABnn2ZW%2FUrneN6JWvsV3cc22JXQn3ANZiF6Z%2F%2BiWY6Y6JAkjMPRHBWdhYpdANVrehUgMYgGd%2BzK9yEJHF3kLLA%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400, s-maxage=10
cf-ray: 7929af182fa93535-NRT
expires: Wed, 01 Feb 2023 09:37:47 GMT

GET
H2 200 core.min.js Show response
c0.wp.com/c/6.1.1/wp-includes/js/jquery/ui/ 21 KB
7 KB 13ms
4ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.1.1/wp-includes/js/jquery/ui/core.min.js

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

ca7154cdda62b535ceaba9ad2a2b2217ff49de94c069a2c4e89733f3f06b3651

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-nc: HIT nrt 1
date: Wed, 01 Feb 2023 09:33:09 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Fri, 23 Sep 2022 19:55:30 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Thu, 01 Feb 2024 09:33:09 GMT

GET
H2 200 menu.min.js Show response
c0.wp.com/c/6.1.1/wp-includes/js/jquery/ui/ 10 KB
3 KB 13ms
4ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.1.1/wp-includes/js/jquery/ui/menu.min.js

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

03a76dde100a17b38d2eaf65bd9d75ca09369d5d601e4262db5696778e930657

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-nc: HIT nrt 1
date: Wed, 01 Feb 2023 09:33:09 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Mon, 19 Sep 2022 18:04:09 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Thu, 01 Feb 2024 09:33:09 GMT

GET
H2 200 regenerator-runtime.min.js Show response
c0.wp.com/c/6.1.1/wp-includes/js/dist/vendor/ 6 KB
2 KB 13ms
5ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.1.1/wp-includes/js/dist/vendor/regenerator-runtime.min.js

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-nc: HIT nrt 1
date: Wed, 01 Feb 2023 09:33:09 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Thu, 01 Feb 2024 09:33:09 GMT

GET
H2 200 wp-polyfill.min.js Show response
c0.wp.com/c/6.1.1/wp-includes/js/dist/vendor/ 17 KB
6 KB 13ms
5ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.1.1/wp-includes/js/dist/vendor/wp-polyfill.min.js

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-nc: HIT nrt 1
date: Wed, 01 Feb 2023 09:33:09 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Tue, 20 Sep 2022 15:43:29 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Thu, 01 Feb 2024 09:33:09 GMT

GET
H2 200 dom-ready.min.js Show response
c0.wp.com/c/6.1.1/wp-includes/js/dist/ 498 B
534 B 13ms
5ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.1.1/wp-includes/js/dist/dom-ready.min.js

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

166c7c3bb5f76f977a9f2a5490589b3466374eb2b3f064802e56f08bad71fbf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-nc: HIT nrt 1
date: Wed, 01 Feb 2023 09:33:09 GMT
strict-transport-security: max-age=15552000
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
content-length: 498
expires: Thu, 01 Feb 2024 09:33:09 GMT

GET
H2 200 hooks.min.js Show response
c0.wp.com/c/6.1.1/wp-includes/js/dist/ 5 KB
2 KB 13ms
5ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.1.1/wp-includes/js/dist/hooks.min.js

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-nc: HIT nrt 1
date: Wed, 01 Feb 2023 09:33:09 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Thu, 01 Feb 2024 09:33:09 GMT

GET
H2 200 i18n.min.js Show response
c0.wp.com/c/6.1.1/wp-includes/js/dist/ 10 KB
4 KB 13ms
5ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.1.1/wp-includes/js/dist/i18n.min.js

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

01c3955df67a9b9d1367957e2c187729eae46b72e92c2b52bdb217b14a8fc874

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-nc: HIT nrt 1
date: Wed, 01 Feb 2023 09:33:09 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Fri, 23 Sep 2022 19:55:30 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Thu, 01 Feb 2024 09:33:09 GMT

GET
H2 200 a11y.min.js Show response
c0.wp.com/c/6.1.1/wp-includes/js/dist/ 2 KB
890 B 13ms
5ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.1.1/wp-includes/js/dist/a11y.min.js

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

5df2942db2352e49e00bcf3393b875a71d0acee986e48fbdcc5879846f5c3689

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-nc: HIT nrt 1
date: Wed, 01 Feb 2023 09:33:09 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Thu, 01 Feb 2024 09:33:09 GMT

GET
H2 200 autocomplete.min.js Show response
c0.wp.com/c/6.1.1/wp-includes/js/jquery/ui/ 8 KB
3 KB 13ms
6ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.1.1/wp-includes/js/jquery/ui/autocomplete.min.js

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

3c891891a2abfdb8f5ef8f4b1e4e3c25013d934ca396fe8149e6626cc4ea1888

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-nc: HIT nrt 1
date: Wed, 01 Feb 2023 09:33:09 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Fri, 23 Sep 2022 19:55:30 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Thu, 01 Feb 2024 09:33:09 GMT

GET
H3 200 ajax-search.js Show response
cto.br.media/wp-content/themes/bimber/js/ 2 KB
1 KB 499ms
494ms Script
application/javascript 2606:4700:3036::ac43:cab9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cto.br.media/wp-content/themes/bimber/js/ajax-search.js?ver=9.2.3

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:cab9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c045fd18778d6cb007565f471c7d6f442aef231cd65359b0fbcef666b432155

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/media-pack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-original-content-length: 2070
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 29 Aug 2022 22:04:43 GMT
server: cloudflare
etag: W/"816-5e768737d4f81"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CkxsXRMKXEYpGwXIHufXL6jL5ZKd8v7NviwnPhLXe2NassD%2B%2Bubz2P1BDhw1WIh7DHWhpu1YO%2FQzrN07XHwY8hPyb600%2BbfEX9uW8Wg1xP%2F0H8OojOGplrINfnfQKnNMK7rT94dZYyGSgYM%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400, s-maxage=10
cf-ray: 7929af182faa3535-NRT
expires: Wed, 01 Feb 2023 09:37:47 GMT

GET
H3 200 single.js Show response
cto.br.media/wp-content/themes/bimber/js/ 26 KB
6 KB 497ms
492ms Script
application/javascript 2606:4700:3036::ac43:cab9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cto.br.media/wp-content/themes/bimber/js/single.js?ver=9.2.3

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:cab9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d30e674df8c589b210186f71173b09d2890c3d84dd9aa57cb23d5dfd3ae61726

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/media-pack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-original-content-length: 26260
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 29 Aug 2022 22:04:43 GMT
server: cloudflare
etag: W/"6694-5e768737d4f81"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ink44dGDgVNAEe2ZD%2BPK8uzKrEwNbG9TS2poDF2Z5HTZ2BPvdzcAfo2DiKgtqMnY6w9nWBKTGC3wOMvHqgicPSBfLNhjo5OmePdo95%2FFEW8ePhqCV2X8tIljDnWtJtOZ1XzIv5oLhnJeyPo%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400, s-maxage=10
cf-ray: 7929af182fab3535-NRT
expires: Wed, 01 Feb 2023 09:37:47 GMT

GET
H3 200 modifications.js Show response
cto.br.media/wp-content/themes/bimber-child-theme/ 357 B
747 B 533ms
527ms Script
application/javascript 2606:4700:3036::ac43:cab9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cto.br.media/wp-content/themes/bimber-child-theme/modifications.js

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:cab9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b69f6a34cffee7491a91501ce0ebf2710756c59472393ef709a42d787d80398f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/media-pack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-original-content-length: 357
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 29 May 2021 20:42:00 GMT
server: cloudflare
etag: W/"165-5c37e062bc480"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MMsad6kFiSQlFHbwdfB7YoJ4KjZ8gW%2B0LZFNe1ZGe%2FBR0FmeJlp7CNbeqyMlL7WVVVe%2B8mrzqCydU7M0ofIG%2FafFRw5QGeO4RqSUReiGorq60NRhla%2F3qLjqK55aBKephlKmrVJx8SVt14c%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400, s-maxage=10
cf-ray: 7929af182fad3535-NRT
expires: Wed, 01 Feb 2023 09:37:47 GMT

GET
H3 200 back-to-top.js Show response
cto.br.media/wp-content/themes/bimber/js/ 1 KB
1 KB 520ms
514ms Script
application/javascript 2606:4700:3036::ac43:cab9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cto.br.media/wp-content/themes/bimber/js/back-to-top.js?ver=9.2.3

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:cab9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b044d89f7a88e52da5ba2345438abc81c7fdf33eefbdb8e458bd5ce102bbba7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/media-pack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-original-content-length: 1493
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 29 Aug 2022 22:04:43 GMT
server: cloudflare
etag: W/"5d5-5e768737d3fe1"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FbsaXe5GcOzytbWjfJ%2BspHp%2Fiqj3DPSYDYpkT1l10wORvI7N0ySxIg84MZ2F%2FUQRJAZ%2FEOR7kno%2FJbEt1RUO0fihqyAUqd2j7n4STt9RG5T4cG9EV37x72pqtZVZl0SLREWTizJ%2BXdgodtI%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400, s-maxage=10
cf-ray: 7929af182faf3535-NRT
expires: Wed, 01 Feb 2023 09:37:47 GMT

GET
H3 200 forms.js Show response
cto.br.media/wp-content/plugins/mailchimp-for-wp/assets/js/ 6 KB
3 KB 519ms
514ms Script
application/javascript 2606:4700:3036::ac43:cab9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cto.br.media/wp-content/plugins/mailchimp-for-wp/assets/js/forms.js?ver=4.9.0

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:cab9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12a618537a5ecc700c5cd76816ded0793c5c369fa6d786ce82b7199e34b080a3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/media-pack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:10 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Fri, 13 Jan 2023 13:21:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1927-5f2251c431ea7-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f%2BIrOLeWFXuE4QxPrjzmbARrDCidDc2LMfjPSAYh5UQvR8SO6U9kZ1u%2FQBaxaPshRiSGwgXjdZKqSWcRuJhsCh922AGwckTK22Utctp%2BMBX5V8rsbrTPdApR%2FKFjVHxmMdZ8vaIWJ7T7two%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400, s-maxage=10
cf-ray: 7929af182fb33535-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 e-202305.js Show response
stats.wp.com/ 9 KB
3 KB 22ms
4ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202305.js
Requested by: Host: cto.br.media
URL: https://cto.br.media/media-pack/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-nc: HIT nrt
date: Wed, 01 Feb 2023 09:33:09 GMT
content-encoding: br
server: nginx
etag: W/"61ad9f55-3508"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sun, 21 Jan 2024 07:28:41 GMT

POST
H3 201 popular-posts Show response
cto.br.media/wp-json/wordpress-popular-posts/v1/ 55 B
775 B 646ms
646ms XHR
application/json 2606:4700:3036::ac43:cab9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cto.br.media/wp-json/wordpress-popular-posts/v1/popular-posts

Requested by

Host: cto.br.media
URL: https://cto.br.media/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=6.1.1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:cab9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.15

Resource Hash

e75256a24f1bc27561819e033db2484efb053161047a2159b9902ab7e18bcdb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://cto.br.media/media-pack/
X-Requested-With: XMLHttpRequest
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 01 Feb 2023 09:33:10 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.4.15
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
allow: GET, POST
access-control-allow-methods: OPTIONS, GET, POST, PUT, PATCH, DELETE
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://cto.br.media
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wALVI8idfSPW4ETLAGD24CsQd3EaL3%2FxqX9JxHgGXeA27oEssRVt0%2BfHgDeQIozDxXUrif0S5pSHPYeqtCOVIflvoH5%2Brns4Q%2BEcx8kUIjnUun6X7NiWwCYWB11iLXXxW8J8ArpNyI6aaNo%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
vary: Origin
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
x-robots-tag: noindex
link: <https://cto.br.media/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
cf-ray: 7929af181f863535-NRT
x-wp-nonce: dffad868b3

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
31 KB 57ms
8ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A400%2C500%2C700&subset=latin%2Clatin-ext&display=swap&ver=9.2.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://cto.br.media
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 16:53:51 GMT
x-content-type-options: nosniff
age: 578358
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Jan 2024 16:53:51 GMT

GET
H3 200 bimber.woff
cto.br.media/wp-content/themes/bimber/css/9.2.3/bunchy/fonts/ 11 KB
11 KB 528ms
527ms Font
font/woff 2606:4700:3036::ac43:cab9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cto.br.media/wp-content/themes/bimber/css/9.2.3/bunchy/fonts/bimber.woff

