urlscan.io logo urlscan.io
SecurityTrails logo

pt.horoscopofree.com Open in urlscan Pro
87.252.216.244  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.horoscopofree.com/pt/unsub/?tkn=u_Ixt-Byz8EdnHpqRlUEXkO-HiWJYF8NrZ5z%20wpfAszsfsKwrz6znl720jYJ33bomVYhjPHr8nlh5uJk...
Effective URL: http://pt.horoscopofree.com/unsub?tkn=u_Ixt-Byz8EdnHpqRlUEXkO-HiWJYF8NrZ5z+wpfAszsfsKwrz6znl720jYJ33bomVYhjPHr8nlh5uJkPwuYAGcs
Submission: On December 01 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 5 countries across 8 domains to perform 27 HTTP transactions. The main IP is 87.252.216.244, located in United Kingdom and belongs to EQUINIX-CONNECT-EMEA, GB. The main domain is pt.horoscopofree.com.
This is the only time pt.horoscopofree.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 87.252.216.248 15830 (EQUINIX-C...)
1 5 87.252.216.244 15830 (EQUINIX-C...)
4 99.86.7.112 16509 (AMAZON-02)
1 3 2a00:1450:400... 15169 (GOOGLE)
10 85.94.197.210 12637 (SEEWEB We...)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
27 8
1    87.252.216.248 (United Kingdom)

ASN15830 (EQUINIX-CONNECT-EMEA, GB)
PTR: adsender-216-248.adsender.us
www.horoscopofree.com
5    87.252.216.244 (United Kingdom)

ASN15830 (EQUINIX-CONNECT-EMEA, GB)
pt.horoscopofree.com
4    99.86.7.112 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-7-112.fra6.r.cloudfront.net
dqlkqhr3456sn.cloudfront.net
3    2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
10    85.94.197.210 (Italy)

ASN12637 (SEEWEB Web hosting, colocation and cloud services, IT)
PTR: ithf02.adsender.us
banner.adsender.us
1    2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    2a00:1450:4001:81a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a00:1450:4001:81a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
1    2a00:1450:4001:815::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Domain Requested by
10 banner.adsender.us pt.horoscopofree.com
5 pt.horoscopofree.com 1 redirects pt.horoscopofree.com
4 www.google.com 1 redirects pt.horoscopofree.com
www.gstatic.com
4 dqlkqhr3456sn.cloudfront.net pt.horoscopofree.com
3 www.google-analytics.com 1 redirects pt.horoscopofree.com
2 apis.google.com pt.horoscopofree.com
apis.google.com
1 www.gstatic.com www.google.com
1 www.google.de pt.horoscopofree.com
1 stats.g.doubleclick.net 1 redirects
1 www.horoscopofree.com 1 redirects
27 10
Subject Issuer Validity Valid
*.google-analytics.com
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh
www.google.de
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh
*.apis.google.com
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh

This page contains 3 frames:

Primary Page: http://pt.horoscopofree.com/unsub?tkn=u_Ixt-Byz8EdnHpqRlUEXkO-HiWJYF8NrZ5z+wpfAszsfsKwrz6znl720jYJ33bomVYhjPHr8nlh5uJkPwuYAGcs
Frame ID: 7FCBF05F253F5E371D31B628539C7B59
Requests: 25 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf0xQcUAAAAALna_ECBIovJa5YDCkshc44bqm8t&co=aHR0cDovL3B0Lmhvcm9zY29wb2ZyZWUuY29tOjgw&hl=en&v=UFwvoDBMjc8LiYc1DKXiAomK&size=normal&cb=oe4hi7p5da2f
Frame ID: 207D856D89A75188640C7CE8D0810BE9
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=UFwvoDBMjc8LiYc1DKXiAomK&k=6Lf0xQcUAAAAALna_ECBIovJa5YDCkshc44bqm8t&cb=fw5etsx04efg
Frame ID: 11590435CA6747357E4E3C2A29EEF290
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.horoscopofree.com/pt/unsub/?tkn=u_Ixt-Byz8EdnHpqRlUEXkO-HiWJYF8NrZ5z%20wpfAszsfsKwrz6znl720jYJ... HTTP 301
    http://pt.horoscopofree.com/unsub/?tkn=u_Ixt-Byz8EdnHpqRlUEXkO-HiWJYF8NrZ5z%20wpfAszsfsKwrz6znl720jYJ33b... HTTP 301
    http://pt.horoscopofree.com/unsub?tkn=u_Ixt-Byz8EdnHpqRlUEXkO-HiWJYF8NrZ5z+wpfAszsfsKwrz6znl720jYJ33bomV... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /apis\.google\.com\/js\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/recaptcha\/api\.js/i

