funguseliminator.com Open in urlscan Pro
159.89.239.100 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://funguseliminator.com/
Effective URL:
https://funguseliminator.com/
Submission: On June 27 via manual (June 27th 2022, 9:49:16 pm UTC) from US — Scanned from DE

Summary HTTP 125 Redirects Behaviour Indicators

Summary

This website contacted 67 IPs in 12 countries across 64 domains to perform 125 HTTP transactions. The main IP is 159.89.239.100, located in North Bergen, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is funguseliminator.com. The Cisco Umbrella rank of the primary domain is 283711.
TLS certificate: Issued by R3 on May 11th 2022. Valid for: 3 months.

This is the only time funguseliminator.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 12	159.89.239.100 159.89.239.100	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
2	13.248.155.138 13.248.155.138	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	23.35.237.86 23.35.237.86	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2600:9000:20e... 2600:9000:20eb:9a00:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
2	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
1	13.224.194.49 13.224.194.49	16509 (AMAZON-02) (AMAZON-02)
1	37.157.5.71 37.157.5.71	198622 (ADFORM) (ADFORM)
1	178.250.0.147 178.250.0.147	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	70.42.32.191 70.42.32.191	13789 (INTERNAP-...) (INTERNAP-BLK3)
4	18.66.92.98 18.66.92.98	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c02::9a	15169 (GOOGLE) (GOOGLE)
1 1	2600:1f18:730... 2600:1f18:730:b110:af35:be39:7aa6:3548	14618 (AMAZON-AES) (AMAZON-AES)
1	34.230.119.25 34.230.119.25	14618 (AMAZON-AES) (AMAZON-AES)
3 4	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1 2	37.157.4.28 37.157.4.28	198622 (ADFORM) (ADFORM)
1	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3 16	37.157.2.234 37.157.2.234	198622 (ADFORM) (ADFORM)
1	37.157.4.40 37.157.4.40	198622 (ADFORM) (ADFORM)
1 3	54.77.200.44 54.77.200.44	16509 (AMAZON-02) (AMAZON-02)
3	96.16.132.239 96.16.132.239	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	52.59.103.170 52.59.103.170	16509 (AMAZON-02) (AMAZON-02)
2	185.86.139.106 185.86.139.106	201081 (SMARTADSE...) (SMARTADSERVER)
1 1	52.59.31.58 52.59.31.58	16509 (AMAZON-02) (AMAZON-02)
1 3	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1	104.90.105.191 104.90.105.191	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	3.72.114.165 3.72.114.165	16509 (AMAZON-02) (AMAZON-02)
1	34.149.40.38 34.149.40.38	15169 (GOOGLE) (GOOGLE)
1 2	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5 5	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
2 2	23.35.228.210 23.35.228.210	16625 (AKAMAI-AS) (AKAMAI-AS)
4 4	185.33.220.244 185.33.220.244	29990 (ASN-APPNEX) (ASN-APPNEX)
3	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2	3.125.70.222 3.125.70.222	16509 (AMAZON-02) (AMAZON-02)
1	54.78.254.47 54.78.254.47	16509 (AMAZON-02) (AMAZON-02)
2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 2	63.34.67.128 63.34.67.128	16509 (AMAZON-02) (AMAZON-02)
2	104.92.72.137 104.92.72.137	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1 1	34.249.162.61 34.249.162.61	16509 (AMAZON-02) (AMAZON-02)
1	52.218.56.203 52.218.56.203	16509 (AMAZON-02) (AMAZON-02)
3 3	51.222.80.231 51.222.80.231	16276 (OVH) (OVH)
2 2	18.198.126.47 18.198.126.47	16509 (AMAZON-02) (AMAZON-02)
4 5	139.162.147.254 139.162.147.254	63949 (LINODE-AP...) (LINODE-AP Linode)
1 1	51.77.65.169 51.77.65.169	16276 (OVH) (OVH)
1 1	193.135.9.114 193.135.9.114	48314 (IP-PROJECTS) (IP-PROJECTS)
5 5	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	52.50.52.140 52.50.52.140	16509 (AMAZON-02) (AMAZON-02)
5 7	185.33.221.11 185.33.221.11	29990 (ASN-APPNEX) (ASN-APPNEX)
2	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	13.225.78.117 13.225.78.117	16509 (AMAZON-02) (AMAZON-02)
2 2	34.199.197.121 34.199.197.121	14618 (AMAZON-AES) (AMAZON-AES)
2 3	52.49.145.37 52.49.145.37	16509 (AMAZON-02) (AMAZON-02)
1 1	18.156.126.13 18.156.126.13	16509 (AMAZON-02) (AMAZON-02)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	18.193.237.214 18.193.237.214	16509 (AMAZON-02) (AMAZON-02)
1	69.169.85.6 69.169.85.6	29838 (AMC) (AMC)
2	141.95.98.71 141.95.98.71	16276 (OVH) (OVH)
2 2	35.190.24.218 35.190.24.218	15169 (GOOGLE) (GOOGLE)
2	23.35.237.56 23.35.237.56	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	78.46.100.125 78.46.100.125	24940 (HETZNER-AS) (HETZNER-AS)
2	2600:9000:224... 2600:9000:224a:9000:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1	46.19.11.36 46.19.11.36	51790 (SIEL) (SIEL)
2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	18.195.155.181 18.195.155.181	16509 (AMAZON-02) (AMAZON-02)
3	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1 2	172.217.16.198 172.217.16.198	15169 (GOOGLE) (GOOGLE)
1 1	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	182.161.74.16 182.161.74.16	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
4	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	185.255.84.153 185.255.84.153	200271 (IGUANE-) (IGUANE-)
1	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.90.104.26 104.90.104.26	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.185.150.140 18.185.150.140	16509 (AMAZON-02) (AMAZON-02)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	3.66.244.147 3.66.244.147	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB) (YAHOO-DEB)
2	34.249.170.53 34.249.170.53	16509 (AMAZON-02) (AMAZON-02)
125	67

12 159.89.239.100 (North Bergen, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: funguseliminator.com

funguseliminator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.155.138 (United States)

ASN16509 (AMAZON-02, US)
PTR: a746f2a683c73ece4.awsglobalaccelerator.com

secure.funguseliminator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-86.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:9a00:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.194.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-49.fra2.r.cloudfront.net

d9i5ve8f04qxt.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.5.71 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.147 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 70.42.32.191 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.66.92.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-92-98.fra56.r.cloudfront.net

d1pqvb2h9xgm7r.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c02::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b110:af35:be39:7aa6:3548 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.230.119.25 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-230-119-25.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638::1c (France) 3 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.28 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

a1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 37.157.2.234 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.4.40 (Denmark)