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:cab9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf8f10bd933e45c08c4528efb6b831bd3970e130763376577040e0fce3bdb39d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://cto.br.media/media-pack/
Origin: https://cto.br.media
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:10 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 29 Aug 2022 22:04:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2a98-5e7687379c544"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2hCFnXEo0RwgV37Y4dJ4hPGNiJnrPWYIZWKdVmESC0UoyGBpey4Fcfqx30KAeXHKim1UtrUpllb9ZFHeEPR3qChZ%2FEErLIelycNYTcL%2BHsJAorbkhnEqLKtkVTuGNsx78W6QGxH9ak6CDzI%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
vary: Accept-Encoding
cache-control: max-age=14400, s-maxage=10
accept-ranges: bytes
cf-ray: 7929af182fb43535-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10904

GET
DATA 200
OK truncated
/ 63 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2a25efd46bf52792cd1347a30c7230d6891581636c625556835acde987dc33b8

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 61 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c5c8ee707457e4f18f6138cafe218bd8e196438b0ecc9a16c1c636aefa08cafb

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 422 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e7eabc7f05a63848ca0cf3d821014400d89e413dd6d11de71620a36cb655f99b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
49 KB 195ms
150ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: c0.wp.com
URL: https://c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cc23f3fb7ed93aa57b37e1d816309339df0bf0e0bd0007720dbe6bef32891d02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49932
x-xss-protection: 0
server: cafe
etag: 6386414242249423416
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 01 Feb 2023 09:33:09 GMT

GET
DATA 200
OK truncated
/ 63 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c313eafd49a7f12b4bb014b8b23a6675b9000c625344fcd99d8aa2f4abf7b746

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H3 200 dynamic-style-1662767166.css
cto.br.media/wp-content/uploads/ 12 KB
12 KB 20ms
19ms Image
text/css 2606:4700:3036::ac43:cab9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cto.br.media/wp-content/uploads/dynamic-style-1662767166.css

Requested by

Host: cto.br.media
URL: https://cto.br.media/wp-content/uploads/dynamic-style-1662767166.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:cab9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/wp-content/uploads/dynamic-style-1662767166.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-original-content-length: 13952
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
cf-polished: origSize=12059
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"PSA-aj-EkrtRdqSdl"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jqSgBGI%2FjWKwfENqwcNr11KSjaahwHNAoCN0zL9BgLUp9%2BzKKybib199hcqyTypc76t0645iixoaePedbY47HVxIJZAMelY3PZ52097zuCU6drxgvpV1uIYLIbi1JM2s69pHacDcPaQX4gI%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 7929af187ff73535-NRT
expires: Wed, 01 Feb 2023 09:37:48 GMT

GET
H2 200 cropped-CTO-1.png
i0.wp.com/cto.br.media/wp-content/uploads/2022/07/ 4 KB
4 KB 10ms
3ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/cto.br.media/wp-content/uploads/2022/07/cropped-CTO-1.png?resize=300%2C300&ssl=1

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

3e2ac836a407225e2b8380013264f4456665af50f5c8dc5149f7bcacb218504a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-nc: HIT nrt 4
date: Wed, 01 Feb 2023 09:33:09 GMT
x-content-type-options: nosniff
last-modified: Mon, 23 Jan 2023 13:32:37 GMT
server: nginx
etag: "ffc2cbfe8a46d2ef"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://cto.br.media/wp-content/uploads/2022/07/cropped-CTO-1.png>; rel="canonical"
content-length: 3764
expires: Thu, 23 Jan 2025 01:32:37 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301230101/ 361 KB
119 KB 115ms
114ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301230101/show_ads_impl_fy2021.js?bust=31071854

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1286340303513484

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4f41d470bf5880ba4952fec3f7887f956774b561724600b90c3771e6d4cf7868

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121165
x-xss-protection: 0
server: cafe
etag: 11742555285076971691
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Feb 2023 09:33:09 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230124/r20190131/ Frame B1C3 10 KB
5 KB 45ms
3ms Document
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230124/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1286340303513484

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cto.br.media/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 24056
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Feb 2023 02:52:13 GMT
etag: 10353107486223812946
expires: Wed, 15 Feb 2023 02:52:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
www.google-analytics.com/g/ 0
251 B 89ms
39ms Ping
text/plain 2404:6800:4004:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-6357W9VP29&gtm=2oe1u0&_p=1149820971&cid=1555480699.1675243990&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1675243989&sct=1&seg=0&dl=https%3A%2F%2Fcto.br.media%2Fmedia-pack%2F&dt=Media%20Pack%20-%20CTO&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6357W9VP29
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:821::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 09:33:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cto.br.media
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 383 B
462 B 41ms
41ms Script
text/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=cto.br.media&callback=_gfp_s_&client=ca-pub-1286340303513484

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301230101/show_ads_impl_fy2021.js?bust=31071854

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de9c9d21dc567099550adc619be60ec5a771e6842485423ef23165b812187cc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 249
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.jp/adsid/ 107 B
531 B 93ms
53ms Script
application/javascript 2404:6800:4004:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/adsid/integrator.js?domain=cto.br.media

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301230101/show_ads_impl_fy2021.js?bust=31071854

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 82ms
43ms Script
application/javascript 2404:6800:4004:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cto.br.media

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301230101/show_ads_impl_fy2021.js?bust=31071854

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 98AE 232 KB
56 KB 626ms
625ms Document
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1286340303513484&output=html&adk=1812271804&adf=3025194257&lmt=1675243990&plat=3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=188x945_r&format=0x0&url=https%3A%2F%2Fcto.br.media%2Fmedia-pack%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675243989897&bpp=3&bdt=1039&idt=209&shv=r20230124&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7636816473716&frm=20&pv=2&ga_vid=1555480699.1675243990&ga_sid=1675243990&ga_hid=1149820971&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071259%2C31071854%2C44779793&oid=2&pvsid=3437753840299782&tmod=220244313&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=239

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301230101/show_ads_impl_fy2021.js?bust=31071854

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0aaac69edb0ef99643def6cda2ff3f389fc31bde0d37895867c1b4c7e7039ade

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cto.br.media/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 57581
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Feb 2023 09:33:10 GMT
expires: Wed, 01 Feb 2023 09:33:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0997 87 KB
31 KB 427ms
426ms Document
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1286340303513484&output=html&h=280&slotname=8311518838&adk=3087661368&adf=4217086742&pi=t.ma~as.8311518838&w=1132&fwrn=4&fwrnh=100&lmt=1675243990&rafmt=1&format=1132x280&url=https%3A%2F%2Fcto.br.media%2Fmedia-pack%2F&host=ca-host-pub-2644536267352236&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675243989900&bpp=2&bdt=1042&idt=241&shv=r20230124&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7636816473716&frm=20&pv=1&ga_vid=1555480699.1675243990&ga_sid=1675243990&ga_hid=1149820971&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=234&ady=176&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071259%2C31071854%2C44779793&oid=2&pvsid=3437753840299782&tmod=220244313&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ztq1h8H7mx&p=https%3A//cto.br.media&dtd=245

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301230101/show_ads_impl_fy2021.js?bust=31071854

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa6b8925e1363db8671d01cd9935286ee77645b16e3422910b8b4e70e82a00d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cto.br.media/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 31342
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Feb 2023 09:33:10 GMT
expires: Wed, 01 Feb 2023 09:33:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 g.gif
pixel.wp.com/ 50 B
116 B 2ms
1ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=209261798&post=6342&tz=0&srv=cto.br.media&j=1%3A11.7.1&host=cto.br.media&ref=&fcp=3011&rand=0.9997322810837235
Requested by: Host: cto.br.media
URL: https://cto.br.media/media-pack/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 01 Feb 2023 09:33:10 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 1f4da.svg
s.w.org/images/core/emoji/14.0.0/svg/ 1 KB
751 B 7ms
2ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/1f4da.svg

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

64e045f1b9b28e511d03495cf793fcdf2cf9290de5f7a1ea5080182f99e3b73f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-nc: HIT nrt 1
date: Wed, 01 Feb 2023 09:33:10 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:50:59 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0997 6 KB
768 B 40ms
39ms Stylesheet
text/css 2404:6800:4004:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1286340303513484&output=html&h=280&slotname=8311518838&adk=3087661368&adf=4217086742&pi=t.ma~as.8311518838&w=1132&fwrn=4&fwrnh=100&lmt=1675243990&rafmt=1&format=1132x280&url=https%3A%2F%2Fcto.br.media%2Fmedia-pack%2F&host=ca-host-pub-2644536267352236&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675243989900&bpp=2&bdt=1042&idt=241&shv=r20230124&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7636816473716&frm=20&pv=1&ga_vid=1555480699.1675243990&ga_sid=1675243990&ga_hid=1149820971&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=234&ady=176&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071259%2C31071854%2C44779793&oid=2&pvsid=3437753840299782&tmod=220244313&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ztq1h8H7mx&p=https%3A//cto.br.media&dtd=245

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81f::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 01 Feb 2023 09:33:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 09:02:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 01 Feb 2023 09:33:10 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/ Frame 0997 2 KB
846 B 49ms
5ms Script
text/javascript 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 23:34:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35947
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Feb 2023 23:34:03 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/ Frame 0997 22 KB
9 KB 45ms
2ms Script
text/javascript 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

682b9a643ebc5c5b7f54f802fe82d4d9117b6cdff3479110b81afdccfd6148c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 22:52:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38467
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8871
x-xss-protection: 0
server: cafe
etag: 9510037503091481574
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Feb 2023 22:52:03 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/ Frame 0997 3 KB
1 KB 44ms
4ms Script
text/javascript 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:30:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 179
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Feb 2023 09:30:11 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/ Frame 0997 18 KB
7 KB 47ms
4ms Script
text/javascript 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90fef9d0acae0cc250d08d7b98da896c6c0dc6bb33999ffce7819fad76e5ff02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 22:36:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39382
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7523
x-xss-protection: 0
server: cafe
etag: 641023367890010850
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Feb 2023 22:36:48 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0997 157 KB
49 KB 108ms
51ms Script
text/javascript 2404:6800:400a:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80a::2002 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a482b87b1055665d77c94492bf4739724380d45b00083575738386b2c7ee9d80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49075
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675083396089714"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 01 Feb 2023 09:33:10 GMT

GET
H2 200 8aec859a266e19fb42fee7f82edeac28.js Show response
www.gstatic.com/mysidia/ Frame 0997 33 KB
14 KB 46ms
6ms Script
text/javascript 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 09:54:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 517123
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14079
x-xss-protection: 0
last-modified: Tue, 24 Jan 2023 03:52:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 26 Apr 2023 09:54:27 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0997 0
0 50ms
50ms Fetch
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C9M5c1jHaY6SXC8vI2ATui4DYD6jNwpVtjdmg8b8Qh8um06opEAEgoPvqjwFgifPFhPQToAGitKi_A8gBCagDAcgDywSqBIUCT9C01qSexUajcVDGFoUnO2urG-NaqhVEgMcQN6kyEPKFV-D2F478pMctcOImemylgmTf1tSA30RQAlikmbO94qJgeMtucVThETBm8sPE1AJHCaipMapGujSD_ska7Ww7sp8Myz0GalwlxaKaGm0m2SFzx6M2Dl3R--_Fl53pRIBI1J5i1uOOu3F8DsKo0RNvm1KUzZWeD8LgXCp4OpRVowo78agYJi2d5ouShEof4M1GzVYwrQTX0v4aWcJChPOGZFHQdToX4f8BiV0J-ENjbEMtZTwWjPkN2nNsqynbwkfkWw-UbL1jVesaQTLCiYN-6crtl_8mbuEEze0Ma02iaX8r3a6UwASw7_OIlgSSBQQIBBgBkgUECAUYBKAGLoAHxsvXQKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEL7eNtIIDwiAYRABGB8yAooCOgKAQIAKAcgLAbgT5APYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItMTI4NjM0MDMwMzUxMzQ4NBgA&sigh=YlJ66LuouSM&uach_m=[UACH]&cid=CAQSGwDUE5ymSfxsl8Pll2xSDV_DtXMlZPlAvyH5ShgB&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1286340303513484&output=html&h=280&slotname=8311518838&adk=3087661368&adf=4217086742&pi=t.ma~as.8311518838&w=1132&fwrn=4&fwrnh=100&lmt=1675243990&rafmt=1&format=1132x280&url=https%3A%2F%2Fcto.br.media%2Fmedia-pack%2F&host=ca-host-pub-2644536267352236&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675243989900&bpp=2&bdt=1042&idt=241&shv=r20230124&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7636816473716&frm=20&pv=1&ga_vid=1555480699.1675243990&ga_sid=1675243990&ga_hid=1149820971&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=234&ady=176&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071259%2C31071854%2C44779793&oid=2&pvsid=3437753840299782&tmod=220244313&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ztq1h8H7mx&p=https%3A//cto.br.media&dtd=245
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 01 Feb 2023 09:33:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 01 Feb 2023 09:33:10 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/2714303006361358567/ Frame 0997 3 KB
3 KB 41ms
6ms Image
image/png 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2714303006361358567/14763004658117789537?w=400&h=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9025e66f790aba6779d9014aaad71b7897501fface48febd23b195095e03f35b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 01:39:09 GMT
x-content-type-options: nosniff
age: 114841
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2706
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 16:13:20 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 31 Jan 2024 01:39:09 GMT