Page Statistics

27
Requests

33 %
HTTPS

60 %
IPv6

8
Domains

10
Subdomains

8
IPs

5
Countries

293 kB
Transfer

727 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.horoscopofree.com/pt/unsub/?tkn=u_Ixt-Byz8EdnHpqRlUEXkO-HiWJYF8NrZ5z%20wpfAszsfsKwrz6znl720jYJ33bomVYhjPHr8nlh5uJkPwuYAGcs HTTP 301
    http://pt.horoscopofree.com/unsub/?tkn=u_Ixt-Byz8EdnHpqRlUEXkO-HiWJYF8NrZ5z%20wpfAszsfsKwrz6znl720jYJ33bomVYhjPHr8nlh5uJkPwuYAGcs HTTP 301
    http://pt.horoscopofree.com/unsub?tkn=u_Ixt-Byz8EdnHpqRlUEXkO-HiWJYF8NrZ5z+wpfAszsfsKwrz6znl720jYJ33bomVYhjPHr8nlh5uJkPwuYAGcs Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • http://www.google-analytics.com/ga.js HTTP 307
  • https://www.google-analytics.com/ga.js
Request Chain 9
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1344172479&utmhn=pt.horoscopofree.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Anular%20tua%20inscri%C3%A7%C3%A3o%20%7C%20horoscopofree.com&utmhid=121728602&utmr=-&utmp=%2Funsub%3Ftkn%3Du_Ixt-Byz8EdnHpqRlUEXkO-HiWJYF8NrZ5z%2BwpfAszsfsKwrz6znl720jYJ33bomVYhjPHr8nlh5uJkPwuYAGcs&utmht=1606790352169&utmac=UA-2900400-1&utmcc=__utma%3D1.1501463092.1606790352.1606790352.1606790352.1%3B%2B__utmz%3D1.1606790352.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=150803124&utmredir=1&utmu=qFAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1344172479&utmhn=pt.horoscopofree.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Anular%20tua%20inscri%C3%A7%C3%A3o%20%7C%20horoscopofree.com&utmhid=121728602&utmr=-&utmp=%2Funsub%3Ftkn%3Du_Ixt-Byz8EdnHpqRlUEXkO-HiWJYF8NrZ5z%2BwpfAszsfsKwrz6znl720jYJ33bomVYhjPHr8nlh5uJkPwuYAGcs&utmht=1606790352169&utmac=UA-2900400-1&utmcc=__utma%3D1.1501463092.1606790352.1606790352.1606790352.1%3B%2B__utmz%3D1.1606790352.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=150803124&utmredir=1&utmu=qFAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-2900400-1&cid=1501463092.1606790352&jid=150803124&_v=5.7.2&z=1344172479 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2900400-1&cid=1501463092.1606790352&jid=150803124&_v=5.7.2&z=1344172479 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2900400-1&cid=1501463092.1606790352&jid=150803124&_v=5.7.2&z=1344172479&slf_rd=1&random=2957093108
Request Chain 10
  • http://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=1691064696&utmhn=pt.horoscopofree.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Anular%20tua%20inscri%C3%A7%C3%A3o%20%7C%20horoscopofree.com&utmhid=121728602&utmr=-&utmp=%2Funsub%3Ftkn%3Du_Ixt-Byz8EdnHpqRlUEXkO-HiWJYF8NrZ5z%2BwpfAszsfsKwrz6znl720jYJ33bomVYhjPHr8nlh5uJkPwuYAGcs&utmht=1606790352172&utmac=UA-2900400-15&utmcc=__utma%3D1.1501463092.1606790352.1606790352.1606790352.1%3B%2B__utmz%3D1.1606790352.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=qFAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
  • https://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=1691064696&utmhn=pt.horoscopofree.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Anular%20tua%20inscri%C3%A7%C3%A3o%20%7C%20horoscopofree.com&utmhid=121728602&utmr=-&utmp=%2Funsub%3Ftkn%3Du_Ixt-Byz8EdnHpqRlUEXkO-HiWJYF8NrZ5z%2BwpfAszsfsKwrz6znl720jYJ33bomVYhjPHr8nlh5uJkPwuYAGcs&utmht=1606790352172&utmac=UA-2900400-15&utmcc=__utma%3D1.1501463092.1606790352.1606790352.1606790352.1%3B%2B__utmz%3D1.1606790352.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=qFAAAAAAAAAAAAAAAAAAAAAE~

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request unsub
pt.horoscopofree.com/
Redirect Chain
  • https://www.horoscopofree.com/pt/unsub/?tkn=u_Ixt-Byz8EdnHpqRlUEXkO-HiWJYF8NrZ5z%20wpfAszsfsKwrz6znl720jYJ33bomVYhjPHr8nlh5uJkPwuYAGcs
  • http://pt.horoscopofree.com/unsub/?tkn=u_Ixt-Byz8EdnHpqRlUEXkO-HiWJYF8NrZ5z%20wpfAszsfsKwrz6znl720jYJ33bomVYhjPHr8nlh5uJkPwuYAGcs
  • http://pt.horoscopofree.com/unsub?tkn=u_Ixt-Byz8EdnHpqRlUEXkO-HiWJYF8NrZ5z+wpfAszsfsKwrz6znl720jYJ33bomVYhjPHr8nlh5uJkPwuYAGcs
22 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://pt.horoscopofree.com/unsub?tkn=u_Ixt-Byz8EdnHpqRlUEXkO-HiWJYF8NrZ5z+wpfAszsfsKwrz6znl720jYJ33bomVYhjPHr8nlh5uJkPwuYAGcs
Protocol
HTTP/1.1
Server
87.252.216.244 , United Kingdom, ASN15830 (EQUINIX-CONNECT-EMEA, GB),
Reverse DNS
Software
nginx /
Resource Hash
9f9188a24243282e06d20f4c8520e059e4f40ae78c65dc646802aef8ad29675d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Host
pt.horoscopofree.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Cookie
HRPTS=cb0929cd4e823b6a5310e5f7f08757d6; ulang=82cqetWht4QYE9yvDjO9e_WOeA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
nginx
Date
Tue, 01 Dec 2020 02:39:11 GMT
Content-Type
text/html; charset=utf-8
Content-Length
4728
Connection
keep-alive
Mirror
web1-ie
Expires
Sun, 01 Dec 2019 02:39:11 GMT
Cache-Control
private, max-age=0
Pragma
no-cache
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Encoding
gzip
X-LLC-HF
iehf01

Redirect headers

Server
nginx
Date
Tue, 01 Dec 2020 02:39:11 GMT
Content-Type
text/html; charset=utf-8
Content-Length
228
Connection
keep-alive
Mirror
web1-ie
Set-Cookie
HRPTS=cb0929cd4e823b6a5310e5f7f08757d6; path=/; domain=.horoscopofree.com ulang=82cqetWht4QYE9yvDjO9e_WOeA; expires=Wed, 01-Dec-2021 08:27:57 GMT; path=/; domain=.horoscopofree.com; httponly
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
P3P
CP="IDC DSP COR ADM DEVo TAIi PSA PSD IVAo IVDo CONi HIS OUR IND CNT"
Location
http://pt.horoscopofree.com/unsub?tkn=u_Ixt-Byz8EdnHpqRlUEXkO-HiWJYF8NrZ5z+wpfAszsfsKwrz6znl720jYJ33bomVYhjPHr8nlh5uJkPwuYAGcs
Vary
Accept-Encoding
Content-Encoding
gzip
X-LLC-HF
iehf01
r-layout-pt-4583234948.css
pt.horoscopofree.com/css/ 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://pt.horoscopofree.com/css/r-layout-pt-4583234948.css
Requested by
Host: pt.horoscopofree.com
URL: http://pt.horoscopofree.com/unsub?tkn=u_Ixt-Byz8EdnHpqRlUEXkO-HiWJYF8NrZ5z+wpfAszsfsKwrz6znl720jYJ33bomVYhjPHr8nlh5uJkPwuYAGcs
Protocol
HTTP/1.1
Server
87.252.216.244 , United Kingdom, ASN15830 (EQUINIX-CONNECT-EMEA, GB),
Reverse DNS
Software
nginx /
Resource Hash
1d6e05b4845e9a6344a0538390da3871f7695314a2ee39f1dd3b51708565b361