ASN198622 (ADFORM, DK)

server.seadform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.77.200.44 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-200-44.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 96.16.132.239 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-132-239.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.59.103.170 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-103-170.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.139.106 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.59.31.58 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-31-58.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.126.56.137 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.90.105.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-105-191.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.72.114.165 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-72-114-165.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.149.40.38 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 38.40.149.34.bc.googleusercontent.com

u.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.18.126 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 77.243.60.138 (Aalborg, Denmark) 5 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
se.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.228.210 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-210.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.220.244 (Amsterdam, Netherlands) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.125.70.222 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-70-222.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.34.67.128 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-67-128.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.92.72.137 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-72-137.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.249.162.61 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-162-61.eu-west-1.compute.amazonaws.com

api.adrtx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.56.203 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.222.80.231 (Canada) 3 redirects

ASN16276 (OVH, FR)
PTR: pikafka-us-1.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.198.126.47 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-126-47.eu-central-1.compute.amazonaws.com

loada.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 139.162.147.254 (Frankfurt am Main, Germany) 4 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1414-254.members.linode.com

cm.adsafety.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.77.65.169 (Germany) 1 redirects

ASN16276 (OVH, FR)
PTR: tags11.adsafety.net

tags.adsafety.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.135.9.114 (Germany) 1 redirects

ASN48314 (IP-PROJECTS, DE)

ads.smartstream.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.98 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.50.52.140 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-52-140.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.33.221.11 (Amsterdam, Netherlands) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-117.fra2.r.cloudfront.net

pdw-adf.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.199.197.121 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-197-121.compute-1.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.49.145.37 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-145-37.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.156.126.13 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-126-13.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Sankt Georgen im Schwarzwald, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.193.237.214 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-237-214.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.169.85.6 (Colonia, United States)

ASN29838 (AMC, US)

global.ib-ibi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.95.98.71 (France)

ASN16276 (OVH, FR)
PTR: ns3216577.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.24.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.237.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-56.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 78.46.100.125 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.125.100.46.78.clients.your-server.de

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:224a:9000:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.19.11.36 (Slovenia)

ASN51790 (SIEL, SI)
PTR: ilog.vsn.si

match.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f6.1e100.net

10720395.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.161.74.16 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

widget.as.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.153 (Ivry-sur-Seine, France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.90.104.26 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-104-26.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.185.150.140 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-150-140.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.66.244.147 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-244-147.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.249.170.53 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-170-53.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	adform.net 4 redirects s2.adform.net — Cisco Umbrella Rank: 5651 a1.adform.net — Cisco Umbrella Rank: 12686 c1.adform.net — Cisco Umbrella Rank: 583 dmp.adform.net — Cisco Umbrella Rank: 4326	40 KB
14	funguseliminator.com 1 redirects funguseliminator.com — Cisco Umbrella Rank: 283711 secure.funguseliminator.com — Cisco Umbrella Rank: 760396	697 KB
12	criteo.com 4 redirects dynamic.criteo.com — Cisco Umbrella Rank: 4153 gum.criteo.com — Cisco Umbrella Rank: 391 mug.criteo.com — Cisco Umbrella Rank: 2727 sslwidget.criteo.com — Cisco Umbrella Rank: 1530 widget.as.criteo.com — Cisco Umbrella Rank: 28930 dis.criteo.com — Cisco Umbrella Rank: 717	34 KB
11	adnxs.com 9 redirects ib.adnxs.com — Cisco Umbrella Rank: 244 secure.adnxs.com — Cisco Umbrella Rank: 408	11 KB
8	doubleclick.net 6 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 119 cm.g.doubleclick.net — Cisco Umbrella Rank: 205 10720395.fls.doubleclick.net — Cisco Umbrella Rank: 190897	2 KB
6	adsafety.net 5 redirects cm.adsafety.net — Cisco Umbrella Rank: 4618 tags.adsafety.net — Cisco Umbrella Rank: 138219	10 KB
5	semasio.net 5 redirects uipglob.semasio.net — Cisco Umbrella Rank: 1128 se.semasio.net — Cisco Umbrella Rank: 22927	3 KB
5	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 299 ads.yahoo.com — Cisco Umbrella Rank: 1058	1023 B
5	cloudfront.net d9i5ve8f04qxt.cloudfront.net d1pqvb2h9xgm7r.cloudfront.net	20 KB
5	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 982 trc.taboola.com — Cisco Umbrella Rank: 672 trc-events.taboola.com — Cisco Umbrella Rank: 1600 sync-t1.taboola.com — Cisco Umbrella Rank: 1188	19 KB
4	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 1975 tr.outbrain.com — Cisco Umbrella Rank: 1779 sync.outbrain.com — Cisco Umbrella Rank: 694	5 KB
3	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 192	3 KB
3	onaudience.com 3 redirects pixel.onaudience.com — Cisco Umbrella Rank: 3729	1 KB
3	exelator.com 2 redirects loadm.exelator.com — Cisco Umbrella Rank: 1268 loada.exelator.com — Cisco Umbrella Rank: 19811	2 KB
3	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 367	793 B
3	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 608 r.casalemedia.com — Cisco Umbrella Rank: 1528	3 KB
3	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 290	2 KB
3	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 3088	2 KB
3	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 642	1 KB
3	liadm.com 1 redirects b-code.liadm.com — Cisco Umbrella Rank: 3723 rp.liadm.com — Cisco Umbrella Rank: 2606 rp4.liadm.com — Cisco Umbrella Rank: 10858	12 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 362	12 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	112 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49	58 KB
2	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 1767	439 B
2	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 410	279 B
2	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 444	581 B
2	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 659	479 B
2	1dmp.io 1 redirects sync.1dmp.io — Cisco Umbrella Rank: 11945	809 B
2	teads.tv sync.teads.tv — Cisco Umbrella Rank: 938 criteo-sync.teads.tv — Cisco Umbrella Rank: 1626	344 B
2	weborama.fr 2 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 10026	528 B
2	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 550	2 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 790	1 KB
2	audrte.com 2 redirects a.audrte.com — Cisco Umbrella Rank: 2310	4 KB
2	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 611	299 B
2	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 483	653 B
2	crwdcntrl.net 1 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 716	572 B
2	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 321	107 B
2	eyeota.net ps.eyeota.net — Cisco Umbrella Rank: 976	688 B
2	mathtag.com 2 redirects pixel.mathtag.com — Cisco Umbrella Rank: 987	1 KB
2	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 653	326 B
2	adscale.de 2 redirects ih.adscale.de — Cisco Umbrella Rank: 3590	694 B
2	rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 711 pixel.rubiconproject.com — Cisco Umbrella Rank: 336	453 B
2	google.com www.google.com — Cisco Umbrella Rank: 8 adservice.google.com — Cisco Umbrella Rank: 92	995 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 559	35 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1333	40 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 529	786 B
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 1529	235 B
1	emxdgt.com e1.emxdgt.com — Cisco Umbrella Rank: 939	59 B
1	contentexchange.me match.contentexchange.me — Cisco Umbrella Rank: 19375	49 B
1	ib-ibi.com global.ib-ibi.com — Cisco Umbrella Rank: 1773	72 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1653	456 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 445	492 B
1	userreport.com pdw-adf.userreport.com — Cisco Umbrella Rank: 16505	443 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 457	338 B
1	smartstream.tv 1 redirects ads.smartstream.tv — Cisco Umbrella Rank: 34125	849 B
1	amazonaws.com s3-eu-west-1.amazonaws.com	390 B
1	adrtx.net 1 redirects api.adrtx.net — Cisco Umbrella Rank: 20252	406 B
1	openx.net eu-u.openx.net — Cisco Umbrella Rank: 1861	275 B
1	4dex.io u.4dex.io — Cisco Umbrella Rank: 5919	161 B
1	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 681	711 B
1	advertising.com 1 redirects pixel.advertising.com — Cisco Umbrella Rank: 545	192 B
1	seadform.net server.seadform.net — Cisco Umbrella Rank: 24860	343 B
1	google.de www.google.de — Cisco Umbrella Rank: 5448	501 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 89	84 KB
125	64