GET
H2 200 17003236163285306963
tpc.googlesyndication.com/simgad/ Frame 0997 5 KB
5 KB 41ms
6ms Image
image/png 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17003236163285306963?w=100&h=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23acd4cc566960265c6bcbfef13a266556c60965ad94ae827018b7dc036a1ff2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 14:16:05 GMT
x-content-type-options: nosniff
age: 501425
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4970
x-xss-protection: 0
last-modified: Fri, 14 Dec 2018 21:57:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 26 Jan 2024 14:16:05 GMT

GET
DATA 200
OK truncated
/ Frame 0997 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d86960367934f9e3809a4180c829b4e8a6fdbcd20de15308f7fa83398c7384c1

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0997 15 KB
15 KB 5ms
5ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 12:22:22 GMT
x-content-type-options: nosniff
age: 508248
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Jan 2024 12:22:22 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0997 15 KB
16 KB 5ms
5ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:47:18 GMT
x-content-type-options: nosniff
age: 398752
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jan 2024 18:47:18 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0997 15 KB
15 KB 3ms
3ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 16:53:26 GMT
x-content-type-options: nosniff
age: 319184
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jan 2024 16:53:26 GMT

GET
H3 200 2e6kLxeeSlTXLHIHKIZu8zKMmhAlZmQUgR37z8_ueWI.js Show response
pagead2.googlesyndication.com/bg/ Frame 318E 36 KB
14 KB 4ms
3ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/2e6kLxeeSlTXLHIHKIZu8zKMmhAlZmQUgR37z8_ueWI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9eea42f179e4a54d72c720728866ef3328c9a1025666414811dfbcfcfee7962

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 20:53:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 563978
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14224
x-xss-protection: 0
last-modified: Tue, 24 Jan 2023 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 Jan 2024 20:53:32 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301230101/ 150 KB
51 KB 106ms
106ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301230101/reactive_library_fy2021.js?bust=31071854

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301230101/show_ads_impl_fy2021.js?bust=31071854

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed6dfc4c7c38b2cc5aaa92176e9965017a842d3b131b79d8588e091e84b9f824

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52196
x-xss-protection: 0
server: cafe
etag: 11043442911828758360
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Feb 2023 09:33:10 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
42ms Image
image/gif 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pm&rt=4%2C1&c=ca-pub-1286340303513484&eid=44759876%2C44759927%2C44759837%2C31071259%2C31071854%2C44779793

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 09:33:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ca-pub-1286340303513484 Show response
fundingchoicesmessages.google.com/i/ 123 KB
43 KB 126ms
85ms Script
application/javascript 2404:6800:4004:826::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-1286340303513484?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301230101/show_ads_impl_fy2021.js?bust=31071854

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4d24cccf4d9f90678405abba55002512fb0971966adf849087c23ca88c777a14

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-APufIdj1xMt9USeMx9qd4g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:10 GMT
content-security-policy: script-src 'report-sample' 'nonce-APufIdj1xMt9USeMx9qd4g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorServingWebSwitchboardHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorServingWebSwitchboardHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingWebSwitchboardHttp/external"}]}
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 39ms
39ms Image
image/gif 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=1&wpc=ca-pub-1286340303513484&warn=12%2C13&w=1600&h=1200&pp=0&ppp=0&eatf=false&eatfAbg=false&reatf=true&a=6%2C1%2C5%2C7&apv=20230129_093436&sat=1675111951927&afm=2%2C0&as_count=1&d_count=0&ng_count=0&am_count=1&atf_count=1&mdns=0.085&alldns=0.176&allp=21&fd=(0%2C6%2C1)%2C(1%2C2%2C0)%2C(2%2C0%2C0)&pgh=3295&abl=false&rr=n&su=cto.br.media&pvc=3437753840299782&r=0.1&eid=44759876%2C44759927%2C44759837%2C31071259%2C31071854%2C44779793

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 09:33:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 40ms
40ms Image
image/gif 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pr&rt=4%2C1&c=ca-pub-1286340303513484&eid=44759876%2C44759927%2C44759837%2C31071259%2C31071854%2C44779793

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 09:33:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.co.jp/adsid/ 107 B
165 B 45ms
44ms Script
application/javascript 2404:6800:4004:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/adsid/integrator.js?domain=cto.br.media

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301230101/show_ads_impl_fy2021.js?bust=31071854

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 44ms
43ms Script
application/javascript 2404:6800:4004:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cto.br.media

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301230101/show_ads_impl_fy2021.js?bust=31071854

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D536 127 KB
39 KB 648ms
648ms Document
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-1286340303513484&output=html&h=280&adk=753307431&adf=2459396529&pi=t.aa~a.317958716~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1675243991&rafmt=1&to=qs&pwprc=8474524197&format=1200x280&url=https%3A%2F%2Fcto.br.media%2Fmedia-pack%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675243990963&bpp=3&bdt=2105&idt=-M&shv=r20230124&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D59c21fc39db18073-22fc38c57ed90085%3AT%3D1675243990%3ART%3D1675243990%3AS%3DALNI_MZ61cUoAkR6kK4Sn_MNemGO5G4-Xg&gpic=UID%3D00000bb2f74b3a3e%3AT%3D1675243990%3ART%3D1675243990%3AS%3DALNI_Mbe6zvVHgqvCe3lVfhQO5kYiOYInA&prev_fmts=0x0%2C1132x280&nras=2&correlator=7636816473716&frm=20&pv=1&ga_vid=1555480699.1675243990&ga_sid=1675243990&ga_hid=1149820971&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2568&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071259%2C31071854%2C44779793&oid=2&psts=AD37Y7tIGEmBqOP5kyyNQ7sAwq8BZJxdgVAWykdP7158vTDfbE20qFfu56eapUfEnnS_pRseFUE0xqo0HCgdQSk&pvsid=3437753840299782&tmod=220244313&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=oQ1oeYLtNw&p=https%3A//cto.br.media&dtd=93

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301230101/show_ads_impl_fy2021.js?bust=31071854

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b54aaf98a36375b8c46fd32bf218dd24526459706957869001cef90c7acf8630

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cto.br.media/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 40220
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Feb 2023 09:33:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxXE46I9oRfgvjndn3SfeqneRM7_zX6fAzHal6x4a9un93iDtrgv1xoEsJa2g_JJra7q3jNOhg0c2aE7snfounw= Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 87ms
86ms Script
application/javascript 2404:6800:4004:826::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXE46I9oRfgvjndn3SfeqneRM7_zX6fAzHal6x4a9un93iDtrgv1xoEsJa2g_JJra7q3jNOhg0c2aE7snfounw=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjc1MjQzOTkxLDYxMDAwMDAwXSwiOUQzQTI0NjctQjgxMS00NkZGLUExMDEtQkREREJDNEY4OEFFIixudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9jdG8uYnIubWVkaWEvbWVkaWEtcGFjay8iLG51bGwsW1s4LCJwNFV3SkVobVBIRSJdLFs5LCJlbi1VUyJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.p4UwJEhmPHE.es5.O/d=1/rs=AJlcJMzEURBcDnwx0KhuH7OfgahpTtS2ig/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5ae1def11238bd722d4634761ad5fa62807c339ac18e052e5d0ccf1df05c82db

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vpY5-WVrRypTHnIjmnfxvg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:11 GMT
content-security-policy: script-src 'report-sample' 'nonce-vpY5-WVrRypTHnIjmnfxvg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/ Frame DD4D 10 KB
4 KB 3ms
3ms Document
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301230101/show_ads_impl_fy2021.js?bust=31071854

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cto.br.media/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 22585
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Feb 2023 03:16:46 GMT
etag: 10353107486223812946
expires: Wed, 15 Feb 2023 03:16:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/ Frame DD6B 10 KB
4 KB 3ms
2ms Document
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301230101/show_ads_impl_fy2021.js?bust=31071854

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cto.br.media/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 22585
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Feb 2023 03:16:46 GMT
etag: 10353107486223812946
expires: Wed, 15 Feb 2023 03:16:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/ Frame DD4D 2 KB
804 B 11ms
10ms Script
text/javascript 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 23:34:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35948
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Feb 2023 23:34:03 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/ Frame DD4D 22 KB
9 KB 9ms
9ms Script
text/javascript 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

682b9a643ebc5c5b7f54f802fe82d4d9117b6cdff3479110b81afdccfd6148c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 22:52:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38468
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8871
x-xss-protection: 0
server: cafe
etag: 9510037503091481574
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Feb 2023 22:52:03 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/ Frame DD4D 3 KB
1 KB 10ms
9ms Script
text/javascript 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:30:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 180
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Feb 2023 09:30:11 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/ Frame DD4D 18 KB
7 KB 9ms
8ms Script
text/javascript 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90fef9d0acae0cc250d08d7b98da896c6c0dc6bb33999ffce7819fad76e5ff02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 22:36:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39383
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7523
x-xss-protection: 0
server: cafe
etag: 641023367890010850
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Feb 2023 22:36:48 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DD4D 157 KB
48 KB 145ms
144ms Script
text/javascript 2404:6800:400a:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80a::2002 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a482b87b1055665d77c94492bf4739724380d45b00083575738386b2c7ee9d80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49075
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675083396089714"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 01 Feb 2023 09:33:11 GMT

GET
H2 200 8aec859a266e19fb42fee7f82edeac28.js Show response
www.gstatic.com/mysidia/ Frame DD4D 33 KB
14 KB 11ms
10ms Script
text/javascript 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 09:54:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 517124
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14079
x-xss-protection: 0
last-modified: Tue, 24 Jan 2023 03:52:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 26 Apr 2023 09:54:27 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame DD6B 0
0 49ms
49ms Fetch
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CWYSM1jHaY4q0CtrK2ATDpIKYBpSut_5myMSyicMP2tkeEAEgoPvqjwFgifPFhPQToAHJ_ZLLA8gBAqkCRLOH2V3wjj6oAwHIA8kEqgT_AU_QMjnX6c8DO2_x6VUYa_xInd66XzmYHbBMyYQZlA2c2fBB0NBn_BS3z8EIhy5KQ9_0FM5dvqGiXSYBP7PaqyrZsO31JzX0Ut_Uvah4Ijrs2xw_mGKQ2VXHScxhpJ6ezS-L-RsTA_R5n9LFenzP127hwxRDd5VKq8lpDY800tZ7JnIFhBZbMcEeru1oqsqZzlHQu-eD0Tqjl-aKFF2Q3ylKfhLap7K9W4jDwoG87FyQYXlaUrX9NOXVFGyx_Kc_Pi2ss5YHQhFLe7JvxqZ2dLHEhiZTWvuDLfBDy6xkYEcHR4EgpMQN0nl3kBRRw0z7BK9rTGoR82-yufm3cfsoqMAEuLv_2vMDkgUECAQYAZIFBAgFGASgBgKAB5-C7TSoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDsiAbSCA8IgGEQARgfMgKKAjoCgECACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItMTI4NjM0MDMwMzUxMzQ4NBgA&sigh=H6eCmKjh5Og&uach_m=[UACH]&cid=CAQSGwDUE5ympOPQNowpuRGPwNU2t3FyQNwzk2_8QhgB

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 01 Feb 2023 09:33:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/ Frame DD6B 22 KB
9 KB 8ms
8ms Script
text/javascript 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

682b9a643ebc5c5b7f54f802fe82d4d9117b6cdff3479110b81afdccfd6148c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 22:52:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38468
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8871
x-xss-protection: 0
server: cafe
etag: 9510037503091481574
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Feb 2023 22:52:03 GMT

GET
H2 200 2910498119491213038
tpc.googlesyndication.com/daca_images/simgad/ Frame DD6B 29 KB
29 KB 11ms
10ms Image
image/png 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/2910498119491213038