Request headers

Referer
http://pt.horoscopofree.com/unsub?tkn=u_Ixt-Byz8EdnHpqRlUEXkO-HiWJYF8NrZ5z+wpfAszsfsKwrz6znl720jYJ33bomVYhjPHr8nlh5uJkPwuYAGcs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 01 Dec 2020 02:39:12 GMT
Content-Encoding
gzip
Server
nginx
ETag
4583234948
Vary
Accept-Encoding
Content-Type
text/css;charset=UTF-8
Cache-Control
max-age=2592000, public
X-LLC-HF
iehf01
Connection
keep-alive
Content-Length
4082
Mirror
web1-ie
Expires
Thu, 31 Dec 2020 02:39:12 +0000
logoLL.png
dqlkqhr3456sn.cloudfront.net/pt/img/v2/layout/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://dqlkqhr3456sn.cloudfront.net/pt/img/v2/layout/logoLL.png
Requested by
Host: pt.horoscopofree.com
URL: http://pt.horoscopofree.com/unsub?tkn=u_Ixt-Byz8EdnHpqRlUEXkO-HiWJYF8NrZ5z+wpfAszsfsKwrz6znl720jYJ33bomVYhjPHr8nlh5uJkPwuYAGcs
Protocol
HTTP/1.1
Server
99.86.7.112 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-112.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0e3b56af2ea84cd2f349f799b8ba8d4ec08e82b0153d28e3a9111a87f038e355

Request headers

Referer
http://pt.horoscopofree.com/unsub?tkn=u_Ixt-Byz8EdnHpqRlUEXkO-HiWJYF8NrZ5z+wpfAszsfsKwrz6znl720jYJ33bomVYhjPHr8nlh5uJkPwuYAGcs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 30 Nov 2020 13:05:23 GMT
Via
1.1 baa5702f7bd64fcbae1e3bd950d9a245.cloudfront.net (CloudFront)
Last-Modified
Thu, 12 Dec 2019 18:16:05 GMT
Server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1576165755/atime:1576165755/md5:d9f71def08a62d9a4c3279fe8f7b9fc2/ctime:1576165755
Age
48829
ETag
"d9f71def08a62d9a4c3279fe8f7b9fc2"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
X-Amz-Cf-Pop
FRA6-C1
Accept-Ranges
bytes
Content-Length
4733
X-Amz-Cf-Id
42jhbvf2QsxCVyqF7yB5E44y1s76uzl24neD7d5k36CUd3LbEMd3QA==
jquery.1527089962.js
pt.horoscopofree.com/js/ 		93 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pt.horoscopofree.com/js/jquery.1527089962.js
Requested by
Host: pt.horoscopofree.com
URL: http://pt.horoscopofree.com/unsub?tkn=u_Ixt-Byz8EdnHpqRlUEXkO-HiWJYF8NrZ5z+wpfAszsfsKwrz6znl720jYJ33bomVYhjPHr8nlh5uJkPwuYAGcs
Protocol
HTTP/1.1
Server
87.252.216.244 , United Kingdom, ASN15830 (EQUINIX-CONNECT-EMEA, GB),
Reverse DNS
Software
nginx /
Resource Hash
f43121e8466577816a16da77f5b7948aa5496afeac7876a6318d7e967e73cb39

Request headers

Referer
http://pt.horoscopofree.com/unsub?tkn=u_Ixt-Byz8EdnHpqRlUEXkO-HiWJYF8NrZ5z+wpfAszsfsKwrz6znl720jYJ33bomVYhjPHr8nlh5uJkPwuYAGcs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 01 Dec 2020 02:39:11 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 May 2018 15:39:22 GMT
Server
nginx
ETag
"17278-56ce156b99e80"
Vary
Accept-Encoding
Content-Type
application/javascript
X-LLC-HF
iehf01
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
33617
Mirror
ieweb01
cookiePrivacy.min.js
pt.horoscopofree.com/js/ 		546 B
645 B 		Script
General
Check archive.org
Download Go to
Full URL
http://pt.horoscopofree.com/js/cookiePrivacy.min.js
Requested by
Host: pt.horoscopofree.com
URL: http://pt.horoscopofree.com/unsub?tkn=u_Ixt-Byz8EdnHpqRlUEXkO-HiWJYF8NrZ5z+wpfAszsfsKwrz6znl720jYJ33bomVYhjPHr8nlh5uJkPwuYAGcs
Protocol
HTTP/1.1
Server
87.252.216.244 , United Kingdom, ASN15830 (EQUINIX-CONNECT-EMEA, GB),
Reverse DNS
Software
nginx /
Resource Hash
c81d81aec6e1afed3c2168b34ed23bef237a8ab04ef91335840f7099df1c021b

Request headers

Referer
http://pt.horoscopofree.com/unsub?tkn=u_Ixt-Byz8EdnHpqRlUEXkO-HiWJYF8NrZ5z+wpfAszsfsKwrz6znl720jYJ33bomVYhjPHr8nlh5uJkPwuYAGcs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 01 Dec 2020 02:39:11 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 May 2018 15:39:22 GMT
Server
nginx
ETag
"222-56ce156b99e80"
Vary
Accept-Encoding
Content-Type
application/javascript
X-LLC-HF
iehf01
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
314
Mirror
ieweb01
ga.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/ga.js
  • https://www.google-analytics.com/ga.js
45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/ga.js
Requested by
Host: pt.horoscopofree.com
URL: http://pt.horoscopofree.com/unsub?tkn=u_Ixt-Byz8EdnHpqRlUEXkO-HiWJYF8NrZ5z+wpfAszsfsKwrz6znl720jYJ33bomVYhjPHr8nlh5uJkPwuYAGcs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://pt.horoscopofree.com/unsub?tkn=u_Ixt-Byz8EdnHpqRlUEXkO-HiWJYF8NrZ5z+wpfAszsfsKwrz6znl720jYJ33bomVYhjPHr8nlh5uJkPwuYAGcs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
4348
date
Tue, 01 Dec 2020 01:26:44 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Tue, 01 Dec 2020 03:26:44 GMT

Redirect headers

Location
https://www.google-analytics.com/ga.js
Non-Authoritative-Reason
HSTS
homepage-icon.png
dqlkqhr3456sn.cloudfront.net/pt/img/v2/layout/ 		249 B
868 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://dqlkqhr3456sn.cloudfront.net/pt/img/v2/layout/homepage-icon.png
Requested by
Host: pt.horoscopofree.com
URL: http://pt.horoscopofree.com/css/r-layout-pt-4583234948.css
Protocol
HTTP/1.1
Server
99.86.7.112 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-112.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
73e25e4a6389c7b117ed45236b2ff3a08a8c30ef5f07323561334e1c5599a9dc