	Domain	Requested by
13	c1.adform.net	3 redirects a1.adform.net c1.adform.net
12	funguseliminator.com	1 redirects funguseliminator.com
7	secure.adnxs.com	5 redirects c1.adform.net
5	cm.g.doubleclick.net	5 redirects
5	cm.adsafety.net	4 redirects c1.adform.net
4	dis.criteo.com
4	ib.adnxs.com	4 redirects
4	gum.criteo.com	3 redirects dynamic.criteo.com
4	d1pqvb2h9xgm7r.cloudfront.net	d9i5ve8f04qxt.cloudfront.net
3	dmp.adform.net	c1.adform.net
3	dpm.demdex.net	2 redirects
3	pixel.onaudience.com	3 redirects
3	match.adsrvr.org	c1.adform.net
3	se.semasio.net	3 redirects
3	x.bidswitch.net	2 redirects
3	ups.analytics.yahoo.com	1 redirects c1.adform.net
3	ad.yieldlab.net	c1.adform.net
3	ad.360yield.com	1 redirects c1.adform.net
3	bat.bing.com	www.googletagmanager.com bat.bing.com funguseliminator.com
3	connect.facebook.net	funguseliminator.com connect.facebook.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	sync-criteo.ads.yieldmo.com
2	ads.yahoo.com
2	10720395.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	trc-events.taboola.com	cdn.taboola.com
2	eb2.3lift.com	c1.adform.net
2	pixel.tapad.com	2 redirects
2	s.ad.smaato.net	c1.adform.net
2	sync.1dmp.io	1 redirects c1.adform.net
2	redirect.frontend.weborama.fr	2 redirects
2	id5-sync.com	c1.adform.net
2	pm.w55c.net	2 redirects
2	a.audrte.com	2 redirects
2	simage2.pubmatic.com	c1.adform.net
2	loada.exelator.com	2 redirects
2	tags.bluekai.com	c1.adform.net
2	sync.crwdcntrl.net	1 redirects c1.adform.net
2	idsync.rlcdn.com	c1.adform.net
2	ps.eyeota.net	c1.adform.net
2	pixel.mathtag.com	2 redirects
2	uipglob.semasio.net	2 redirects
2	dsum-sec.casalemedia.com	1 redirects c1.adform.net
2	rtb-csync.smartadserver.com	c1.adform.net
2	ih.adscale.de	2 redirects
2	a1.adform.net	1 redirects funguseliminator.com
2	tr.outbrain.com	amplify.outbrain.com funguseliminator.com
2	secure.funguseliminator.com	funguseliminator.com secure.funguseliminator.com
1	criteo-sync.teads.tv
1	sync-t1.taboola.com
1	match.sharethrough.com
1	pixel.rubiconproject.com
1	sync.outbrain.com
1	exchange.mediavine.com
1	contextual.media.net
1	r.casalemedia.com
1	visitor.omnitagjs.com
1	adservice.google.com	10720395.fls.doubleclick.net
1	widget.as.criteo.com
1	sslwidget.criteo.com	1 redirects
1	e1.emxdgt.com	c1.adform.net
1	match.contentexchange.me	c1.adform.net
1	sync.teads.tv	c1.adform.net
1	global.ib-ibi.com	c1.adform.net
1	dsp.adfarm1.adition.com	1 redirects
1	aa.agkn.com	1 redirects
1	pdw-adf.userreport.com	c1.adform.net
1	beacon.krxd.net	c1.adform.net
1	ads.smartstream.tv	1 redirects
1	tags.adsafety.net	1 redirects
1	s3-eu-west-1.amazonaws.com	c1.adform.net
1	api.adrtx.net	1 redirects
1	eu-u.openx.net	c1.adform.net
1	loadm.exelator.com	c1.adform.net
1	u.4dex.io	c1.adform.net
1	ads.stickyadstv.com	c1.adform.net
1	pixel.advertising.com	1 redirects
1	token.rubiconproject.com	c1.adform.net
1	server.seadform.net	funguseliminator.com
1	mug.criteo.com	funguseliminator.com
1	www.google.de	funguseliminator.com
1	www.google.com	funguseliminator.com
1	rp4.liadm.com	funguseliminator.com
1	rp.liadm.com	1 redirects
1	stats.g.doubleclick.net	www.google-analytics.com
1	trc.taboola.com	cdn.taboola.com
1	dynamic.criteo.com	www.googletagmanager.com
1	s2.adform.net	funguseliminator.com
1	d9i5ve8f04qxt.cloudfront.net	www.googletagmanager.com
1	cdn.taboola.com	funguseliminator.com
1	b-code.liadm.com	www.googletagmanager.com
1	amplify.outbrain.com	www.googletagmanager.com
1	www.googletagmanager.com	funguseliminator.com
125	92

This site contains no links.

Subject Issuer	Validity	Valid
funguseliminator.com R3	`2022-05-11` - `2022-08-09`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
secure.funguseliminator.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-07` - `2022-09-07`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-04-06` - `2022-07-05`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-03` - `2023-04-04`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-06-10` - `2022-12-10`	6 months	crt.sh
*.liadm.com Amazon	`2022-01-31` - `2023-03-01`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-15` - `2022-09-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.seadform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-11-04`	a year	crt.sh
*.yieldlab.net DigiCert SHA2 Secure Server CA	`2022-01-14` - `2023-01-13`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
ads.stickyadstv.com DigiCert SHA2 Secure Server CA	`2021-09-19` - `2022-09-20`	a year	crt.sh
eyeota.net GoGetSSL RSA DV CA	`2022-03-18` - `2023-03-18`	a year	crt.sh
*.exelator.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-08` - `2023-06-10`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-26` - `2023-03-01`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.userreport.com Amazon	`2022-01-19` - `2023-02-17`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.ib-ibi.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-01` - `2023-04-01`	a year	crt.sh
*.id5-sync.com R3	`2022-05-31` - `2022-08-29`	3 months	crt.sh
teads.tv R3	`2022-06-01` - `2022-08-30`	3 months	crt.sh
s.ad.smaato.net Amazon	`2021-09-21` - `2022-10-20`	a year	crt.sh
*.contentexchange.me Sectigo RSA Domain Validation Secure Server CA	`2022-05-31` - `2023-06-04`	a year	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2022-05-18` - `2023-06-19`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-05` - `2023-05-04`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-21` - `2023-07-21`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-23` - `2023-06-22`	a year	crt.sh
*.360yield.com Amazon	`2021-07-28` - `2022-08-26`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
exchange.mediavine.com Amazon	`2021-08-05` - `2022-09-03`	a year	crt.sh
*.sharethrough.com Amazon	`2021-08-13` - `2022-09-11`	a year	crt.sh
ui.aps.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-06-18` - `2022-08-03`	2 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-06-07` - `2022-11-30`	6 months	crt.sh
*.ads.yieldmo.com Amazon	`2022-06-02` - `2023-07-01`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://funguseliminator.com/
Frame ID: 56F57E21F59C312DA747356DAC5A8D4E
Requests: 43 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=funguseliminator.com&origin=onetag
Frame ID: A83CCE72013A8F672ECCCD1B45B45F09
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/imatch/pixels?uid=3820122970067763515&agencyId=8304&advertiserId=2122379&src=tp&rnd=11312
Frame ID: FD813F13547B4D8E5799980FF2516100
Requests: 46 HTTP requests in this frame