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b1a5f4910ba055ce8310e7956b68be599943c7a7adc1993d93e57df3127cacd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 13:53:53 GMT
x-content-type-options: nosniff
age: 157158
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29740
x-xss-protection: 0
last-modified: Fri, 21 Oct 2022 00:18:02 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 30 Jan 2024 13:53:53 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/ Frame DD6B 3 KB
1 KB 10ms
9ms Script
text/javascript 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:30:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 180
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Feb 2023 09:30:11 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/ Frame DD6B 18 KB
7 KB 9ms
8ms Script
text/javascript 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90fef9d0acae0cc250d08d7b98da896c6c0dc6bb33999ffce7819fad76e5ff02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 22:36:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39383
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7523
x-xss-protection: 0
server: cafe
etag: 641023367890010850
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Feb 2023 22:36:48 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DD6B 157 KB
48 KB 146ms
146ms Script
text/javascript 2404:6800:400a:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80a::2002 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a482b87b1055665d77c94492bf4739724380d45b00083575738386b2c7ee9d80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49075
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675083396089714"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 01 Feb 2023 09:33:11 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/ Frame DD6B 33 KB
13 KB 10ms
9ms Script
text/javascript 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b511b5104524c0b25f553fbaa7c6d92564f0770a222d9ad642bffa36aa3920d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 23:29:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36230
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13488
x-xss-protection: 0
server: cafe
etag: 7956080266137140730
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Feb 2023 23:29:21 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D6FB 143 B
166 B 4ms
3ms Document
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 2889
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Feb 2023 08:45:02 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame DD6B 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: deeb07a584daeb600550f7db9c3eee2349b15206d64a6a1dcc77c9f941cba1a6

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D6FB
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

68ms
67ms

Document
text/html

2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Feb 2023 09:33:11 GMT
expires: Wed, 01 Feb 2023 09:33:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Feb 2023 09:33:11 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 AGSKWxU1sc8dzXSHnTWJJuIBr0xOTfxeYWLOC9wL4JjhTy2DjUuRNNCBjJvUOh0VowVGDLlr2NOOAMGrThLyP42mMeXe5xB8pxBjvoKe1OvgetcrnatRoW1Yqk8cTOto_f98-ZUmfJ7EdQ== Show response
fundingchoicesmessages.google.com/f/ 13 KB
6 KB 99ms
98ms Script
application/javascript 2404:6800:4004:826::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxU1sc8dzXSHnTWJJuIBr0xOTfxeYWLOC9wL4JjhTy2DjUuRNNCBjJvUOh0VowVGDLlr2NOOAMGrThLyP42mMeXe5xB8pxBjvoKe1OvgetcrnatRoW1Yqk8cTOto_f98-ZUmfJ7EdQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjc1MjQzOTkxLDE2MzAwMDAwMF0sIjlEM0EyNDY3LUI4MTEtNDZGRi1BMTAxLUJERERCQzRGODhBRSIsbnVsbCxudWxsLFtudWxsLFs3LDldLG51bGwsMixudWxsLCJlbiJdLCJodHRwczovL2N0by5ici5tZWRpYS9tZWRpYS1wYWNrLyIsbnVsbCxbWzgsInA0VXdKRWhtUEhFIl0sWzksImVuLVVTIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

04e2edc75c2eb41e6b9e3b01e5f092ec62b1e821726c71eeac33d9b44b95a3dc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bvO8OvU743r7Tzj5mq9kVA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:11 GMT
content-security-policy: script-src 'report-sample' 'nonce-bvO8OvU743r7Tzj5mq9kVA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 2e6kLxeeSlTXLHIHKIZu8zKMmhAlZmQUgR37z8_ueWI.js Show response
pagead2.googlesyndication.com/bg/ Frame 3D05 36 KB
14 KB 21ms
21ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/2e6kLxeeSlTXLHIHKIZu8zKMmhAlZmQUgR37z8_ueWI.js

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9eea42f179e4a54d72c720728866ef3328c9a1025666414811dfbcfcfee7962

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 20:53:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 563979
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14224
x-xss-protection: 0
last-modified: Tue, 24 Jan 2023 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 Jan 2024 20:53:32 GMT

GET
H3 200 2e6kLxeeSlTXLHIHKIZu8zKMmhAlZmQUgR37z8_ueWI.js Show response
pagead2.googlesyndication.com/bg/ Frame 097D 36 KB
14 KB 22ms
22ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/2e6kLxeeSlTXLHIHKIZu8zKMmhAlZmQUgR37z8_ueWI.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9eea42f179e4a54d72c720728866ef3328c9a1025666414811dfbcfcfee7962

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 20:53:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 563979
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14224
x-xss-protection: 0
last-modified: Tue, 24 Jan 2023 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 Jan 2024 20:53:32 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame D536 429 B
413 B 40ms
39ms Stylesheet
text/css 2404:6800:4004:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400&text=%E3%81%AA%E3%81%A1%E5%B8%AB%E3%83%9F%E3%80%82%E9%96%80%E3%81%BE%E3%83%B3%E9%A8%93%E3%83%87%E3%83%90%E3%83%AB%E6%95%99%E8%B1%8A%E3%82%B7%E5%AD%A6%E3%81%9F%E3%83%AD%E6%A0%A1%E9%99%A3%E3%82%B0%E3%83%8B%E3%82%B1%E3%83%A7%E5%8A%9B%E3%81%99%E5%B0%82%E3%82%B3%E3%83%A9%E7%B5%8C%E5%AF%8C%E7%94%9F%E3%82%A3%E3%83%BC%E8%82%B2%E3%82%92%E3%81%AE%E3%82%A4%E3%81%8C%E3%83%88%E3%81%BF%E3%83%A5

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-1286340303513484&output=html&h=280&adk=753307431&adf=2459396529&pi=t.aa~a.317958716~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1675243991&rafmt=1&to=qs&pwprc=8474524197&format=1200x280&url=https%3A%2F%2Fcto.br.media%2Fmedia-pack%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675243990963&bpp=3&bdt=2105&idt=-M&shv=r20230124&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D59c21fc39db18073-22fc38c57ed90085%3AT%3D1675243990%3ART%3D1675243990%3AS%3DALNI_MZ61cUoAkR6kK4Sn_MNemGO5G4-Xg&gpic=UID%3D00000bb2f74b3a3e%3AT%3D1675243990%3ART%3D1675243990%3AS%3DALNI_Mbe6zvVHgqvCe3lVfhQO5kYiOYInA&prev_fmts=0x0%2C1132x280&nras=2&correlator=7636816473716&frm=20&pv=1&ga_vid=1555480699.1675243990&ga_sid=1675243990&ga_hid=1149820971&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2568&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071259%2C31071854%2C44779793&oid=2&psts=AD37Y7tIGEmBqOP5kyyNQ7sAwq8BZJxdgVAWykdP7158vTDfbE20qFfu56eapUfEnnS_pRseFUE0xqo0HCgdQSk&pvsid=3437753840299782&tmod=220244313&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=oQ1oeYLtNw&p=https%3A//cto.br.media&dtd=93

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81f::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

340d15169f24ffce160dd06ab0306a4bf1dd650dd1ce46d3a5674282175f1e39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 01 Feb 2023 09:33:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 09:33:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 01 Feb 2023 09:33:11 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame D536 8 KB
895 B 40ms
39ms Stylesheet
text/css 2404:6800:4004:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81f::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 01 Feb 2023 09:33:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 08:59:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 01 Feb 2023 09:33:11 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/ Frame D536 2 KB
765 B 3ms
2ms Script
text/javascript 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 23:34:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35948
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Feb 2023 23:34:03 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/ Frame D536 22 KB
9 KB 3ms
2ms Script
text/javascript 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

682b9a643ebc5c5b7f54f802fe82d4d9117b6cdff3479110b81afdccfd6148c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 22:52:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38468
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8871
x-xss-protection: 0
server: cafe
etag: 9510037503091481574
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Feb 2023 22:52:03 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/ Frame D536 3 KB
1 KB 4ms
3ms Script
text/javascript 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 22:36:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39383
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Feb 2023 22:36:48 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/ Frame D536 18 KB
7 KB 5ms
4ms Script
text/javascript 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90fef9d0acae0cc250d08d7b98da896c6c0dc6bb33999ffce7819fad76e5ff02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 22:36:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39383
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7523
x-xss-protection: 0
server: cafe
etag: 641023367890010850
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Feb 2023 22:36:48 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D536 157 KB
48 KB 127ms
126ms Script
text/javascript 2404:6800:400a:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:80a::2002 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a482b87b1055665d77c94492bf4739724380d45b00083575738386b2c7ee9d80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49075
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675083396089714"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 01 Feb 2023 09:33:11 GMT

GET
H3 200 8aec859a266e19fb42fee7f82edeac28.js Show response
www.gstatic.com/mysidia/ Frame D536 33 KB
14 KB 5ms
4ms Script
text/javascript 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 09:54:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 517124
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14079
x-xss-protection: 0
last-modified: Tue, 24 Jan 2023 03:52:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 26 Apr 2023 09:54:27 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D536 0
0 49ms
48ms Fetch
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C_LOt1zHaY5bkBZKG29gPxK2O0AKXg5jrY4fL5cWyDvTCtauuARABIKD76o8BYInzxYT0E6AB4I35ngHIAQmpArcWsazAg0A-qAMByAPLBKoEmgJP0K2E0MwxrDyo1EISD_f-F2P-5juJtGcuAwkvijTDP0uF54pJyH0pi-yiXlZcZacAMBgW-37UcReGgXC7AXGYXptyQzxz5wmPrsP_BERECxw5wZNakM3Pt05FTrq8PnXpWDD2nBL37yRzppbhmaEPVNRNfyiNh2kIGcQ3-7gZOBrJozceD4aYwglFVulA0LKHOWfGXEPPUFJMV6N0AZHT8Yu_JJIjc0JscTy6DmGb-m6csK8fBCRQlsXtvIsrBXwJpvBvEz-GbM8wtTfAovYHT9VCU7ynQjo--dx3DhOeU5ql4ZBn6DNUTzPK4Y8znUbjdg7Y62F8Ew0bWhpEDeVx9C2B2HsF0dy61PDY9LlvuCQ-kjJpT0BE3HbABMzW0-_XA5IFBAgEGAGSBQQIBRgEoAYugAeI8obhAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEP7BENIIDwiAYRABGB8yAooCOgKAQIAKAcgLAbgTiATYEwrQFQGAFwGyFxwKGggAEhRwdWItMTI4NjM0MDMwMzUxMzQ4NBgA&sigh=bFXOgRFE238&uach_m=[UACH]&cid=CAQSOwDUE5ymeLTkxQxSoq0TleUuh4XQkksbf902YQ9UQ7NyUBCV5QKTanbOvj_1xI8n7OuegWkTvmTRlXIjGAE&template_id=520

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-1286340303513484&output=html&h=280&adk=753307431&adf=2459396529&pi=t.aa~a.317958716~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1675243991&rafmt=1&to=qs&pwprc=8474524197&format=1200x280&url=https%3A%2F%2Fcto.br.media%2Fmedia-pack%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675243990963&bpp=3&bdt=2105&idt=-M&shv=r20230124&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D59c21fc39db18073-22fc38c57ed90085%3AT%3D1675243990%3ART%3D1675243990%3AS%3DALNI_MZ61cUoAkR6kK4Sn_MNemGO5G4-Xg&gpic=UID%3D00000bb2f74b3a3e%3AT%3D1675243990%3ART%3D1675243990%3AS%3DALNI_Mbe6zvVHgqvCe3lVfhQO5kYiOYInA&prev_fmts=0x0%2C1132x280&nras=2&correlator=7636816473716&frm=20&pv=1&ga_vid=1555480699.1675243990&ga_sid=1675243990&ga_hid=1149820971&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2568&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071259%2C31071854%2C44779793&oid=2&psts=AD37Y7tIGEmBqOP5kyyNQ7sAwq8BZJxdgVAWykdP7158vTDfbE20qFfu56eapUfEnnS_pRseFUE0xqo0HCgdQSk&pvsid=3437753840299782&tmod=220244313&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=oQ1oeYLtNw&p=https%3A//cto.br.media&dtd=93
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 01 Feb 2023 09:33:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 400 data=sOZKU44bCuhw67SUeFng2lZpAh2yE-rrqHLRxSfzDMnchozvH85VFWNNgHKUX2ghSysB1mtqfDpjBdl4SLrARkGycH3Q
mts0.google.com/vt/ Frame D536 0
0 79ms
37ms Image
text/html 2404:6800:4004:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mts0.google.com/vt/data=sOZKU44bCuhw67SUeFng2lZpAh2yE-rrqHLRxSfzDMnchozvH85VFWNNgHKUX2ghSysB1mtqfDpjBdl4SLrARkGycH3Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-1286340303513484&output=html&h=280&adk=753307431&adf=2459396529&pi=t.aa~a.317958716~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1675243991&rafmt=1&to=qs&pwprc=8474524197&format=1200x280&url=https%3A%2F%2Fcto.br.media%2Fmedia-pack%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675243990963&bpp=3&bdt=2105&idt=-M&shv=r20230124&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D59c21fc39db18073-22fc38c57ed90085%3AT%3D1675243990%3ART%3D1675243990%3AS%3DALNI_MZ61cUoAkR6kK4Sn_MNemGO5G4-Xg&gpic=UID%3D00000bb2f74b3a3e%3AT%3D1675243990%3ART%3D1675243990%3AS%3DALNI_Mbe6zvVHgqvCe3lVfhQO5kYiOYInA&prev_fmts=0x0%2C1132x280&nras=2&correlator=7636816473716&frm=20&pv=1&ga_vid=1555480699.1675243990&ga_sid=1675243990&ga_hid=1149820971&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2568&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071259%2C31071854%2C44779793&oid=2&psts=AD37Y7tIGEmBqOP5kyyNQ7sAwq8BZJxdgVAWykdP7158vTDfbE20qFfu56eapUfEnnS_pRseFUE0xqo0HCgdQSk&pvsid=3437753840299782&tmod=220244313&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=oQ1oeYLtNw&p=https%3A//cto.br.media&dtd=93
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:823::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame D536 297 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D536 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D536 462 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01cbb105faef1373e9d53ddc5e62c9c7b5f66cbc64c2c045a3daec0328b831e6