Request headers

Referer
http://pt.horoscopofree.com/css/r-layout-pt-4583234948.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 30 Nov 2020 13:52:49 GMT
Via
1.1 baa5702f7bd64fcbae1e3bd950d9a245.cloudfront.net (CloudFront)
Last-Modified
Thu, 12 Dec 2019 18:16:19 GMT
Server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1576165755/atime:1576165755/md5:0832103124a95524080793aa21d863d8/ctime:1576165755
Age
45983
ETag
"0832103124a95524080793aa21d863d8"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
X-Amz-Cf-Pop
FRA6-C1
Accept-Ranges
bytes
Content-Length
249
X-Amz-Cf-Id
CD7uUABZH9J7JDs0cu6Lyfm4cBfWfNnxdy1oT2SsPNAxWGPazWfGug==
logo-3.png
dqlkqhr3456sn.cloudfront.net/pt/img/v2/layout/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://dqlkqhr3456sn.cloudfront.net/pt/img/v2/layout/logo-3.png
Requested by
Host: pt.horoscopofree.com
URL: http://pt.horoscopofree.com/css/r-layout-pt-4583234948.css
Protocol
HTTP/1.1
Server
99.86.7.112 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-112.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
531f6683220e323380d61b856eea38ec02a269f7b24d65adc633afb2dfd0e924

Request headers

Referer
http://pt.horoscopofree.com/css/r-layout-pt-4583234948.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 30 Nov 2020 13:52:49 GMT
Via
1.1 7ed7afde326861e358c3c83359e99895.cloudfront.net (CloudFront)
Last-Modified
Thu, 12 Dec 2019 18:16:29 GMT
Server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1576165755/atime:1576165755/md5:a2c03990cb85c8b4fb9451816097d5f1/ctime:1576165755
Age
45983
ETag
"a2c03990cb85c8b4fb9451816097d5f1"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
X-Amz-Cf-Pop
FRA6-C1
Accept-Ranges
bytes
Content-Length
9592
X-Amz-Cf-Id
jljTtGDcnRPzgeg6DacdzMutB1_wL6ux8j3uHDsUqW2qq6l9fh-C3g==
top-payoff.png
dqlkqhr3456sn.cloudfront.net/pt/img/v2/layout/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://dqlkqhr3456sn.cloudfront.net/pt/img/v2/layout/top-payoff.png
Requested by
Host: pt.horoscopofree.com
URL: http://pt.horoscopofree.com/css/r-layout-pt-4583234948.css
Protocol
HTTP/1.1
Server
99.86.7.112 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-112.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0597aa973fbe706eee9084ec989eaf20796016ac1bc1136d80544edd2dde9b01

Request headers

Referer
http://pt.horoscopofree.com/css/r-layout-pt-4583234948.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 30 Nov 2020 07:59:33 GMT
Via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
Last-Modified
Thu, 12 Dec 2019 18:16:27 GMT
Server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1576165755/atime:1576165755/md5:5c4c8dbe20e103d94143332fa20f5684/ctime:1576165755
Age
67180
ETag
"5c4c8dbe20e103d94143332fa20f5684"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
X-Amz-Cf-Pop
FRA6-C1
Accept-Ranges
bytes
Content-Length
8420
X-Amz-Cf-Id
pWw96OAXVegKKkv7QwXVxwJWgHvrJHYI2LdIRE30sofh0XLWCjGNxw==
ajs.php
banner.adsender.us/www/delivery/ 		524 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://banner.adsender.us/www/delivery/ajs.php?zoneid=7&cb=84112572250&charset=UTF-8&loc=http%3A//pt.horoscopofree.com/unsub%3Ftkn%3Du_Ixt-Byz8EdnHpqRlUEXkO-HiWJYF8NrZ5z+wpfAszsfsKwrz6znl720jYJ33bomVYhjPHr8nlh5uJkPwuYAGcs
Requested by
Host: pt.horoscopofree.com
URL: http://pt.horoscopofree.com/unsub?tkn=u_Ixt-Byz8EdnHpqRlUEXkO-HiWJYF8NrZ5z+wpfAszsfsKwrz6znl720jYJ33bomVYhjPHr8nlh5uJkPwuYAGcs
Protocol
HTTP/1.1
Server
85.94.197.210 , Italy, ASN12637 (SEEWEB Web hosting, colocation and cloud services, IT),
Reverse DNS
ithf02.adsender.us
Software
nginx /
Resource Hash
ed9b8865dff6bf21bf5d06926bbf9af992c2c8e26cd2bbbb30bbfbb4763bbed7