Frame: https://10720395.fls.doubleclick.net/activityi;dc_pre=CIivoKDOzvgCFYPi5godLjEEjw;src=10720395;type=allvi000;cat=allvi0;ord=1;num=786711350864;gtm=2wg6m0;auiddc=1445705038.1656366551;~oref=https%3A%2F%2Ffunguseliminator.com%2F
Frame ID: B874A4262FEA98E47445FB962D41702E
Requests: 2 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=265387321350259004
Frame ID: DE5D6755F24F2182DAD6144D108A36F3
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Fungus Eliminator

Page URL History Show full URLs

http://funguseliminator.com/ HTTP 301
https://funguseliminator.com/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

125
Requests

75 %
HTTPS

15 %
IPv6

64
Domains

92
Subdomains

67
IPs

12
Countries

1112 kB
Transfer

2206 kB
Size

99
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://funguseliminator.com/ HTTP 301
https://funguseliminator.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

https://rp.liadm.com/j?dtstmp=1656366551078&aid=a-076h&se=e30&duid=497ad39143c8--01g6kj7kxhwh84gzc2ncvxpbcz&tna=v2.4.0&pu=https%3A%2F%2Ffunguseliminator.com%2F&wpn=lc-bundle&c=PHRpdGxlPkZ1bmd1cyBFbGltaW5hdG9yPC90aXRsZT48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iUG90ZW50IG5hdHVyYWwgZnVuZ3VzIGZpZ2h0ZXJzIHRhcmdldCB1Z2x5IHRvZW5haWwgaW5mZWN0aW9ucyBhdCB0aGUgcm9vdHMsIHNvIHlvdSBjYW4gZGl0Y2ggdGhlIHNvY2tzIGFuZCB3ZWFyIHNhbmRhbHMgYWdhaW4gb3IgZXZlbiBnbyBiYXJlZm9vdCEiPjxoMT5UUlk8YnI-RlVOR1VTPGJyPkVMSU1JTkFUT1I8YnI-UklTSy1GUkVFPC9oMT48aDE-VFJZPGJyPkZVTkdVUzxicj5FTElNSU5BVE9SPGJyPlJJU0stRlJFRTwvaDE- HTTP 302
https://rp4.liadm.com/j?dtstmp=1656366551078&aid=a-076h&se=e30&duid=497ad39143c8--01g6kj7kxhwh84gzc2ncvxpbcz&tna=v2.4.0&pu=https%3A%2F%2Ffunguseliminator.com%2F&wpn=lc-bundle&c=PHRpdGxlPkZ1bmd1cyBFbGltaW5hdG9yPC90aXRsZT48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iUG90ZW50IG5hdHVyYWwgZnVuZ3VzIGZpZ2h0ZXJzIHRhcmdldCB1Z2x5IHRvZW5haWwgaW5mZWN0aW9ucyBhdCB0aGUgcm9vdHMsIHNvIHlvdSBjYW4gZGl0Y2ggdGhlIHNvY2tzIGFuZCB3ZWFyIHNhbmRhbHMgYWdhaW4gb3IgZXZlbiBnbyBiYXJlZm9vdCEiPjxoMT5UUlk8YnI-RlVOR1VTPGJyPkVMSU1JTkFUT1I8YnI-UklTSy1GUkVFPC9oMT48aDE-VFJZPGJyPkZVTkdVUzxicj5FTElNSU5BVE9SPGJyPlJJU0stRlJFRTwvaDE-&i6=MjAwMToxYjYwOjEwMTA6MzoxMDEyOmI2MjE6MjY5NDo0MzJm&n3pc=true

Request Chain 37

https://a1.adform.net/Serving/TrackPoint/?pm=2634138&ADFPageName=All%20Pages%20-%20Fungus%20Eliminator&ADFdivider=%7C&ord=45701644580&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Ffunguseliminator.com%2F HTTP 302
https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=2634138&ADFPageName=All%20Pages%20-%20Fungus%20Eliminator&ADFdivider=%7C&ord=45701644580&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Ffunguseliminator.com%2F

Request Chain 40

https://gum.criteo.com/sid/json?origin=onetag&domain=funguseliminator.com&sn=ChromeSyncframe&so=0&topUrl=funguseliminator.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=oCHbq3xJbk9Hc3E0ZzRGS2tQNUtxWWptdWRHMTBwNHBVMHJKNWJ4UCtSMmt5cHlEMkt1cTFmZ2tsUUFWb292bU8xU1hEUFVNY09vZHN6Z1M4aTgxTVFYN2xhQ25DenpJUk40T01RaUxBbDRmUG9BQlNTSC80aEgyS0txNWEwUThGVENFWUpKU1paZnhxdFNMTFF6RzRoY2xTUklNMDFQdWdwTE82ZGFrMWx1K0ZGc1hsZGpKWXp2N25KSTdRbHJ0WnpEZnJhUis2cXVNaittZ2FsLzhNOXlvWjRoOElHUU4wcGU2VmpDS0NuZ0ZVZm1sZFJMUm8yM0h1R3dvTmtHR002TjZvUmp4amJCR0ZmSno2Q3l5ZGpXQlZRWUgrRXFBaEhhRE5zMFlsWTVOR1d1ST18&cppv=2

Request Chain 44

https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=3820122970067763515&Expiration=1657570573 HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=3820122970067763515&Expiration=1657570573

Request Chain 47

https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=3820122970067763515&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__ HTTP 302
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=3820122970067763515&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=1f888b6b15db45f9af6d174a88adf5b7 HTTP 307
https://c1.adform.net/serving/cookie/match?party=9&uid=2c79327f89125d84cd3f3806fc61dcf7ba122225810391d9468ee4464fe9dc0a