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D536 465 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0997 42 B
174 B 43ms
42ms Fetch
image/gif 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssac52lVhnTNgiukjnWT2hmmYI0cFKmBpnj5Gnxhezv3fmNXfXv6_kVXJYDYmRPXdToLXknIS1XbXohBa39b9c--Dm9W5ApY3W7O7mnsMAGAROeZW940F8-A-JFEirewjOxU3o&sai=AMfl-YRNCTxWSzyMq8sfvk_WmSVlCMVwuJaY3toQqOc-S94caL-keUyShoWPM9e7jPmTJZCgG5cvsVNEq6ZC&sig=Cg0ArKJSzENId1ttzCPQEAE&cid=CAQSGwDUE5ymSfxsl8Pll2xSDV_DtXMlZPlAvyH5ShgB&id=lidar2&mcvt=1019&p=0,0,280,1132&mtos=1019,1019,1019,1019,1019&tos=1019,0,0,0,0&v=20230130&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3087661368&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1675243990146&rpt=603&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 09:33:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 308C 1 KB
643 B 3ms
2ms Document
text/html 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 11262
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Feb 2023 06:25:29 GMT
etag: 48472445140208031
expires: Thu, 02 Feb 2023 06:25:29 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D536 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4d0beb3e0a3d113bbfc2ac87742e99777fb5bcc37dd5378aae497eaa8ad3ef2c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 308C
Redirect Chain

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEBShtRyIX1fA_Cte5EzkvWA&google_cver=1&google_push=Aa02lx9RS7hHKQUaK6vmr1Lq_hHuRFHUlMJby0LBDKufcnTY96E1Bap2KAgUjTECI_GjRXlX0KVp1...
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=Aa02lx9RS7hHKQUaK6vmr1Lq_hHuRFHUlMJby0LBDKufcnTY96E1Bap2KAgUjTECI_GjRXlX0KVp1gVZW_zdJiQ6KjJr9V40RfCDeg

170 B
232 B

54ms
53ms

Image
image/png

142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=Aa02lx9RS7hHKQUaK6vmr1Lq_hHuRFHUlMJby0LBDKufcnTY96E1Bap2KAgUjTECI_GjRXlX0KVp1gVZW_zdJiQ6KjJr9V40RfCDeg

Protocol

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 09:33:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 01 Feb 2023 09:33:11 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: F677398ACAC742AAA4934B42E0C3CE5B Ref B: TYBEDGE0409 Ref C: 2023-02-01T09:33:11Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=Aa02lx9RS7hHKQUaK6vmr1Lq_hHuRFHUlMJby0LBDKufcnTY96E1Bap2KAgUjTECI_GjRXlX0KVp1gVZW_zdJiQ6KjJr9V40RfCDeg
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXzoCMMB8g296jvEnr5cQ==

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 308C
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEOLNw49EU8mz0B6esoV_oqk&google_cver=1&google_push=Aa02lx91Rg_Eal39Axrd4ZXbEvBkRMDDb7E0XYZuRpTA63cQnjseL3igIGvWJX2qkKv2HctA4eLOeCY7d3XvhNHf4e5mfeiWE2hAfQ
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=Aa02lx91Rg_Eal39Axrd4ZXbEvBkRMDDb7E0XYZuRpTA63cQnjseL3igIGvWJX2qkKv2HctA4eLOeCY7d3XvhNHf4e5mfeiWE2hAfQ&google_hm=Q0FFU0VPTE53NDlFVTh...

170 B
232 B

51ms
51ms

Image
image/png

142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=Aa02lx91Rg_Eal39Axrd4ZXbEvBkRMDDb7E0XYZuRpTA63cQnjseL3igIGvWJX2qkKv2HctA4eLOeCY7d3XvhNHf4e5mfeiWE2hAfQ&google_hm=Q0FFU0VPTE53NDlFVThtejBCNmVzb1Zfb3Fr

Protocol

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 09:33:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Feb 2023 09:33:11 GMT
via: 1.1 af457ba15a82a147c22b94a85de74088.cloudfront.net (CloudFront)
server: Apache-Coyote/1.1
x-amz-cf-pop: NRT12-C5
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=Aa02lx91Rg_Eal39Axrd4ZXbEvBkRMDDb7E0XYZuRpTA63cQnjseL3igIGvWJX2qkKv2HctA4eLOeCY7d3XvhNHf4e5mfeiWE2hAfQ&google_hm=Q0FFU0VPTE53NDlFVThtejBCNmVzb1Zfb3Fr
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: KHqyieo_gqTxdeIbunod_qdOngBzT7OEPeIck6P0qlwpS5x6-y-7wg==
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 308C
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEP4leSvtZanwf70sq89e7t8&google_cver=1&google_push=Aa02lx-55AgW-fSdAQMHTOpL5QIa408tkxbnboY-FhkM-CL9qHEjJIm0eQSvC7Gp8rG7B83WNFjLWYwf3m9KmDN...
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=z6aZDIK8Q7xNSLRwj-71ydmK_Kc&google_push=Aa02lx-55AgW-fSdAQMHTOpL5QIa408tkxbnboY-FhkM-CL9qHEjJIm0eQSvC7Gp8rG7B83WNFjLWYwf3m9KmD...

170 B
188 B

44ms
43ms

Image
image/png

142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=z6aZDIK8Q7xNSLRwj-71ydmK_Kc&google_push=Aa02lx-55AgW-fSdAQMHTOpL5QIa408tkxbnboY-FhkM-CL9qHEjJIm0eQSvC7Gp8rG7B83WNFjLWYwf3m9KmDNpE3NAlgTTHlVv2w

Protocol

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 09:33:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=z6aZDIK8Q7xNSLRwj-71ydmK_Kc&google_push=Aa02lx-55AgW-fSdAQMHTOpL5QIa408tkxbnboY-FhkM-CL9qHEjJIm0eQSvC7Gp8rG7B83WNFjLWYwf3m9KmDNpE3NAlgTTHlVv2w
Date: Wed, 01 Feb 2023 09:33:12 GMT
Connection: keep-alive
Content-Length: 244
Content-Type: text/html; charset=utf-8

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 308C
Redirect Chain

https://sync.dsp.reemo-ad.jp/google_adx?google_gid=CAESENp8u-RCKdUNO8JBGmPsDlc&google_cver=1&google_push=Aa02lx_wNaLAaDH2yKxfPS4IDLi-T002nL8sE9DFkEJxyYll0-3YWh1a4hwZHSZuVvRO_dq0_oPZjEmTYp3NFrXU7NwV...
https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=Aa02lx_wNaLAaDH2yKxfPS4IDLi-T002nL8sE9DFkEJxyYll0-3YWh1a4hwZHSZuVvRO_dq0_oPZjEmTYp3NFrXU7NwVSr3rHZIxvA

170 B
329 B

72ms
42ms

Image
image/png

142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=Aa02lx_wNaLAaDH2yKxfPS4IDLi-T002nL8sE9DFkEJxyYll0-3YWh1a4hwZHSZuVvRO_dq0_oPZjEmTYp3NFrXU7NwVSr3rHZIxvA

Requested by

Protocol

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 09:33:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=Aa02lx_wNaLAaDH2yKxfPS4IDLi-T002nL8sE9DFkEJxyYll0-3YWh1a4hwZHSZuVvRO_dq0_oPZjEmTYp3NFrXU7NwVSr3rHZIxvA
date: Wed, 01 Feb 2023 09:33:11 GMT
server: nginx

GET
H/1.1 404
Not Found doubleclick
app.cauly.co.kr/idsync_ssp/ Frame 308C 0
161 B 116ms
41ms Image
application/xml 133.186.161.88
NHN-AS-KR NHN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.cauly.co.kr/idsync_ssp/doubleclick?google_gid=CAESEOfPSZkc5Bw_558osJhkZFM&google_cver=1&google_push=Aa02lx_0JNvRV1QCSw7oP4gTnOwZ3gW6yb0GrGeDPlNO5NxRZ4SUMVBHwna4cmNMKiZs8ymewVyscuSj4v64GxdzE_OHQfNNmx1gtw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-1286340303513484&output=html&h=280&adk=753307431&adf=2459396529&pi=t.aa~a.317958716~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1675243991&rafmt=1&to=qs&pwprc=8474524197&format=1200x280&url=https%3A%2F%2Fcto.br.media%2Fmedia-pack%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675243990963&bpp=3&bdt=2105&idt=-M&shv=r20230124&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D59c21fc39db18073-22fc38c57ed90085%3AT%3D1675243990%3ART%3D1675243990%3AS%3DALNI_MZ61cUoAkR6kK4Sn_MNemGO5G4-Xg&gpic=UID%3D00000bb2f74b3a3e%3AT%3D1675243990%3ART%3D1675243990%3AS%3DALNI_Mbe6zvVHgqvCe3lVfhQO5kYiOYInA&prev_fmts=0x0%2C1132x280&nras=2&correlator=7636816473716&frm=20&pv=1&ga_vid=1555480699.1675243990&ga_sid=1675243990&ga_hid=1149820971&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2568&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071259%2C31071854%2C44779793&oid=2&psts=AD37Y7tIGEmBqOP5kyyNQ7sAwq8BZJxdgVAWykdP7158vTDfbE20qFfu56eapUfEnnS_pRseFUE0xqo0HCgdQSk&pvsid=3437753840299782&tmod=220244313&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=oQ1oeYLtNw&p=https%3A//cto.br.media&dtd=93
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 133.186.161.88 , Japan, ASN45974 (NHN-AS-KR NHN, KR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Wed, 01 Feb 2023 09:33:11 GMT
Server: nginx
Connection: close
Content-Length: 0
Content-Type: Application/xml;charset=UTF-8

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 308C
Redirect Chain

https://cc.adingo.jp/adx/push/?google_gid=CAESEFWnkt7JaKLagJv7gDlKTVk&google_cver=1&google_push=Aa02lx_ljXxmd7UVwQ5NpQuoLPjCHCdZGZ3INwe5XnHpDNwwDSs31i_zYIfCXpOSFC8Ab3XkgXOVHeT7Px3vhcVTolREaNXHE29OuA
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=Aa02lx_ljXxmd7UVwQ5NpQuoLPjCHCdZGZ3INwe5XnHpDNwwDSs31i_zYIfCXpOSFC8Ab3XkgXOVHeT7Px3vhcVTolREaNXHE29OuA&google_hm=8afc5cad978488832...

170 B
232 B

83ms
62ms

Image
image/png

142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=Aa02lx_ljXxmd7UVwQ5NpQuoLPjCHCdZGZ3INwe5XnHpDNwwDSs31i_zYIfCXpOSFC8Ab3XkgXOVHeT7Px3vhcVTolREaNXHE29OuA&google_hm=8afc5cad9784888324003aed90f3de8e

Requested by

Protocol

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 09:33:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=Aa02lx_ljXxmd7UVwQ5NpQuoLPjCHCdZGZ3INwe5XnHpDNwwDSs31i_zYIfCXpOSFC8Ab3XkgXOVHeT7Px3vhcVTolREaNXHE29OuA&google_hm=8afc5cad9784888324003aed90f3de8e
date: Wed, 01 Feb 2023 09:33:11 GMT
content-type: text/html; charset=UTF-8
server: nginx
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 308C
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEO2lWiuKw7-6sqXxJvSX5qo&google_cver=1&google_push=Aa02lx_6FJy5IKThm...
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEO2lWiuKw7-6sqXxJvSX5qo%26goo...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjM0ODUyNDU0ODIzMjg5Nzc3Mw%3D%3D&google_gid=CAESEO2lWiuKw7-6sqXxJvSX5qo&google_cver=1&google_push=Aa02lx_6FJy5IKThmrQqp0TH6hOgXOu_MC...