Request headers

Referer
http://pt.horoscopofree.com/unsub?tkn=u_Ixt-Byz8EdnHpqRlUEXkO-HiWJYF8NrZ5z+wpfAszsfsKwrz6znl720jYJ33bomVYhjPHr8nlh5uJkPwuYAGcs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Tue, 01 Dec 2020 02:39:12 GMT
Server
nginx
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-LLC-HF
ithf02
Connection
keep-alive
Content-Type
text/javascript; charset=UTF-8
Content-Length
524
Mirror
web6
Expires
0
ga-audiences
www.google.de/ads/
Redirect Chain
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1344172479&utmhn=pt.horoscopofree.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=...
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1344172479&utmhn=pt.horoscopofree.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-2900400-1&cid=1501463092.1606790352&jid=150803124&_v=5.7.2&z=1344172479
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2900400-1&cid=1501463092.1606790352&jid=150803124&_v=5.7.2&z=1344172479
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2900400-1&cid=1501463092.1606790352&jid=150803124&_v=5.7.2&z=1344172479&slf_rd=1&random=2957093108
42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2900400-1&cid=1501463092.1606790352&jid=150803124&_v=5.7.2&z=1344172479&slf_rd=1&random=2957093108
Requested by
Host: pt.horoscopofree.com
URL: http://pt.horoscopofree.com/unsub?tkn=u_Ixt-Byz8EdnHpqRlUEXkO-HiWJYF8NrZ5z+wpfAszsfsKwrz6znl720jYJ33bomVYhjPHr8nlh5uJkPwuYAGcs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://pt.horoscopofree.com/unsub?tkn=u_Ixt-Byz8EdnHpqRlUEXkO-HiWJYF8NrZ5z+wpfAszsfsKwrz6znl720jYJ33bomVYhjPHr8nlh5uJkPwuYAGcs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Dec 2020 02:39:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 01 Dec 2020 02:39:12 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2900400-1&cid=1501463092.1606790352&jid=150803124&_v=5.7.2&z=1344172479&slf_rd=1&random=2957093108
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
__utm.gif
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=1691064696&utmhn=pt.horoscopofree.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=An...
  • https://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=1691064696&utmhn=pt.horoscopofree.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=A...
35 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=1691064696&utmhn=pt.horoscopofree.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Anular%20tua%20inscri%C3%A7%C3%A3o%20%7C%20horoscopofree.com&utmhid=121728602&utmr=-&utmp=%2Funsub%3Ftkn%3Du_Ixt-Byz8EdnHpqRlUEXkO-HiWJYF8NrZ5z%2BwpfAszsfsKwrz6znl720jYJ33bomVYhjPHr8nlh5uJkPwuYAGcs&utmht=1606790352172&utmac=UA-2900400-15&utmcc=__utma%3D1.1501463092.1606790352.1606790352.1606790352.1%3B%2B__utmz%3D1.1606790352.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=qFAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: pt.horoscopofree.com
URL: http://pt.horoscopofree.com/unsub?tkn=u_Ixt-Byz8EdnHpqRlUEXkO-HiWJYF8NrZ5z+wpfAszsfsKwrz6znl720jYJ33bomVYhjPHr8nlh5uJkPwuYAGcs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://pt.horoscopofree.com/unsub?tkn=u_Ixt-Byz8EdnHpqRlUEXkO-HiWJYF8NrZ5z+wpfAszsfsKwrz6znl720jYJ33bomVYhjPHr8nlh5uJkPwuYAGcs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Nov 2020 09:12:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
62830
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=1691064696&utmhn=pt.horoscopofree.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Anular%20tua%20inscri%C3%A7%C3%A3o%20%7C%20horoscopofree.com&utmhid=121728602&utmr=-&utmp=%2Funsub%3Ftkn%3Du_Ixt-Byz8EdnHpqRlUEXkO-HiWJYF8NrZ5z%2BwpfAszsfsKwrz6znl720jYJ33bomVYhjPHr8nlh5uJkPwuYAGcs&utmht=1606790352172&utmac=UA-2900400-15&utmcc=__utma%3D1.1501463092.1606790352.1606790352.1606790352.1%3B%2B__utmz%3D1.1606790352.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=qFAAAAAAAAAAAAAAAAAAAAAE~
Non-Authoritative-Reason
HSTS
lg.php
banner.adsender.us/www/delivery/ 		43 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://banner.adsender.us/www/delivery/lg.php?bannerid=0&campaignid=0&zoneid=7&loc=http%3A%2F%2Fpt.horoscopofree.com%2Funsub%3Ftkn%3Du_Ixt-Byz8EdnHpqRlUEXkO-HiWJYF8NrZ5z+wpfAszsfsKwrz6znl720jYJ33bomVYhjPHr8nlh5uJkPwuYAGcs&cb=d66853d181
Requested by
Host: pt.horoscopofree.com
URL: http://pt.horoscopofree.com/unsub?tkn=u_Ixt-Byz8EdnHpqRlUEXkO-HiWJYF8NrZ5z+wpfAszsfsKwrz6znl720jYJ33bomVYhjPHr8nlh5uJkPwuYAGcs
Protocol
HTTP/1.1
Server
85.94.197.210 , Italy, ASN12637 (SEEWEB Web hosting, colocation and cloud services, IT),
Reverse DNS
ithf02.adsender.us
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
http://pt.horoscopofree.com/unsub?tkn=u_Ixt-Byz8EdnHpqRlUEXkO-HiWJYF8NrZ5z+wpfAszsfsKwrz6znl720jYJ33bomVYhjPHr8nlh5uJkPwuYAGcs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 01 Dec 2020 02:39:12 GMT
Server
nginx
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-LLC-HF
ithf02
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Mirror
web6
Expires
0
ajs.php
banner.adsender.us/www/delivery/ 		524 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://banner.adsender.us/www/delivery/ajs.php?zoneid=9&cb=36834147193&charset=UTF-8&loc=http%3A//pt.horoscopofree.com/unsub%3Ftkn%3Du_Ixt-Byz8EdnHpqRlUEXkO-HiWJYF8NrZ5z+wpfAszsfsKwrz6znl720jYJ33bomVYhjPHr8nlh5uJkPwuYAGcs
Requested by
Host: pt.horoscopofree.com
URL: http://pt.horoscopofree.com/unsub?tkn=u_Ixt-Byz8EdnHpqRlUEXkO-HiWJYF8NrZ5z+wpfAszsfsKwrz6znl720jYJ33bomVYhjPHr8nlh5uJkPwuYAGcs
Protocol
HTTP/1.1
Server
85.94.197.210 , Italy, ASN12637 (SEEWEB Web hosting, colocation and cloud services, IT),
Reverse DNS
ithf02.adsender.us
Software
nginx /
Resource Hash
89c2034abb0cd0a78a82c11b9f2f6a3a658d3443aece454bfeefd1119ff1c808

Request headers

Referer
http://pt.horoscopofree.com/unsub?tkn=u_Ixt-Byz8EdnHpqRlUEXkO-HiWJYF8NrZ5z+wpfAszsfsKwrz6znl720jYJ33bomVYhjPHr8nlh5uJkPwuYAGcs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Tue, 01 Dec 2020 02:39:12 GMT
Server
nginx
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-LLC-HF
ithf02
Connection
keep-alive
Content-Type
text/javascript; charset=UTF-8
Content-Length
524
Mirror
web6
Expires
0
lg.php
banner.adsender.us/www/delivery/ 		43 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://banner.adsender.us/www/delivery/lg.php?bannerid=0&campaignid=0&zoneid=9&loc=http%3A%2F%2Fpt.horoscopofree.com%2Funsub%3Ftkn%3Du_Ixt-Byz8EdnHpqRlUEXkO-HiWJYF8NrZ5z+wpfAszsfsKwrz6znl720jYJ33bomVYhjPHr8nlh5uJkPwuYAGcs&cb=dbbb053545
Requested by
Host: pt.horoscopofree.com
URL: http://pt.horoscopofree.com/unsub?tkn=u_Ixt-Byz8EdnHpqRlUEXkO-HiWJYF8NrZ5z+wpfAszsfsKwrz6znl720jYJ33bomVYhjPHr8nlh5uJkPwuYAGcs
Protocol
HTTP/1.1
Server
85.94.197.210 , Italy, ASN12637 (SEEWEB Web hosting, colocation and cloud services, IT),
Reverse DNS
ithf02.adsender.us
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
http://pt.horoscopofree.com/unsub?tkn=u_Ixt-Byz8EdnHpqRlUEXkO-HiWJYF8NrZ5z+wpfAszsfsKwrz6znl720jYJ33bomVYhjPHr8nlh5uJkPwuYAGcs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 01 Dec 2020 02:39:12 GMT
Server
nginx
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-LLC-HF
ithf02
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Mirror
web6
Expires
0
ajs.php
banner.adsender.us/www/delivery/ 		525 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://banner.adsender.us/www/delivery/ajs.php?zoneid=11&cb=38882243089&charset=UTF-8&loc=http%3A//pt.horoscopofree.com/unsub%3Ftkn%3Du_Ixt-Byz8EdnHpqRlUEXkO-HiWJYF8NrZ5z+wpfAszsfsKwrz6znl720jYJ33bomVYhjPHr8nlh5uJkPwuYAGcs
Requested by
Host: pt.horoscopofree.com
URL: http://pt.horoscopofree.com/unsub?tkn=u_Ixt-Byz8EdnHpqRlUEXkO-HiWJYF8NrZ5z+wpfAszsfsKwrz6znl720jYJ33bomVYhjPHr8nlh5uJkPwuYAGcs
Protocol
HTTP/1.1
Server
85.94.197.210 , Italy, ASN12637 (SEEWEB Web hosting, colocation and cloud services, IT),
Reverse DNS
ithf02.adsender.us
Software
nginx /
Resource Hash
bd17eeaa7590bd8c100802af4ea0d2739e4a8fe307ef84fc13c4637e68995b41