Request Chain 49

https://pixel.advertising.com/ups/55944/sync?uid=3820122970067763515&_origin=1 HTTP 302
https://ups.analytics.yahoo.com/ups/55944/sync?uid=3820122970067763515&_origin=1 HTTP 302
https://ups.analytics.yahoo.com/ups/55944/sync?uid=3820122970067763515&_origin=1&verify=true

Request Chain 51

https://x.bidswitch.net/sync?dsp_id=70&user_id=3820122970067763515 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=3820122970067763515 HTTP 302
https://u.4dex.io/setuid?bidder=bidswitch&uid=0c1427b4-5840-4343-8dbb-24973f24b386&gdpr=&gdpr_consent=&us_privacy=

Request Chain 52

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=3820122970067763515&expiration=1657570573 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=3820122970067763515&expiration=1657570573&C=1

Request Chain 53

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=3820122970067763515&sInitiator=external HTTP 302
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=3820122970067763515&sInitiator=external HTTP 302
https://se.semasio.net/sync/1/16266044?sExtCookieId=3820122970067763515&gdpr=&gdpr_consent=&sInitiator=external HTTP 302
https://pixel.mathtag.com/sync/img?mt_exid=10041&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F14876172%3FsExtCookieId%3D%5BMM_UUID%5D%26sInitiator%3Dinternal HTTP 302
https://se.semasio.net/sync/1/14876172?sExtCookieId=634062ba-25d8-4000-b136-04d99e841c26&sInitiator=internal&gdpr=0&gdpr_consent= HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr=0&gdpr_consent= HTTP 302
https://se.semasio.net/sync/1/4354957?sExtCookieId=265387321350259004&sInitiator=internal&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=0&gdpr_consent=

Request Chain 57

https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=3820122970067763515/gdpr=/gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=3820122970067763515/gdpr=/gdpr_consent=

Request Chain 60

https://api.adrtx.net/thirdparty/click?p=adfo HTTP 302
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

Request Chain 61

https://pixel.onaudience.com/?mapped=3820122970067763515&partner=68 HTTP 302
https://c1.adform.net/serving/cookie/match?party=1242&redirect=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D68%26icm%26cver%26mapped%3D__ADFUID__%26gdpr%3D1 HTTP 302
https://pixel.onaudience.com/?partner=68&icm&cver&mapped=3820122970067763515&gdpr=1 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1&xl8blockcheck=1 HTTP 302
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=759213aff43c0ceefacae9c413865500&gdpr=1 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1

Request Chain 62

https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=3820122970067763515 HTTP 302
https://tags.adsafety.net/v1/cm?cm_uid=CM12022062721a5a404960567fd074ea&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dct%26_chainsrc%3Dcommon%26idt%3D%5B%25IDT%25%5D%26did%3D%5B%25DID%25%5D HTTP 302
https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=common&idt=100&did=fddeddbc3d0af414c31b55cd4fe37253 HTTP 302
https://ads.smartstream.tv/cm/?cmsrc=cm&cm_uid=CM12022062721a5a404960567fd074ea&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dstv%26_chainsrc%3Dcommon&gdpr_consent= HTTP 302
https://cm.adsafety.net/?_cmsrc=stv&_chainsrc=common&idt=100&did=fddeddbc3d0af414c31b55cd4fe37253&idt_did_status=added&gdpr_consent=&gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dataxtrade_dmp&google_cm&google_hm=Q00xMjAyMjA2MjcyMWE1YTQwNDk2MDU2N2ZkMDc0ZWE HTTP 302
https://cm.adsafety.net/?_cmsrc=dbmx&midt=100&mdid=CAESEAEGBSt9buiKoh_7y0PFKKU&google_cver=1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=28&cid=CM12022062721a5a404960567fd074ea HTTP 302
https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=3820122970067763515

Request Chain 64

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=MzgyMDEyMjk3MDA2Nzc2MzUxNQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm=&google_ula=1641347&party=1&google_hm=MzgyMDEyMjk3MDA2Nzc2MzUxNQ&google_tc= HTTP 302
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJbt9WRB2KamuRK-5jLvQOw&google_cver=1&google_ula=1641347,0

Request Chain 65

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=3&id=265387321350259004&redirect=1 HTTP 302
https://secure.adnxs.com/setuid?entity=91&code=3820122970067763515

Request Chain 69

https://a.audrte.com/a?adform_uid=3820122970067763515 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent=&google_gid=CAESECvHDQKrK9pila-HdO7p2UM&google_cver=1 HTTP 302
https://ps.eyeota.net/match?bid=kh51m51&uid=hh1VnYIhHULT42QKObTpMfMPA&gdpr=0&gdpr_consent=

Request Chain 70

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=3820122970067763515&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=3820122970067763515&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=1007&cid=42620536662102682320060529011694636423&noredirect=1

Request Chain 71

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=3820122970067763515 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=216393104195005081315

Request Chain 72

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7114040171033393293

Request Chain 74

https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D HTTP 302
https://c1.adform.net/serving/cookie/match?party=1066&cid=e1da62ba-25d8-4800-83a7-0416de923cb5

Request Chain 75

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://c1.adform.net/serving/cookie/match?party=1084&cid=H8iogtKM1O5WBy5

Request Chain 79

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D HTTP 302
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=3306750570 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=qNMjJ4rzTZZpyV4.LrPQvO

Request Chain 81

https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=3820122970067763515 HTTP 302
https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=3820122970067763515&cs=1

Request Chain 83

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=3820122970067763515&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=3820122970067763515&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://c1.adform.net/serving/cookie/match?party=2007&cid=8ef30fa0-faf6-4110-ba9b-d6abe5488e22

Request Chain 89

https://10720395.fls.doubleclick.net/activityi;src=10720395;type=allvi000;cat=allvi0;ord=1;num=786711350864;gtm=2wg6m0;auiddc=1445705038.1656366551;~oref=https%3A%2F%2Ffunguseliminator.com%2F HTTP 302
https://10720395.fls.doubleclick.net/activityi;dc_pre=CIivoKDOzvgCFYPi5godLjEEjw;src=10720395;type=allvi000;cat=allvi0;ord=1;num=786711350864;gtm=2wg6m0;auiddc=1445705038.1656366551;~oref=https%3A%2F%2Ffunguseliminator.com%2F