170 B
188 B

43ms
42ms

Image
image/png

142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjM0ODUyNDU0ODIzMjg5Nzc3Mw%3D%3D&google_gid=CAESEO2lWiuKw7-6sqXxJvSX5qo&google_cver=1&google_push=Aa02lx_6FJy5IKThmrQqp0TH6hOgXOu_MCrWHrrOB3UQSEDx3XR_Fg2SmymR9-7VUc6kmvHN3q5hgwcjBGgs8zNFfAsQQf1OIts_CA

Protocol

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 09:33:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 01 Feb 2023 09:33:12 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.138.252.167; 217.138.252.167; 602.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: b7941638-91e1-4b41-bef0-28b0cd15dd69
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjM0ODUyNDU0ODIzMjg5Nzc3Mw%3D%3D&google_gid=CAESEO2lWiuKw7-6sqXxJvSX5qo&google_cver=1&google_push=Aa02lx_6FJy5IKThmrQqp0TH6hOgXOu_MCrWHrrOB3UQSEDx3XR_Fg2SmymR9-7VUc6kmvHN3q5hgwcjBGgs8zNFfAsQQf1OIts_CA
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 308C 0
130 B 80ms
38ms Image
text/html 142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I3EaNy0ptefEF8mzgPu7Ayeb6O044X7ZKw2LY_txbJFXyKWtraSuNhZuDfmHHBc_LJTQgM4A

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:11 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame D536 28 KB
28 KB 122ms
122ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 10:52:06 GMT
x-content-type-options: nosniff
age: 600066
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Jan 2024 10:52:06 GMT

GET
H3 200 font
fonts.gstatic.com/l/ Frame D536 17 KB
17 KB 12ms
12ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F62fjtqLzI2JPCgQBnw7HFowxqo07TlBQmUnzrhQ3hzT1e-IiMW_l3n5UTMgb-R_o_PV5ihaSLtsVznAb7pmDrqzHBB7agqCh4wFFJFqsMQzaahXZAhjrh59TrN5nll-vR-ww7Nhv4JlI8E8Z5paiZTPcF_ttpO-77xGH0guWlARTdnqtMCs6tLA9XKn9NkYLq2f908nZVct3VSMEYwPj-8i2hXg9N2gIXoxmi17ob8D0nFIkZmRQ&skey=72472b0eb8793570&v=v42

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400&text=%E3%81%AA%E3%81%A1%E5%B8%AB%E3%83%9F%E3%80%82%E9%96%80%E3%81%BE%E3%83%B3%E9%A8%93%E3%83%87%E3%83%90%E3%83%AB%E6%95%99%E8%B1%8A%E3%82%B7%E5%AD%A6%E3%81%9F%E3%83%AD%E6%A0%A1%E9%99%A3%E3%82%B0%E3%83%8B%E3%82%B1%E3%83%A7%E5%8A%9B%E3%81%99%E5%B0%82%E3%82%B3%E3%83%A9%E7%B5%8C%E5%AF%8C%E7%94%9F%E3%82%A3%E3%83%BC%E8%82%B2%E3%82%92%E3%81%AE%E3%82%A4%E3%81%8C%E3%83%88%E3%81%BF%E3%83%A5

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d68809d25238182f26fcee1f2ec396b99b256d1c9fc5d94dc51fc3da5ec7d021

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 15:53:10 GMT
x-content-type-options: nosniff
age: 63601
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17368
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 23:11:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Tue, 31 Jan 2023 15:53:10 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 61ms
60ms XHR
application/json 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230124&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301230101/show_ads_impl_fy2021.js?bust=31071854

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78402ec9128091f8b2e27f216eac4cc38edac0cc04d7f0b9ed76adf46a5eb675

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11321
x-xss-protection: 0

GET
H3 200 2e6kLxeeSlTXLHIHKIZu8zKMmhAlZmQUgR37z8_ueWI.js Show response
pagead2.googlesyndication.com/bg/ Frame 35CB 36 KB
14 KB 13ms
13ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/2e6kLxeeSlTXLHIHKIZu8zKMmhAlZmQUgR37z8_ueWI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9eea42f179e4a54d72c720728866ef3328c9a1025666414811dfbcfcfee7962

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 20:53:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 563979
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14224
x-xss-protection: 0
last-modified: Tue, 24 Jan 2023 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 Jan 2024 20:53:32 GMT

POST
H3 204 mod_pagespeed_beacon Show response
cto.br.media/ 0
430 B 243ms
243ms XHR
text/plain 2606:4700:3036::ac43:cab9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cto.br.media/mod_pagespeed_beacon?url=http%3A%2F%2Fcto.br.media%2Fmedia-pack%2F

Requested by

Host: cto.br.media
URL: https://cto.br.media/media-pack/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:cab9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://cto.br.media/media-pack/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 01 Feb 2023 09:33:12 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jlb6bMtjj7yIKzvT1gRD4f8Q7J0VV9WaYNt7e2iu7Rgj883Lqa%2BIvwou1ZpFxrFsLj%2BLyEmYQvL1hkFjAyPOo9IB8Vxy1fdLrMqeCp8v8kqP707wsIUnTXfMQaWGSGDt1eN8wIDfentBjPE%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=0, no-cache
cf-ray: 7929af259a1a3535-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 78ms
77ms Script
text/javascript 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301230101/show_ads_impl_fy2021.js?bust=31071854

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 01 Feb 2023 09:33:12 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DF3D 13 KB
5 KB 5ms
4ms Document
text/html 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cto.br.media/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 109728
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 03:04:24 GMT
expires: Wed, 31 Jan 2024 03:04:24 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame BF01 783 B
970 B 45ms
42ms Document
text/html 2404:6800:4004:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80a::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cf20294f6699db6e2b194896113f683352ef34687f7c01846733fc22704dac63

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-In8UwUzeVHCXLoSt7PWqgg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cto.br.media/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-In8UwUzeVHCXLoSt7PWqgg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 01 Feb 2023 09:33:12 GMT
expires: Wed, 01 Feb 2023 09:33:12 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 CVWD2nJNUzbSofuWlZwBPxvQXb897jpMaT8Oq2Cr1NY.js Show response
pagead2.googlesyndication.com/bg/ Frame DF3D 36 KB
14 KB 5ms
5ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CVWD2nJNUzbSofuWlZwBPxvQXb897jpMaT8Oq2Cr1NY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

095583da724d5336d2a1fb96959c013f1bd05dbf3dee3a4c693f0eab60abd4d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 15:29:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 324198
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14191
x-xss-protection: 0
last-modified: Thu, 19 Jan 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 28 Jan 2024 15:29:54 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame BF01 0
0 41ms
40ms Image
text/html 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230124&jk=3437753840299782&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame DF3D 0
10 B 2ms
2ms Image
text/plain 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?A06leQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:12 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
69 B 60ms
59ms Image
image/gif 2404:6800:4004:826::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=1.6304396942792634

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-E7refDls0fxn72D5X8M7GQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:12 GMT
content-security-policy: script-src 'report-sample' 'nonce-E7refDls0fxn72D5X8M7GQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorServingDetectionHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorServingDetectionHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingDetectionHttp/external"}]}
content-type: image/gif
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 236ms
234ms Image
image/gif 2404:6800:4004:826::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=2.7814509883089547

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-zC_8-KNsU90eRCpp13fQtg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:12 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-zC_8-KNsU90eRCpp13fQtg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DD6B 42 B
64 B 45ms
44ms Fetch
image/gif 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsub7UvZpC5-bPOhTyZPSwg6NcM7xoqZ02RA0thddZbsmqND-xmsfMKaoJks9Mdi0EqaJ9c36BYRYTQo-qn-4mNOcALrccRyk3QqEOKy8leSJfXtypxGVpKul1KcJKrFV4iy42Q&sai=AMfl-YSyvVD7K7kiBo-jMmb-HuE9U_amGAdqaF2dYC8h0LJN90nWh2vPXeVohDZKNl36BrCen1kHVXSOcYsU&sig=Cg0ArKJSzGgnhJLM-8DvEAE&cid=CAQSGwDUE5ympOPQNowpuRGPwNU2t3FyQNwzk2_8QhgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=123,807,1000,1141,1141&tos=123,684,193,141,0&v=20230130&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1675243991065&rpt=258&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 09:33:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUnbMCzajH-ZtBaNslazhhZa98OY8836shTPEXhLi7t12BT1yCF9ep9l7wVin_LLQhNtK9SG4DjF5VKeahXwJHiiA96r_htZ8iPB2DHV3sFfgERq5EQHiE9KgTt5q2deYc0DxwIFA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 92ms
49ms XHR
text/html 2404:6800:4004:826::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUnbMCzajH-ZtBaNslazhhZa98OY8836shTPEXhLi7t12BT1yCF9ep9l7wVin_LLQhNtK9SG4DjF5VKeahXwJHiiA96r_htZ8iPB2DHV3sFfgERq5EQHiE9KgTt5q2deYc0DxwIFA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-s6eoTw59d0wM-KXKok8LIQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cto.br.media/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 01 Feb 2023 09:33:12 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-s6eoTw59d0wM-KXKok8LIQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://cto.br.media
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 44ms
44ms Image
text/html 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230124&jk=3437753840299782&bg=!IyClIGTNAAZSrDxfcqw7ACkAdvg8WsuKajmtex_DBM6JxgpG6SSKTejG92XQ44yeYjZUWpxgJJUBlwIAAABSUgAAAANoAQeZAposnXzyfvU-Kmt43vI6WMjuSs-7LLYRmXH6uHQ68EZfB96SG4Sp-x8W8MomAYlOwHztua1sbLKNNxsdQo4qjzMJ7ZWRebYYbksez7XoCiMAggmBoOJogziYckS6CBs1qHBYyLBIFWR09EiBwKeGoN8kIiyUAkI706sXg5P23aHPGxKZmo8xVjwEMJoUayj7QNWFSgOTJfCsC1mDbkndJR1T8guM6Brv0xOdZz8tZyiSqJ3OvDGa9W4tnfGOwUtyBcLYHSRncLKF7Is-BGlfBWkMxYvScCA8feejXCOlLdVHYJ_5I3YtH9PqpLMrGIDUdwFXs8-JucmgOZSoFA-QaMgSrecJ00hnOPjyOgGiTSTggXKo6DrwJtYXYaetrPoy15UyTefyQ5hVb203yFSRITMLszBDkq1zJp50j-G_Sd1mWNiH1Gcj93LPrcMpkwnt_9h-Gc2XwxegdSfUOh9wyS7PCEKYPms6u8Twdkhn43X3Dq1fV3qjuVGxV3l0BUw7edONpG3-3YGy1brfeR965l56BZuFG1XfiosRVdz9MYR0EdagHepshGmillw5krKSrXryfYOj99_WP6rqa3k6L-gwk1qvO-pBRghHk0V64P5YgkZRIote1zwYltFqhxxKeA2CU3Lo_iYzMw8wvs61sI5xYxhmbVqrGD1AlzZwucLVYHRJfg5KsoPgmYiIW29uLJFyPFAInm8mxnrOkbU2gGv6DpJgrZUf-TSg6Q4HLhBmMoa6NaeYxCFviTlTEnXaEwU86tRp2U4txIYBa-jp1RoyGsWE6uZLKJVpIpY6Y0fTN9WJ5_Jgu12tb7E9PzBolaB6FtucYm6shwWx4kDjzTE9QHq8uyeV-ZMHbODpP5g6tlylKTlviytkzbE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H3 200 ag. Show response
fundingchoicesmessages.google.com/f/AGSKWxV0bDgW61d_NoN_RsGD5cC2UuX1UmtvS9WJVIZyyZD1omE9jmf9BQR-RoJIU3RWhpJ1xXllgysyBBO0xJHN9Dnb34EKW8-yUpY0AZUoXHFRjX_t15iUzcb9Rns1zE7snjMMw2Dt9AfQ0YBHSWW7APXnAis8O... 54 B
108 B 56ms
56ms Script
application/javascript 2404:6800:4004:826::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxV0bDgW61d_NoN_RsGD5cC2UuX1UmtvS9WJVIZyyZD1omE9jmf9BQR-RoJIU3RWhpJ1xXllgysyBBO0xJHN9Dnb34EKW8-yUpY0AZUoXHFRjX_t15iUzcb9Rns1zE7snjMMw2Dt9AfQ0YBHSWW7APXnAis8OrMr1avWtQwLEIBtTRjXCwLba4ouznS0/_/sidead3./googlead._ad&zone=/openx-/delivery/ag.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.p4UwJEhmPHE.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMzEURBcDnwx0KhuH7OfgahpTtS2ig/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

54f8ac5c58df077620adb1d87a5a775e8e9bb60445910b9c187c89ec39441367

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-h1m4g189ushlzTwAtJb9xg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:13 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-h1m4g189ushlzTwAtJb9xg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
67 B 5ms
5ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js?fcd=true