Request headers

Referer
http://pt.horoscopofree.com/unsub?tkn=u_Ixt-Byz8EdnHpqRlUEXkO-HiWJYF8NrZ5z+wpfAszsfsKwrz6znl720jYJ33bomVYhjPHr8nlh5uJkPwuYAGcs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Tue, 01 Dec 2020 02:39:12 GMT
Server
nginx
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-LLC-HF
ithf02
Connection
keep-alive
Content-Type
text/javascript; charset=UTF-8
Content-Length
525
Mirror
web6
Expires
0
lg.php
banner.adsender.us/www/delivery/ 		43 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://banner.adsender.us/www/delivery/lg.php?bannerid=0&campaignid=0&zoneid=11&loc=http%3A%2F%2Fpt.horoscopofree.com%2Funsub%3Ftkn%3Du_Ixt-Byz8EdnHpqRlUEXkO-HiWJYF8NrZ5z+wpfAszsfsKwrz6znl720jYJ33bomVYhjPHr8nlh5uJkPwuYAGcs&cb=f246253abc
Requested by
Host: pt.horoscopofree.com
URL: http://pt.horoscopofree.com/unsub?tkn=u_Ixt-Byz8EdnHpqRlUEXkO-HiWJYF8NrZ5z+wpfAszsfsKwrz6znl720jYJ33bomVYhjPHr8nlh5uJkPwuYAGcs
Protocol
HTTP/1.1
Server
85.94.197.210 , Italy, ASN12637 (SEEWEB Web hosting, colocation and cloud services, IT),
Reverse DNS
ithf02.adsender.us
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
http://pt.horoscopofree.com/unsub?tkn=u_Ixt-Byz8EdnHpqRlUEXkO-HiWJYF8NrZ5z+wpfAszsfsKwrz6znl720jYJ33bomVYhjPHr8nlh5uJkPwuYAGcs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 01 Dec 2020 02:39:12 GMT
Server
nginx
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-LLC-HF
ithf02
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Mirror
web6
Expires
0
ajs.php
banner.adsender.us/www/delivery/ 		525 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://banner.adsender.us/www/delivery/ajs.php?zoneid=10&cb=30896800144&charset=UTF-8&loc=http%3A//pt.horoscopofree.com/unsub%3Ftkn%3Du_Ixt-Byz8EdnHpqRlUEXkO-HiWJYF8NrZ5z+wpfAszsfsKwrz6znl720jYJ33bomVYhjPHr8nlh5uJkPwuYAGcs
Requested by
Host: pt.horoscopofree.com
URL: http://pt.horoscopofree.com/unsub?tkn=u_Ixt-Byz8EdnHpqRlUEXkO-HiWJYF8NrZ5z+wpfAszsfsKwrz6znl720jYJ33bomVYhjPHr8nlh5uJkPwuYAGcs
Protocol
HTTP/1.1
Server
85.94.197.210 , Italy, ASN12637 (SEEWEB Web hosting, colocation and cloud services, IT),
Reverse DNS
ithf02.adsender.us
Software
nginx /
Resource Hash
40d7f00afe915f6682a5ba0460171567792f12f0efa058d2ee5200e76fe85c3b

Request headers

Referer
http://pt.horoscopofree.com/unsub?tkn=u_Ixt-Byz8EdnHpqRlUEXkO-HiWJYF8NrZ5z+wpfAszsfsKwrz6znl720jYJ33bomVYhjPHr8nlh5uJkPwuYAGcs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Tue, 01 Dec 2020 02:39:12 GMT
Server
nginx
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-LLC-HF
ithf02
Connection
keep-alive
Content-Type
text/javascript; charset=UTF-8
Content-Length
525
Mirror
web6
Expires
0
lg.php
banner.adsender.us/www/delivery/ 		43 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://banner.adsender.us/www/delivery/lg.php?bannerid=0&campaignid=0&zoneid=10&loc=http%3A%2F%2Fpt.horoscopofree.com%2Funsub%3Ftkn%3Du_Ixt-Byz8EdnHpqRlUEXkO-HiWJYF8NrZ5z+wpfAszsfsKwrz6znl720jYJ33bomVYhjPHr8nlh5uJkPwuYAGcs&cb=c12b6d67c0
Requested by
Host: pt.horoscopofree.com
URL: http://pt.horoscopofree.com/unsub?tkn=u_Ixt-Byz8EdnHpqRlUEXkO-HiWJYF8NrZ5z+wpfAszsfsKwrz6znl720jYJ33bomVYhjPHr8nlh5uJkPwuYAGcs
Protocol
HTTP/1.1
Server
85.94.197.210 , Italy, ASN12637 (SEEWEB Web hosting, colocation and cloud services, IT),
Reverse DNS
ithf02.adsender.us
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
http://pt.horoscopofree.com/unsub?tkn=u_Ixt-Byz8EdnHpqRlUEXkO-HiWJYF8NrZ5z+wpfAszsfsKwrz6znl720jYJ33bomVYhjPHr8nlh5uJkPwuYAGcs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 01 Dec 2020 02:39:12 GMT
Server
nginx
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-LLC-HF
ithf02
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Mirror
web6
Expires
0
ajs.php
banner.adsender.us/www/delivery/ 		525 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://banner.adsender.us/www/delivery/ajs.php?zoneid=12&cb=67384582760&charset=UTF-8&loc=http%3A//pt.horoscopofree.com/unsub%3Ftkn%3Du_Ixt-Byz8EdnHpqRlUEXkO-HiWJYF8NrZ5z+wpfAszsfsKwrz6znl720jYJ33bomVYhjPHr8nlh5uJkPwuYAGcs
Requested by
Host: pt.horoscopofree.com
URL: http://pt.horoscopofree.com/unsub?tkn=u_Ixt-Byz8EdnHpqRlUEXkO-HiWJYF8NrZ5z+wpfAszsfsKwrz6znl720jYJ33bomVYhjPHr8nlh5uJkPwuYAGcs
Protocol
HTTP/1.1
Server
85.94.197.210 , Italy, ASN12637 (SEEWEB Web hosting, colocation and cloud services, IT),
Reverse DNS
ithf02.adsender.us
Software
nginx /
Resource Hash
265cb9246064bafdccb71ae0df656e45c68d3210534774007035ee80c5695956