Request Chain 90

https://sslwidget.criteo.com/event?a=92348&v=5.11.0&p0=e%3Dce%26m%3D%255B%255D%26h%3Dnone&p1=e%3Dexd%26z%3D%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-ee-1.2.0&p3=e%3Ddis&adce=1&bundle=vRkh2V9OSG1kT2wzJTJCTG5HRUJ1NzZBZ0luU2FIRWN3TDE0NW1yNHJiTkZEcVRBbVRrN25tZUZ6U0tVbTdjTE5ORnQlMkZZUjRUSjRsSmFyZ3JQQ2VjSUtFOHRFMEJhSTR4Q083MHJqeVBadG5qN1hXcHAxZFpYVG1SaEcxeGR3RmlFRU1ObU9DeGFHWjZtbXd5WUlLcDBsWTNDMVd6dndUOGpWTyUyQmg2dGppdzJhQVNsU00lM0Q&tld=funguseliminator.com&dy=1&fu=https%3A%2F%2Ffunguseliminator.com%2F&dtycbr=66861 HTTP 302
https://widget.as.criteo.com/event?a=92348&v=5.11.0&p0=e%3Dce%26m%3D%255B%255D%26h%3Dnone&p1=e%3Dexd%26z%3D%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-ee-1.2.0&p3=e%3Ddis&adce=1&bundle=vRkh2V9OSG1kT2wzJTJCTG5HRUJ1NzZBZ0luU2FIRWN3TDE0NW1yNHJiTkZEcVRBbVRrN25tZUZ6U0tVbTdjTE5ORnQlMkZZUjRUSjRsSmFyZ3JQQ2VjSUtFOHRFMEJhSTR4Q083MHJqeVBadG5qN1hXcHAxZFpYVG1SaEcxeGR3RmlFRU1ObU9DeGFHWjZtbXd5WUlLcDBsWTNDMVd6dndUOGpWTyUyQmg2dGppdzJhQVNsU00lM0Q&tld=funguseliminator.com&dy=1&fu=https%3A%2F%2Ffunguseliminator.com%2F&dtycbr=66861

Request Chain 92

https://ib.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=265387321350259004

Request Chain 93

https://secure.adnxs.com/seg?add=1005440&redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=265387321350259004

Request Chain 95

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-EoJotb8_dWaN1kJQKOsxi8kTmAdfrfeZHfrAmQ&google_cm&google_hm=ay1Fb0pvdGI4X2RXYU4xa0pRS09zeGk4a1RtQWRmcmZlWkhmckFtUQ HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-EoJotb8_dWaN1kJQKOsxi8kTmAdfrfeZHfrAmQ&google_gid=CAESEMFN62-2aetDKtEjO9o23mc&google_cver=1&google_ula=913071,0

Request Chain 99

https://gum.criteo.com/sync?c=6&r=1&k=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40 HTTP 302
https://idsync.rlcdn.com/397596.gif?partner_uid=B7apb6PxhAAuadQNU0MK9Vuw71HdQPt3

Request Chain 116

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=A9u39_zY39S17k4pQ266v5V5lueI4vk4

Request Chain 118

https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=265387321350259004

125 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
funguseliminator.com/
Redirect Chain

http://funguseliminator.com/
https://funguseliminator.com/

401 KB
82 KB

443ms
230ms

Document
text/html

159.89.239.100
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://funguseliminator.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.89.239.100 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: funguseliminator.com
Software: nginx / Express
Resource Hash: 28a8958e125a729dc52ca7f2b5df3a92ebb0eb2f9549ad4ef7180c6eac881612

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Mon, 27 Jun 2022 21:49:10 GMT
ETag: W/"645e1-bikge95IagGE/1zVLztVgqyoDqY"
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Powered-By: Express

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Mon, 27 Jun 2022 21:49:10 GMT
Location: https://funguseliminator.com/
Server: nginx

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 270 KB
84 KB 100ms
44ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KWDB7M9

Requested by

Host: funguseliminator.com
URL: https://funguseliminator.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d2b679aeb43fa0b40ab84a43596a6fb6248087d01ff17e0ca9be84d7d83f41fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 21:49:10 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 85528
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 21:20:57 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 27 Jun 2022 21:49:10 GMT

GET
H/1.1 200
OK fungus-logo.png
funguseliminator.com/assets/images/ 13 KB
13 KB 104ms
104ms Image
image/png 159.89.239.100
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://funguseliminator.com/assets/images/fungus-logo.png
Requested by: Host: funguseliminator.com
URL: https://funguseliminator.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.89.239.100 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: funguseliminator.com
Software: nginx /
Resource Hash: 8f60d1a5976f23f28211b563ed94a3664ca45d87ee45f9219dc48386050ffad8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 27 Jun 2022 21:49:10 GMT
Last-Modified: Thu, 22 Jul 2021 07:10:44 GMT
Server: nginx
ETag: "60f919f4-3446"
Content-Type: image/png
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13382
Expires: Wed, 27 Jul 2022 21:49:10 GMT

GET
H/1.1 200
OK banner_img_home_page_com.png
funguseliminator.com/assets/images/ 287 KB
287 KB 210ms
106ms Image
image/png 159.89.239.100
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://funguseliminator.com/assets/images/banner_img_home_page_com.png
Requested by: Host: funguseliminator.com
URL: https://funguseliminator.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.89.239.100 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: funguseliminator.com
Software: nginx /
Resource Hash: 28372e451b595f06bdad50d39c5c263fbd28e41d6ff038f0abccb14400cf0f75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 27 Jun 2022 21:49:10 GMT
Last-Modified: Thu, 22 Jul 2021 07:10:44 GMT
Server: nginx
ETag: "60f919f4-47a3e"
Content-Type: image/png
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 293438
Expires: Wed, 27 Jul 2022 21:49:10 GMT

GET
H/1.1 200
OK home-bottle-new.png
funguseliminator.com/assets/images/ 63 KB
63 KB 419ms
211ms Image
image/png 159.89.239.100
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://funguseliminator.com/assets/images/home-bottle-new.png
Requested by: Host: funguseliminator.com
URL: https://funguseliminator.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.89.239.100 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: funguseliminator.com
Software: nginx /
Resource Hash: bee245a73ffeda4be11e0f5c4e6dc3e572465c3a64a93d12c0fc022966dbf11e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 27 Jun 2022 21:49:10 GMT
Last-Modified: Thu, 22 Jul 2021 07:10:44 GMT
Server: nginx
ETag: "60f919f4-fa90"
Content-Type: image/png
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 64144
Expires: Wed, 27 Jul 2022 21:49:10 GMT

GET
H/1.1 200
OK fortify_immunity_home.png
funguseliminator.com/assets/images/ 37 KB
38 KB 421ms
210ms Image
image/png 159.89.239.100
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://funguseliminator.com/assets/images/fortify_immunity_home.png
Requested by: Host: funguseliminator.com
URL: https://funguseliminator.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.89.239.100 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: funguseliminator.com
Software: nginx /
Resource Hash: 842c669762d07c305bdda30b288f2e306d63a3ab591c8ac5902df7bcd1911c59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 27 Jun 2022 21:49:10 GMT
Last-Modified: Thu, 22 Jul 2021 07:10:44 GMT
Server: nginx
ETag: "60f919f4-956a"
Content-Type: image/png
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 38250
Expires: Wed, 27 Jul 2022 21:49:10 GMT

GET
H/1.1 200
OK strengthen_nails_skin_home.png
funguseliminator.com/assets/images/ 24 KB
25 KB 422ms
211ms Image
image/png 159.89.239.100
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://funguseliminator.com/assets/images/strengthen_nails_skin_home.png
Requested by: Host: funguseliminator.com
URL: https://funguseliminator.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.89.239.100 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: funguseliminator.com
Software: nginx /
Resource Hash: 9be2cbea2cac2b433fe9f435e605aefd185863e5ad6f2a1fd74017f602ab5ac2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 27 Jun 2022 21:49:10 GMT
Last-Modified: Thu, 22 Jul 2021 07:10:44 GMT
Server: nginx
ETag: "60f919f4-61d0"
Content-Type: image/png
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25040
Expires: Wed, 27 Jul 2022 21:49:10 GMT