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.p4UwJEhmPHE.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMzEURBcDnwx0KhuH7OfgahpTtS2ig/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 22:48:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38707
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
server: cafe
etag: 13036835877489095579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Feb 2023 22:48:06 GMT

POST
H3 204 AGSKWxUnbMCzajH-ZtBaNslazhhZa98OY8836shTPEXhLi7t12BT1yCF9ep9l7wVin_LLQhNtK9SG4DjF5VKeahXwJHiiA96r_htZ8iPB2DHV3sFfgERq5EQHiE9KgTt5q2deYc0DxwIFA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 51ms
50ms XHR
text/html 2404:6800:4004:826::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUnbMCzajH-ZtBaNslazhhZa98OY8836shTPEXhLi7t12BT1yCF9ep9l7wVin_LLQhNtK9SG4DjF5VKeahXwJHiiA96r_htZ8iPB2DHV3sFfgERq5EQHiE9KgTt5q2deYc0DxwIFA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-kltb5fCe_iRmLN6b7giQcA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cto.br.media/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 01 Feb 2023 09:33:13 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-kltb5fCe_iRmLN6b7giQcA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://cto.br.media
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUnbMCzajH-ZtBaNslazhhZa98OY8836shTPEXhLi7t12BT1yCF9ep9l7wVin_LLQhNtK9SG4DjF5VKeahXwJHiiA96r_htZ8iPB2DHV3sFfgERq5EQHiE9KgTt5q2deYc0DxwIFA== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 220ms
220ms XHR
text/html 2404:6800:4004:826::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUnbMCzajH-ZtBaNslazhhZa98OY8836shTPEXhLi7t12BT1yCF9ep9l7wVin_LLQhNtK9SG4DjF5VKeahXwJHiiA96r_htZ8iPB2DHV3sFfgERq5EQHiE9KgTt5q2deYc0DxwIFA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-pXcBSbF6hQX7L5hTpqJhgg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cto.br.media/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 01 Feb 2023 09:33:13 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-pXcBSbF6hQX7L5hTpqJhgg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://cto.br.media
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUnbMCzajH-ZtBaNslazhhZa98OY8836shTPEXhLi7t12BT1yCF9ep9l7wVin_LLQhNtK9SG4DjF5VKeahXwJHiiA96r_htZ8iPB2DHV3sFfgERq5EQHiE9KgTt5q2deYc0DxwIFA== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 174ms
173ms XHR
text/html 2404:6800:4004:826::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUnbMCzajH-ZtBaNslazhhZa98OY8836shTPEXhLi7t12BT1yCF9ep9l7wVin_LLQhNtK9SG4DjF5VKeahXwJHiiA96r_htZ8iPB2DHV3sFfgERq5EQHiE9KgTt5q2deYc0DxwIFA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Yr-nRT2wuzjaUzYmsOPIHg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cto.br.media/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 01 Feb 2023 09:33:13 GMT
content-security-policy: script-src 'report-sample' 'nonce-Yr-nRT2wuzjaUzYmsOPIHg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://cto.br.media
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUnbMCzajH-ZtBaNslazhhZa98OY8836shTPEXhLi7t12BT1yCF9ep9l7wVin_LLQhNtK9SG4DjF5VKeahXwJHiiA96r_htZ8iPB2DHV3sFfgERq5EQHiE9KgTt5q2deYc0DxwIFA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 230ms
230ms XHR
text/html 2404:6800:4004:826::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUnbMCzajH-ZtBaNslazhhZa98OY8836shTPEXhLi7t12BT1yCF9ep9l7wVin_LLQhNtK9SG4DjF5VKeahXwJHiiA96r_htZ8iPB2DHV3sFfgERq5EQHiE9KgTt5q2deYc0DxwIFA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qn58RVW_9314qehPeRZBwg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cto.br.media/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 01 Feb 2023 09:33:13 GMT
content-security-policy: script-src 'report-sample' 'nonce-qn58RVW_9314qehPeRZBwg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://cto.br.media
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxWZ46_mxtMKbhAdJXyMyTXkS3d-V_7tq2GR4JFD7DtA7Bf6mjpG8nQ3Uk7T3Tb-_CWpdeyv9Ly3CpqeXmUQyRqq0fswSLUDa7bgsU-X3Zd7cPmXftmPpDMSaZ77jE3-DnYDn6_28A== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 187ms
186ms Script
application/javascript 2404:6800:4004:826::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWZ46_mxtMKbhAdJXyMyTXkS3d-V_7tq2GR4JFD7DtA7Bf6mjpG8nQ3Uk7T3Tb-_CWpdeyv9Ly3CpqeXmUQyRqq0fswSLUDa7bgsU-X3Zd7cPmXftmPpDMSaZ77jE3-DnYDn6_28A==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjc1MjQzOTkzLDE4NTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9jdG8uYnIubWVkaWEvbWVkaWEtcGFjay8iLG51bGwsW1s4LCJwNFV3SkVobVBIRSJdLFs5LCJlbi1VUyJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7e7fe7483f9b18519bb1f2d8723f6f84654621bdc609217f34e17708ceabbdc7

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-lx_NH_5sejck7OpqFBEloQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:13 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-lx_NH_5sejck7OpqFBEloQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVPwsGp6uTkfjgxj464WNp1ZdRuleM2jciu9VdlQMsdbhCKS_GPNRWEWGrxv6xK6O8-h4-R9Frm5zx7XBRKWm9B-SHEJIQhpFvSVn3T4XTHMx1jTjUtOCqmRQ3LUId1Zd3UucfQ3Q== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 53ms
53ms XHR
text/html 2404:6800:4004:826::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVPwsGp6uTkfjgxj464WNp1ZdRuleM2jciu9VdlQMsdbhCKS_GPNRWEWGrxv6xK6O8-h4-R9Frm5zx7XBRKWm9B-SHEJIQhpFvSVn3T4XTHMx1jTjUtOCqmRQ3LUId1Zd3UucfQ3Q==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-eSTHz7rAS1SFqdAhxhpmpA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cto.br.media/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 01 Feb 2023 09:33:13 GMT
content-security-policy: script-src 'report-sample' 'nonce-eSTHz7rAS1SFqdAhxhpmpA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://cto.br.media
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUVtUZe0kkDM93_p-IZla5N_vR6a4cnUBKm7mIDGkjURAibij5260XJ5M3rEKyytjabAtSHX0g0BHTqSfPBTy0= Show response
fundingchoicesmessages.google.com/el/ 0
29 B 240ms
240ms XHR
text/html 2404:6800:4004:826::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUVtUZe0kkDM93_p-IZla5N_vR6a4cnUBKm7mIDGkjURAibij5260XJ5M3rEKyytjabAtSHX0g0BHTqSfPBTy0=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-QbzTkP5Co9yjCw-ft3Lc8w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cto.br.media/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 01 Feb 2023 09:33:13 GMT
content-security-policy: script-src 'report-sample' 'nonce-QbzTkP5Co9yjCw-ft3Lc8w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://cto.br.media
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
cto.br.media/media-pack/ 107 KB
21 KB 581ms
581ms XHR
text/html 2606:4700:3036::ac43:cab9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cto.br.media/media-pack/?mashsb-refresh

Requested by

Host: cto.br.media
URL: https://cto.br.media/wp-content/plugins/mashsharer/assets/js/mashsb.min.js?ver=3.8.7

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:cab9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.15

Resource Hash

27c4c4d976b8ef13b35090779de5ff001029906cc6fc8f1275336f9ab5792cc1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cto.br.media/media-pack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 09:33:17 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.15
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P99usgyqlgghc48EVnyZwZ%2Bmno%2F5lq7wldApFVNYUNtny03BOxLBzR5Jyd7nUW3Nuq0CcjdRc%2FRkWsTDtvdsHkkWCr7%2BcpXHbqcgffjlkWANPD1qeLaLYgRxq85e%2BtdGdEEA%2FdYmVzYOtyU%3D"}],"group":"cf-nel","max_age":604800}
x-mod-pagespeed: 1.13.35.2-0
cache-control: max-age=0, no-cache, s-maxage=10
cf-ray: 7929af426f333535-NRT
link: <https://cto.br.media/wp-json/>; rel="https://api.w.org/", <https://cto.br.media/wp-json/wp/v2/pages/6342>; rel="alternate"; type="application/json", <https://cto.br.media/?p=6342>; rel=shortlink
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

113 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.br.media/	1970-01-20 18:56:43	Name: _ga_6357W9VP29 Value: GS1.1.1675243989.1.0.1675243989.0.0.0
.br.media/	1970-01-20 18:56:43	Name: _ga Value: GA1.1.1555480699.1675243990
.br.media/	1970-01-20 18:42:19	Name: __gads Value: ID=59c21fc39db18073-22fc38c57ed90085:T=1675243990:RT=1675243990:S=ALNI_MZ61cUoAkR6kK4Sn_MNemGO5G4-Xg
.br.media/	1970-01-20 18:42:19	Name: __gpi Value: UID=00000bb2f74b3a3e:T=1675243990:RT=1675243990:S=ALNI_Mbe6zvVHgqvCe3lVfhQO5kYiOYInA
.doubleclick.net/	1970-01-20 18:56:43	Name: IDE Value: AHWqTUkkkF2QjPXM4R5rmixgtoPcpePPgSGqYf1KAePXd9MbcJ649dOmdhD19XCUc-Q
.doubleclick.net/	1970-01-20 09:20:44	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-20 09:20:47	Name: DSID Value: NO_DATA
.reemo-ad.jp/	1970-01-20 18:56:43	Name: deviceIdentifier Value: UdCxpXJDEIPVkzChoMYVGTrODlGgPStr
.reemo-ad.jp/	1970-01-20 09:42:19	Name: sync_gadx Value: 1
.adingo.jp/	1970-01-20 10:03:55	Name: ID Value: 8afc5cad9784888324003aed90f3de8e
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 18:06:19	Name: bcookie Value: "v=2&fdf62d8e-a79a-4654-8435-90d2ceb414af"
.linkedin.com/	1970-01-20 09:22:10	Name: lidc Value: "b=OGST07:s=O:r=O:a=O:p=O:g=2467:u=1:x=1:i=1675243991:t=1675330391:v=2:sig=AQG91ZdF-P25O25dzeyUOk3UCJnR7-bd"
.agkn.com/	1970-01-20 18:06:19	Name: ab Value: 0001%3ApymAQKEE0hBbcKNNLgxsdHRFhQnbzKpE
.agkn.com/	1970-01-20 18:06:19	Name: u Value: C\|0CEArbO5XK2zuVwAAAAAAAQ13AQCAAQpAAAAAAA
.adnxs.com/	1970-01-20 11:30:19	Name: uuid2 Value: 6348524548232897773
sync.srv.stackadapt.com/	1970-01-20 18:06:19	Name: sa-user-id Value: s%3A0-cfa6990c-82bc-43bc-4d48-b4708feef5c9.TgcTNxWeLIyMcl7kZJBoiUzE%2F0oEm0Le6QGhU34rTL8
.srv.stackadapt.com/	1970-01-20 18:06:19	Name: sa-user-id-v2 Value: s%3Az6aZDIK8Q7xNSLRwj-71ydmK_Kc.VOnwjSj%2Bl3TpjLGhWnmtqrtuYzsEQvlSHLTXjNp4AJw
.br.media/	1970-01-20 18:06:19	Name: FCNEC Value: %5B%5B%22AKsRol_efNatfQ9VHMrgXLKchMzYe3OVIm2ssLb-7VLTp8ZAh0iBUoPpNXGQOkV-N7MBvLlV9s4si6yHrd3taMRxe6zpTlK4CwM47WuVcuyXbPz1Lc5mpzx3P4C7m-Gy1Gd3Pv9bFZXWW9lVUQ-2nO5bW8JJDr2R8A%3D%3D%22%5D%2Cnull%2C%5B%5D%5D