Request headers

Referer
http://pt.horoscopofree.com/unsub?tkn=u_Ixt-Byz8EdnHpqRlUEXkO-HiWJYF8NrZ5z+wpfAszsfsKwrz6znl720jYJ33bomVYhjPHr8nlh5uJkPwuYAGcs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Tue, 01 Dec 2020 02:39:12 GMT
Server
nginx
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-LLC-HF
ithf02
Connection
keep-alive
Content-Type
text/javascript; charset=UTF-8
Content-Length
525
Mirror
web6
Expires
0
lg.php
banner.adsender.us/www/delivery/ 		43 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://banner.adsender.us/www/delivery/lg.php?bannerid=0&campaignid=0&zoneid=12&loc=http%3A%2F%2Fpt.horoscopofree.com%2Funsub%3Ftkn%3Du_Ixt-Byz8EdnHpqRlUEXkO-HiWJYF8NrZ5z+wpfAszsfsKwrz6znl720jYJ33bomVYhjPHr8nlh5uJkPwuYAGcs&cb=1faed8ffee
Requested by
Host: pt.horoscopofree.com
URL: http://pt.horoscopofree.com/unsub?tkn=u_Ixt-Byz8EdnHpqRlUEXkO-HiWJYF8NrZ5z+wpfAszsfsKwrz6znl720jYJ33bomVYhjPHr8nlh5uJkPwuYAGcs
Protocol
HTTP/1.1
Server
85.94.197.210 , Italy, ASN12637 (SEEWEB Web hosting, colocation and cloud services, IT),
Reverse DNS
ithf02.adsender.us
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
http://pt.horoscopofree.com/unsub?tkn=u_Ixt-Byz8EdnHpqRlUEXkO-HiWJYF8NrZ5z+wpfAszsfsKwrz6znl720jYJ33bomVYhjPHr8nlh5uJkPwuYAGcs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 01 Dec 2020 02:39:12 GMT
Server
nginx
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-LLC-HF
ithf02
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Mirror
web6
Expires
0
plusone.js
apis.google.com/js/ 		49 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/plusone.js
Requested by
Host: pt.horoscopofree.com
URL: http://pt.horoscopofree.com/unsub?tkn=u_Ixt-Byz8EdnHpqRlUEXkO-HiWJYF8NrZ5z+wpfAszsfsKwrz6znl720jYJ33bomVYhjPHr8nlh5uJkPwuYAGcs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
000bd65a7d023646b4ba348305c1ac4e81a7052cfd8fcd58090888b8e756e1e7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-U/any/WWTEiITmUUtz3V3w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://pt.horoscopofree.com/unsub?tkn=u_Ixt-Byz8EdnHpqRlUEXkO-HiWJYF8NrZ5z+wpfAszsfsKwrz6znl720jYJ33bomVYhjPHr8nlh5uJkPwuYAGcs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 01 Dec 2020 02:39:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
x-frame-options
SAMEORIGIN
etag
"430c853b1b0dfec9e56426ea5072343a"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-U/any/WWTEiITmUUtz3V3w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
expires
Tue, 01 Dec 2020 02:39:12 GMT
api.js
www.google.com/recaptcha/ 		909 B
975 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit
Requested by
Host: pt.horoscopofree.com
URL: http://pt.horoscopofree.com/unsub?tkn=u_Ixt-Byz8EdnHpqRlUEXkO-HiWJYF8NrZ5z+wpfAszsfsKwrz6znl720jYJ33bomVYhjPHr8nlh5uJkPwuYAGcs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ad049583b93a27c3712aacd50a1c84e807f479b3247f50b10417dc1c7d4f7d4e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://pt.horoscopofree.com/unsub?tkn=u_Ixt-Byz8EdnHpqRlUEXkO-HiWJYF8NrZ5z+wpfAszsfsKwrz6znl720jYJ33bomVYhjPHr8nlh5uJkPwuYAGcs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 01 Dec 2020 02:39:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
580
x-xss-protection
1; mode=block
expires
Tue, 01 Dec 2020 02:39:12 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/UFwvoDBMjc8LiYc1DKXiAomK/ 		335 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/UFwvoDBMjc8LiYc1DKXiAomK/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
14a2806a256579773a3680e21459dea7827d002104c6336856e0bef9a39be0c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://pt.horoscopofree.com
Referer
http://pt.horoscopofree.com/unsub?tkn=u_Ixt-Byz8EdnHpqRlUEXkO-HiWJYF8NrZ5z+wpfAszsfsKwrz6znl720jYJ33bomVYhjPHr8nlh5uJkPwuYAGcs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 01 Dec 2020 02:00:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2325
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133988
x-xss-protection
0
last-modified
Mon, 16 Nov 2020 01:06:46 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 01 Dec 2021 02:00:27 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.sazTpAB7NWc.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMGRnMhese6OTxesnN0rDvhruAGIg/ 		138 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.sazTpAB7NWc.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMGRnMhese6OTxesnN0rDvhruAGIg/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc0d33aa4929b71fa775ae49b0ee486a10d5dcae89693d11ceaa95192dce774e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://pt.horoscopofree.com/unsub?tkn=u_Ixt-Byz8EdnHpqRlUEXkO-HiWJYF8NrZ5z+wpfAszsfsKwrz6znl720jYJ33bomVYhjPHr8nlh5uJkPwuYAGcs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 26 Nov 2020 21:08:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 19 Nov 2020 17:03:00 GMT
server
sffe
age
365441
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49552
x-xss-protection
0
expires
Fri, 26 Nov 2021 21:08:31 GMT
anchor
www.google.com/recaptcha/api2/ Frame 207D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf0xQcUAAAAALna_ECBIovJa5YDCkshc44bqm8t&co=aHR0cDovL3B0Lmhvcm9zY29wb2ZyZWUuY29tOjgw&hl=en&v=UFwvoDBMjc8LiYc1DKXiAomK&size=normal&cb=oe4hi7p5da2f
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/UFwvoDBMjc8LiYc1DKXiAomK/recaptcha__en.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-RcRhs0OdfeuM8D111ekGBw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6Lf0xQcUAAAAALna_ECBIovJa5YDCkshc44bqm8t&co=aHR0cDovL3B0Lmhvcm9zY29wb2ZyZWUuY29tOjgw&hl=en&v=UFwvoDBMjc8LiYc1DKXiAomK&size=normal&cb=oe4hi7p5da2f
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://pt.horoscopofree.com/unsub?tkn=u_Ixt-Byz8EdnHpqRlUEXkO-HiWJYF8NrZ5z+wpfAszsfsKwrz6znl720jYJ33bomVYhjPHr8nlh5uJkPwuYAGcs
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
NID=505=Swo9uTYJgGYl5GaXrApTqVzCiKlQVDNVontD5tWjsT_6bWxMrCsvaePpjkDIG1Jky0NLI-hWo_pZeG3A9DsIpjCyzOyoGofDw-5-srarZFO_boYuIK7oJ-rgDj0MAnOTnGisL93JbqFxlsyfHVubPLiPKqj8iinF4khZX6jz0FU
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://pt.horoscopofree.com/unsub?tkn=u_Ixt-Byz8EdnHpqRlUEXkO-HiWJYF8NrZ5z+wpfAszsfsKwrz6znl720jYJ33bomVYhjPHr8nlh5uJkPwuYAGcs