GET
H/1.1 200
OK boost_health_naturally_home.png
funguseliminator.com/assets/images/ 29 KB
29 KB 423ms
210ms Image
image/png 159.89.239.100
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://funguseliminator.com/assets/images/boost_health_naturally_home.png
Requested by: Host: funguseliminator.com
URL: https://funguseliminator.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.89.239.100 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: funguseliminator.com
Software: nginx /
Resource Hash: a083561b94f722dd1fbba1a09b19fd5d919fd0e08ce82c53ecd3682f8d02fbf8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 27 Jun 2022 21:49:10 GMT
Last-Modified: Thu, 22 Jul 2021 07:10:44 GMT
Server: nginx
ETag: "60f919f4-73dc"
Content-Type: image/png
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29660
Expires: Wed, 27 Jul 2022 21:49:10 GMT

GET
H/1.1 200
OK fungus_website_home_order_now.png
funguseliminator.com/assets/images/ 32 KB
33 KB 321ms
211ms Image
image/png 159.89.239.100
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://funguseliminator.com/assets/images/fungus_website_home_order_now.png
Requested by: Host: funguseliminator.com
URL: https://funguseliminator.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.89.239.100 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: funguseliminator.com
Software: nginx /
Resource Hash: ad2048c068b9dab6125e354259704e0fb8904b720f7d097c1b2f0a07c935b81a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 27 Jun 2022 21:49:10 GMT
Last-Modified: Thu, 22 Jul 2021 07:10:44 GMT
Server: nginx
ETag: "60f919f4-81ae"
Content-Type: image/png
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33198
Expires: Wed, 27 Jul 2022 21:49:10 GMT

GET
H/1.1 200
OK fungus_pure_health_home.png
funguseliminator.com/assets/images/ 2 KB
3 KB 105ms
104ms Image
image/png 159.89.239.100
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://funguseliminator.com/assets/images/fungus_pure_health_home.png
Requested by: Host: funguseliminator.com
URL: https://funguseliminator.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.89.239.100 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: funguseliminator.com
Software: nginx /
Resource Hash: faf2303d75fa0de736dd422ca79a991a3fff619f03bcf13ec7b4f6df3684552c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 27 Jun 2022 21:49:11 GMT
Last-Modified: Thu, 22 Jul 2021 07:10:44 GMT
Server: nginx
ETag: "60f919f4-9e5"
Content-Type: image/png
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2533
Expires: Wed, 27 Jul 2022 21:49:11 GMT

GET
H/1.1 200
OK home-micro.png
funguseliminator.com/assets/images/ 36 KB
36 KB 106ms
105ms Image
image/png 159.89.239.100
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://funguseliminator.com/assets/images/home-micro.png
Requested by: Host: funguseliminator.com
URL: https://funguseliminator.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.89.239.100 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: funguseliminator.com
Software: nginx /
Resource Hash: d128f14b581aa6261d20c46cc52c7f98f0bdd4f1cec75d3e39544e8235869e07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 27 Jun 2022 21:49:11 GMT
Last-Modified: Thu, 22 Jul 2021 07:10:44 GMT
Server: nginx
ETag: "60f919f4-8f32"
Content-Type: image/png
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 36658
Expires: Wed, 27 Jul 2022 21:49:11 GMT

GET
H2 200 UCAffiliateNetworkPixel Show response
secure.funguseliminator.com/cgi-bin/ 2 KB
1 KB 412ms
131ms Script
text/javascript 13.248.155.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.funguseliminator.com/cgi-bin/UCAffiliateNetworkPixel

Requested by

Host: funguseliminator.com
URL: https://funguseliminator.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.155.138 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a746f2a683c73ece4.awsglobalaccelerator.com

Software

Apache /

Resource Hash

64aa56a4447f9f6d432779bb0799b4c322b192fb984664cbed67f5b9271893fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 21:49:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
vary: Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/javascript; charset=utf-8
content-length: 748

GET
H2 200 optimize.js Show response
www.google-analytics.com/gtm/ 97 KB
38 KB 99ms
43ms Script
application/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=OPT-N6TLKC9

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KWDB7M9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2965d0b6cf0b93445978d796dd5c6ce3cf93368a31627dc4955a515496ecc5e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 21:49:10 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38830
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 21:20:57 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 27 Jun 2022 21:49:10 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 100 KB
27 KB 68ms
23ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: funguseliminator.com
URL: https://funguseliminator.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26344
x-xss-protection: 0
pragma: public
x-fb-debug: 249F/jnS70CO0eb2JsIuYvJX9G3N4KItHzxXD6i9++kLayPxV3vPsI32jy+5NFWu+FADId5wMlaW4J/HVg+5ug==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Mon, 27 Jun 2022 21:49:10 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 72ms
22ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KWDB7M9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 3217
date: Mon, 27 Jun 2022 20:55:33 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 27 Jun 2022 22:55:33 GMT

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 8 KB
4 KB 79ms
23ms Script
application/x-javascript 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KWDB7M9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 83db3bbe981876d41cce2ddff9a3f3eb388342c9d70a4112fd79b995dae26dd0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 27 Jun 2022 21:49:10 GMT
Content-Encoding: gzip
Last-Modified: Tue, 21 Jun 2022 14:06:31 GMT
Server: AkamaiNetStorage
ETag: "51de2e10510f823326f9b30ea6068a2a:1655820557.452892"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3249
Expires: Mon, 27 Jun 2022 22:09:10 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 101ms
49ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KWDB7M9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0fcff9391b8f4560e9bc64c28dcd9101f66de7b93676ea8cc254980567f663db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 16 Jun 2022 18:22:08 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 879861D777884EA894BC2F6D67C7CE8D Ref B: FRAEDGE1415 Ref C: 2022-06-27T21:49:10Z
etag: "0c8eafcad81d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Mon, 27 Jun 2022 21:49:10 GMT
accept-ranges: bytes
content-length: 11360

GET
H2 200 a-076h.min.js Show response
b-code.liadm.com/ 27 KB
10 KB 91ms
26ms Script
application/javascript 2600:9000:20eb:9a00:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-076h.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KWDB7M9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:9a00:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: df9dddd16a1f7f5204495628a5c22d893d3337e24e0fa0acded4fe876558a82a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 08:30:01 GMT
via: 1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront)
age: 47949
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=86400
x-amz-cf-pop: FRA2-C1
content-encoding: gzip
x-amz-cf-id: _rX0B8cMpAtHKZ2aVA4XrO0egjgmlX59lry-9-4E26hAEEevqrsO1w==