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://mts0.google.com/vt/data=sOZKU44bCuhw67SUeFng2lZpAh2yE-rrqHLRxSfzDMnchozvH85VFWNNgHKUX2ghSysB1mtqfDpjBdl4SLrARkGycH3Q Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://app.cauly.co.kr/idsync_ssp/doubleclick?google_gid=CAESEOfPSZkc5Bw_558osJhkZFM&google_cver=1&google_push=Aa02lx_0JNvRV1QCSw7oP4gTnOwZ3gW6yb0GrGeDPlNO5NxRZ4SUMVBHwna4cmNMKiZs8ymewVyscuSj4v64GxdzE_OHQfNNmx1gtw Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.co.jp
adservice.google.com
app.cauly.co.kr
c0.wp.com
cc.adingo.jp
cm.g.doubleclick.net
cto.br.media
d.agkn.com
editorcontent.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
i0.wp.com
mts0.google.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.wp.com
px.ads.linkedin.com
s.w.org
secure.adnxs.com
stats.wp.com
sync.dsp.reemo-ad.jp
sync.srv.stackadapt.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
103.43.90.114
133.186.161.88
142.251.42.130
150.95.47.241
192.0.76.3
192.0.77.2
192.0.77.37
192.0.77.48
2404:6800:4004:801::2002
2404:6800:4004:80a::2004
2404:6800:4004:813::2002
2404:6800:4004:81f::2002
2404:6800:4004:81f::2008
2404:6800:4004:81f::200a
2404:6800:4004:821::200e
2404:6800:4004:822::2003
2404:6800:4004:823::2002
2404:6800:4004:823::2003
2404:6800:4004:823::200e
2404:6800:4004:826::200e
2404:6800:4004:827::2001
2404:6800:400a:80a::2002
2600:9000:2066:9e00:19:fc2c:a140:93a1
2606:4700:3036::ac43:cab9
2620:1ec:21::14
3.114.212.252
41.216.180.122
54.146.129.158
001de631b72480e07e7246acc12f9552f023cef5159872d10b2eb036c7ed3fcc
003be4b32aad80509340d6c2a4769486788681e0af02c36987a6a3fab9522b7f
01c3955df67a9b9d1367957e2c187729eae46b72e92c2b52bdb217b14a8fc874
01cbb105faef1373e9d53ddc5e62c9c7b5f66cbc64c2c045a3daec0328b831e6
0284d42b43b431163138ad07c2e26fee046b82609761b503949c054fe67cf38a
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
03a76dde100a17b38d2eaf65bd9d75ca09369d5d601e4262db5696778e930657
04e2edc75c2eb41e6b9e3b01e5f092ec62b1e821726c71eeac33d9b44b95a3dc
0500bd58f47403106f2f10da96d8d196941a02a4046e88611a59494557861f98
07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a
07a391e09587513aa78421c34ed482a17a5e003c2132edd96227d53831a131b0
095583da724d5336d2a1fb96959c013f1bd05dbf3dee3a4c693f0eab60abd4d6
0aaac69edb0ef99643def6cda2ff3f389fc31bde0d37895867c1b4c7e7039ade
0b1fd3009652799cf308c79dac8f461c2781000df76072eeffd4206d1df3978e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
12a618537a5ecc700c5cd76816ded0793c5c369fa6d786ce82b7199e34b080a3
143955879d55a60dc7ecb3bedf93773f4559db893a1748a18ed7878a67ca2670
166c7c3bb5f76f977a9f2a5490589b3466374eb2b3f064802e56f08bad71fbf0
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1c045fd18778d6cb007565f471c7d6f442aef231cd65359b0fbcef666b432155
1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b
2055d00b49e44386bb1026bbf75c525763d6c4d9ab977595f7f9f54e52e370ab
23acd4cc566960265c6bcbfef13a266556c60965ad94ae827018b7dc036a1ff2
27c4c4d976b8ef13b35090779de5ff001029906cc6fc8f1275336f9ab5792cc1
2a25efd46bf52792cd1347a30c7230d6891581636c625556835acde987dc33b8
2c5f8b67fe14370e5f0ec74fa02cb2780978fb17df20e17c023a9f2d582c72f2
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
30cd961db82d46c3ac5c6a4abb291fcdc9e1bd4ded973363d2c8dad8039bf3df
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
324dbc3f38a9f0a20763e0c0d817aadea2b441e2b872b81c69f453857da67489
340d15169f24ffce160dd06ab0306a4bf1dd650dd1ce46d3a5674282175f1e39
3a645f960e35a35cdc7b4de70fb2d471865d2ba6d9587e0e500f4f4c79b5e15e
3c891891a2abfdb8f5ef8f4b1e4e3c25013d934ca396fe8149e6626cc4ea1888
3e2ac836a407225e2b8380013264f4456665af50f5c8dc5149f7bcacb218504a
3e6b20b7ed414b689efecfbe17b3319fb3555564a5245e258a18af342efd9a81
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040
4492a4f252febe84a00d7f8246e50e43475a11d7192a279aab3c189cd3721456
45d1f5f6cf913746c45dd697b1a8f3b719c02d8b3f678dc7fc2766d54e1aaf6e
488cf81244df2942ebbef913733b8e4f4dd91ec9356a170fbdf2adfdf2f4c6fe
49e350f949fb0eb20cfddc436ad42abeddb557c89836e533db621897cf47466c
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4d0beb3e0a3d113bbfc2ac87742e99777fb5bcc37dd5378aae497eaa8ad3ef2c
4d1fd02bcde85db6ced117991aa0a62380bf0c81b3558bdb0d15e27352ac3f32
4d24cccf4d9f90678405abba55002512fb0971966adf849087c23ca88c777a14
4f41d470bf5880ba4952fec3f7887f956774b561724600b90c3771e6d4cf7868
54f8ac5c58df077620adb1d87a5a775e8e9bb60445910b9c187c89ec39441367
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5ae1def11238bd722d4634761ad5fa62807c339ac18e052e5d0ccf1df05c82db
5b265c14f4af40744077ce7b5de3ac6488aa0806e709f9d185ab65e31610b060
5cfd3418ebf7c95f8f7a9024ebfa383ff5a267a8568c9a2708c26733824bdf07
5df2942db2352e49e00bcf3393b875a71d0acee986e48fbdcc5879846f5c3689
5f0989a9002df46b705fb45e14d611df0d8ecc6f6ad2f6587bfe88c1adb0ed60
5fee992fe9fe9fb5bebd96f8a7a0bc978f755703a818fccff9d78d3ba2d7dc6c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64e045f1b9b28e511d03495cf793fcdf2cf9290de5f7a1ea5080182f99e3b73f
65125c9094777f67a9ff4142953b40709a43718de763e7fd23e63fa18d53fa79
65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4
682b9a643ebc5c5b7f54f802fe82d4d9117b6cdff3479110b81afdccfd6148c2
68656a04dc9b855f8cbde2e5ae7b4d90c9350c21b80f9f42b6c7e9eec68ad818
75c5395697a6947e4b34817ce5eb71dba0566e2ede89712932e48f8eb8eded7f
76b8c213b84808d8f2986bfa38e79e3f2d1a94f065e517a143999b198abd8bd6
77bf60e84e126d1609cc0a302c3953dc25ae054aaee3514d04a4726d4f2609fe
78402ec9128091f8b2e27f216eac4cc38edac0cc04d7f0b9ed76adf46a5eb675
7b1a5f4910ba055ce8310e7956b68be599943c7a7adc1993d93e57df3127cacd
7e7fe7483f9b18519bb1f2d8723f6f84654621bdc609217f34e17708ceabbdc7
80d434164435c3ba6698eebc0fb16879cd4eb449c077e32ba1e0c8cf9f78b3df
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
867db731598a60f3bcec5f74c3775d11d0acbfe1ebbc51db63231568f3226716
876f181150664af9e30a4c1da6f8f95eb462aebeb8781db732ff6bc48a1f6632
8baf69be2c589d0051b5177cf6c3f1302c4c1e1e4a9088b3222d3be5053e9257
8bd0ece453523856db6704ce9e88360cd63332528e1fe83cc60731e21109f6f1
9025e66f790aba6779d9014aaad71b7897501fface48febd23b195095e03f35b
90fef9d0acae0cc250d08d7b98da896c6c0dc6bb33999ffce7819fad76e5ff02
91f8456df712188504db6297b5a7e05225cf9466910e68c754a138ba79060546
991853707a5744d3f7ff976f0ddc1a45c40b457abdad832e0d8df37cb6080d90
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134
9bf6fdc5d560b08cfe28b39afe13f4c3a946b3fc3f4fc02591552a5bf1443d42
9c7bd3dadf6edc19d3b8876a8e2b0b0ae6b54f403d7e987ec82b041128cfdd35
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9dac700d60700abff363d4ba6b2ecf46b879c9754f20bbc805a2c3ac4417edf7
a0da2aee6cc32a9bc1dc66cfba7518a6d47d1337202d6ee94a6174f25c720e94
a32dc63c8177758a1c78f5f18f4b21ccd00b0f0cbb9d5267aeefa2da47997952
a482b87b1055665d77c94492bf4739724380d45b00083575738386b2c7ee9d80
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a7acfb3926865d68cafe8359320b0fa8959de6de7d2422ec43bd2a3736c40754
a7eb4dfaeb3a5b3370523b353c14853d801722a62325eb88ef60b3fd08f016f4
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
aa6b8925e1363db8671d01cd9935286ee77645b16e3422910b8b4e70e82a00d3
aabc30ee10c2b23a718fe443f43b051563fa5c58aa4b48cb64155a424e451468
aaf9bb091f781b24996837d1b06acb2a0aed55b54c154d605b193b9731bb37d1
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b044d89f7a88e52da5ba2345438abc81c7fdf33eefbdb8e458bd5ce102bbba7c
b511b5104524c0b25f553fbaa7c6d92564f0770a222d9ad642bffa36aa3920d6
b54aaf98a36375b8c46fd32bf218dd24526459706957869001cef90c7acf8630
b69f6a34cffee7491a91501ce0ebf2710756c59472393ef709a42d787d80398f
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b7b1f8d4e7f0706e8de5491cc52f0a32ba91211cd57743e769489fc6efd6fea1
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
be782e7a599f69742b110ad7060bb33567b4cf4c0a2178a0691529bdecd0bae5
c313eafd49a7f12b4bb014b8b23a6675b9000c625344fcd99d8aa2f4abf7b746
c5c8ee707457e4f18f6138cafe218bd8e196438b0ecc9a16c1c636aefa08cafb
c68f62e403b46bce8f99fac833852234dcbe775b6102df80ea668e11e5d0028f
c8a2ce0ff737cb50745bcd2b534fa03c462d897895dadb9af2d46e37db45c2f2
ca7154cdda62b535ceaba9ad2a2b2217ff49de94c069a2c4e89733f3f06b3651
cc23f3fb7ed93aa57b37e1d816309339df0bf0e0bd0007720dbe6bef32891d02
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
cf20294f6699db6e2b194896113f683352ef34687f7c01846733fc22704dac63
cf8f10bd933e45c08c4528efb6b831bd3970e130763376577040e0fce3bdb39d
d30e674df8c589b210186f71173b09d2890c3d84dd9aa57cb23d5dfd3ae61726
d355cf98aeecbb16480cc19e5f0afa9cf9b0a92526437d3e91a084a5ca78d400
d603b6e5c404d28a9f1c12bb0b57d8c9967836a8f53cce046a2ab3fd1f3b2f52
d68809d25238182f26fcee1f2ec396b99b256d1c9fc5d94dc51fc3da5ec7d021
d86960367934f9e3809a4180c829b4e8a6fdbcd20de15308f7fa83398c7384c1
d9eea42f179e4a54d72c720728866ef3328c9a1025666414811dfbcfcfee7962
de9c9d21dc567099550adc619be60ec5a771e6842485423ef23165b812187cc9
deeb07a584daeb600550f7db9c3eee2349b15206d64a6a1dcc77c9f941cba1a6
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e75256a24f1bc27561819e033db2484efb053161047a2159b9902ab7e18bcdb8
e7eabc7f05a63848ca0cf3d821014400d89e413dd6d11de71620a36cb655f99b
e838f60738bfd243d135cf9cc404f5d7cf8b31f68bf07ce3529187cff9b8bd29
ed6dfc4c7c38b2cc5aaa92176e9965017a842d3b131b79d8588e091e84b9f824
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa915afe973e463c1ed4fce76fc3d9d54482fa8ad5bb0e1018831aa3761a31b
efbc00575f13f02c406f902fe55444cc283c09ec68d4404dc82c9ed7b23ad053
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6abddbe5d6b87ebdfc3ef94d51cb72b139804c2ad38ee3ed1aeb591012b5076
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fe4ded55789f78204754a353d124951e36b60128ca671450e55b5f328927f786
ff1ce8732e74bc97205dfb4009d268a21dcbd5eac386e19e45f93db0defd51b5
ff7f41fb46f8e9ecafe2c34d443535baec1dcf56cea4701d82e3e387fee68353

cto.br.media Open in urlscan Pro 2606:4700:3036::ac43:cab9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

184 Requests

97 %HTTPS

61 %IPv6

21 Domains

30 Subdomains

22 IPs

4 Countries

1566 kBTransfer

4421 kBSize

19 Cookies

6 Outgoing links

Page URL History

Redirected requests

184 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

cto.br.media Open in urlscan Pro
2606:4700:3036::ac43:cab9 Public Scan

Screenshot
Live screenshot

Full Image

184
Requests

97 %
HTTPS

61 %
IPv6

21
Domains

30
Subdomains

22
IPs

4
Countries

1566 kB
Transfer

4421 kB
Size

19
Cookies

184 HTTP transactions
11 data transactions