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 01 Dec 2020 02:39:12 GMT
content-security-policy
script-src 'report-sample' 'nonce-RcRhs0OdfeuM8D111ekGBw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
10736
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bframe
www.google.com/recaptcha/api2/ Frame 1159 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=UFwvoDBMjc8LiYc1DKXiAomK&k=6Lf0xQcUAAAAALna_ECBIovJa5YDCkshc44bqm8t&cb=fw5etsx04efg
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/UFwvoDBMjc8LiYc1DKXiAomK/recaptcha__en.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-a+YJdx1IYh0kCHKbmt4HRQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/bframe?hl=en&v=UFwvoDBMjc8LiYc1DKXiAomK&k=6Lf0xQcUAAAAALna_ECBIovJa5YDCkshc44bqm8t&cb=fw5etsx04efg
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://pt.horoscopofree.com/unsub?tkn=u_Ixt-Byz8EdnHpqRlUEXkO-HiWJYF8NrZ5z+wpfAszsfsKwrz6znl720jYJ33bomVYhjPHr8nlh5uJkPwuYAGcs
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
NID=505=Swo9uTYJgGYl5GaXrApTqVzCiKlQVDNVontD5tWjsT_6bWxMrCsvaePpjkDIG1Jky0NLI-hWo_pZeG3A9DsIpjCyzOyoGofDw-5-srarZFO_boYuIK7oJ-rgDj0MAnOTnGisL93JbqFxlsyfHVubPLiPKqj8iinF4khZX6jz0FU
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://pt.horoscopofree.com/unsub?tkn=u_Ixt-Byz8EdnHpqRlUEXkO-HiWJYF8NrZ5z+wpfAszsfsKwrz6znl720jYJ33bomVYhjPHr8nlh5uJkPwuYAGcs

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 01 Dec 2020 02:39:13 GMT
content-security-policy
script-src 'report-sample' 'nonce-a+YJdx1IYh0kCHKbmt4HRQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1121
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated object| _gaq string| google_analytics_uacct string| google_analytics_domain_name string| m3_u number| m3_r object| _gat object| gaGlobal string| OX_8dde10a6 string| OX_9be2c2c0 string| OX_800a056d string| OX_3fbc7933 string| OX_bb4e5f92 function| $ function| jQuery function| onloadCallback function| setCookie function| getCookie string| caName object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| gapi object| ___jsl object| recaptcha object| closure_lm_680950 object| gadgets object| osapi object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow

8 Cookies

Domain/Path Name / Value
.google.com/ Name: NID
Value: 505=Swo9uTYJgGYl5GaXrApTqVzCiKlQVDNVontD5tWjsT_6bWxMrCsvaePpjkDIG1Jky0NLI-hWo_pZeG3A9DsIpjCyzOyoGofDw-5-srarZFO_boYuIK7oJ-rgDj0MAnOTnGisL93JbqFxlsyfHVubPLiPKqj8iinF4khZX6jz0FU
.horoscopofree.com/ Name: __utmb
Value: 1.2.10.1606790352
.horoscopofree.com/ Name: __utmt
Value: 1
.horoscopofree.com/ Name: __utmz
Value: 1.1606790352.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.horoscopofree.com/ Name: __utma
Value: 1.1501463092.1606790352.1606790352.1606790352.1
.horoscopofree.com/ Name: ulang
Value: 82cqetWht4QYE9yvDjO9e_WOeA
.horoscopofree.com/ Name: __utmc
Value: 1
.horoscopofree.com/ Name: HRPTS
Value: cb0929cd4e823b6a5310e5f7f08757d6

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apis.google.com
banner.adsender.us
dqlkqhr3456sn.cloudfront.net
pt.horoscopofree.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.gstatic.com
www.horoscopofree.com
2a00:1450:4001:815::2003
2a00:1450:4001:81a::2004
2a00:1450:4001:81a::200e
2a00:1450:4001:820::2003
2a00:1450:4001:824::200e
2a00:1450:400c:c0c::9d
85.94.197.210
87.252.216.244
87.252.216.248
99.86.7.112
000bd65a7d023646b4ba348305c1ac4e81a7052cfd8fcd58090888b8e756e1e7
0597aa973fbe706eee9084ec989eaf20796016ac1bc1136d80544edd2dde9b01
0e3b56af2ea84cd2f349f799b8ba8d4ec08e82b0153d28e3a9111a87f038e355
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
14a2806a256579773a3680e21459dea7827d002104c6336856e0bef9a39be0c9
1d6e05b4845e9a6344a0538390da3871f7695314a2ee39f1dd3b51708565b361
265cb9246064bafdccb71ae0df656e45c68d3210534774007035ee80c5695956
40d7f00afe915f6682a5ba0460171567792f12f0efa058d2ee5200e76fe85c3b
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
531f6683220e323380d61b856eea38ec02a269f7b24d65adc633afb2dfd0e924
73e25e4a6389c7b117ed45236b2ff3a08a8c30ef5f07323561334e1c5599a9dc
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89c2034abb0cd0a78a82c11b9f2f6a3a658d3443aece454bfeefd1119ff1c808
9f9188a24243282e06d20f4c8520e059e4f40ae78c65dc646802aef8ad29675d
ad049583b93a27c3712aacd50a1c84e807f479b3247f50b10417dc1c7d4f7d4e
bd17eeaa7590bd8c100802af4ea0d2739e4a8fe307ef84fc13c4637e68995b41
c81d81aec6e1afed3c2168b34ed23bef237a8ab04ef91335840f7099df1c021b
cc0d33aa4929b71fa775ae49b0ee486a10d5dcae89693d11ceaa95192dce774e
ed9b8865dff6bf21bf5d06926bbf9af992c2c8e26cd2bbbb30bbfbb4763bbed7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f43121e8466577816a16da77f5b7948aa5496afeac7876a6318d7e967e73cb39