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1331528/ 55 KB
17 KB 81ms
23ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1331528/tfa.js
Requested by: Host: funguseliminator.com
URL: https://funguseliminator.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a1e656d74f629b1325ac5acc9fa1f72acbdb03ef4ae6f4833706298deec0050f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: Oqj1vdFfh0j2TzFke9zgfyyNKYlyZNqy
content-encoding: gzip
etag: "ab8c66de1c5e427a73f61a894c78f9e0"
age: 24753
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 17390
x-amz-id-2: s+0LmXaJ+AAC5B3yi26gkYH5HbR3hCUq3ypfyNScykPjcF0CPVaVQ8LvOtysgQ8FSnAgs48KDEc=
x-served-by: cache-hhn4075-HHN
last-modified: Sun, 26 Jun 2022 11:23:24 GMT
server: AmazonS3
x-timer: S1656366551.919038,VS0,VE1
date: Mon, 27 Jun 2022 21:49:10 GMT
vary: Accept-Encoding
x-amz-request-id: T05W35G0FEE6H8HJ
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 86
x-cache-hits: 1

GET
H2 200 collect-g.js Show response
d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/ 99 KB
19 KB 107ms
23ms Script
application/x-javascript 13.224.194.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/collect-g.js?mid=PHR1&channel=secure.funguseliminator.com
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KWDB7M9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-49.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8785200400ea1f10bd11fc7632ef4eb9a89d6e230131ab2510de27a3958e06b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 02:15:34 GMT
content-encoding: gzip
last-modified: Mon, 23 May 2022 14:57:10 GMT
server: AmazonS3
age: 502418
etag: "33a98df46882837379abfc77ea1c25a7"
x-cache: Hit from cloudfront
content-type: application/x-javascript; charset=UTF-8
via: 1.1 0b9e85cfe8fe19b385db56d32b4ce802.cloudfront.net (CloudFront)
cache-control: max-age=604800,s-maxage=604800
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 19286
x-amz-cf-id: qIbB5F33h2eowe1mUOZJt3VXeEklAhb7CvxpnyUlPCS97eCBdhTuJQ==

GET
H2 200 trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ 81 KB
30 KB 291ms
41ms Script
application/javascript 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: funguseliminator.com
URL: https://funguseliminator.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: ee94251fea8b03da5d0dc6f8489a529c1a2d2a031d874b0ec61866784e3c73c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 21:49:11 GMT
content-encoding: gzip
last-modified: Wed, 25 May 2022 11:34:23 GMT
server: nginx
x-amz-request-id: tx00000000000002ec8458f-0062ba1a01-323354ba-default
etag: W/"552eeb5f0620fb6f56733d625b5e719e"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 42 KB
14 KB 172ms
69ms Script
application/javascript 178.250.0.147
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=92348

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KWDB7M9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.147 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5b36d5cfb6483be8550f49a2f69186ee7bd700b1459da64937b95d471fc1c1a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 21:49:10 GMT
content-encoding: br
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H/1.1 200
OK fe-books-updated.png
funguseliminator.com/assets/images/ 86 KB
86 KB 106ms
106ms Image
image/png 159.89.239.100
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://funguseliminator.com/assets/images/fe-books-updated.png
Requested by: Host: funguseliminator.com
URL: https://funguseliminator.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.89.239.100 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: funguseliminator.com
Software: nginx /
Resource Hash: 6b620bbb313fc9b28c396f4890bfee1e0ba82ecf41e506e1ef0e495f652b34e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 27 Jun 2022 21:49:11 GMT
Last-Modified: Thu, 22 Jul 2021 07:10:44 GMT
Server: nginx
ETag: "60f919f4-15889"
Content-Type: image/png
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 88201
Expires: Wed, 27 Jul 2022 21:49:11 GMT

GET
H2 200 1181125052062198 Show response
connect.facebook.net/signals/config/ 293 KB
85 KB 216ms
215ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1181125052062198?v=2.9.62&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

efd79577f5970d0724a327b8456ac9a3fb0a71c8f80d98e163a3f9fb89774239

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: 6AD8IWuc92aA2YhR2TwaJWwq6U9oqdb8s5gsK05nncmOrXrSn29jwJua/PQwba4eJyoe/y/Q2F2Ooid750XA6A==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 27 Jun 2022 21:49:11 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1656366551131
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
239 B 439ms
105ms Script
application/javascript 70.42.32.191
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=00aba2f47c273603607f7d9307f624f245
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 27 Jun 2022 21:49:11 GMT
content-encoding: gzip
X-TraceId: 944e7efe784b3560c38eadf11e3c5946
Content-Length: 56
Content-Type: application/javascript

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 43 B
256 B 426ms
102ms Image
image/gif 70.42.32.191
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?marketerId=00aba2f47c273603607f7d9307f624f245&obApiVersion=1.0-gtm&obtpVersion=1.8.2&name=PAGE_VIEW&dl=https%3A%2F%2Ffunguseliminator.com%2F&optOut=false&bust=0049508383523566124&referrer=
Requested by: Host: funguseliminator.com
URL: https://funguseliminator.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 27 Jun 2022 21:49:11 GMT
Cache-Control: no-cache
X-TraceId: d055b9dfae6d19aecf7f0d859d93da74
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H2 200 json Show response
trc.taboola.com/1331528/trc/3/ 2 KB
1 KB 49ms
40ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1331528/trc/3/json?tim=1656366550948&data=%7B%22id%22%3A876%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1656366550938%2C%22cv%22%3A%2220220626-8-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Ffunguseliminator.com%2F%3F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Ddjmedia-funguseliminator2-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1656366550946%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Ffunguseliminator.com%2F%22%2C%22tos%22%3A4%2C%22ssd%22%3A1%2C%22scd%22%3A29%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1331528/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6aba1b4335fac53bc1eab7aeb9a6484fb1c2f0f6ac88b8b6ca7348f509f13773

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-vcl-time-ms: 20
date: Mon, 27 Jun 2022 21:49:10 GMT
content-encoding: gzip
server: nginx
x-timer: S1656366551.973147,VS0,VE20
x-served-by: cache-hhn4075-HHN
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 84ms
28ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1358959569&t=pageview&_s=1&dl=https%3A%2F%2Ffunguseliminator.com%2F&ul=en-us&de=UTF-8&dt=Fungus%20Eliminator&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBACEABRAAAAC~&jid=1390828410&gjid=855262818&cid=34659612.1656366551&tid=UA-55722554-1&_gid=973143881.1656366551&_r=1&gtm=2wg6m0KWDB7M9&z=2018667087

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://funguseliminator.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 27 Jun 2022 21:49:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://funguseliminator.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 56242801.js Show response
bat.bing.com/p/action/ 0
136 B 238ms
238ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/56242801.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9C33ADFA32F141779B855E0FFD1F1081 Ref B: FRAEDGE1415 Ref C: 2022-06-27T21:49:11Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Mon, 27 Jun 2022 21:49:11 GMT

GET
H2 204 0
bat.bing.com/action/ 0
174 B 48ms
48ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=56242801&tm=gtm002&Ver=2&mid=4a8b96d7-e081-4b10-8c3d-ae2e7a330cbc&sid=fa6676d0f66211ec96327574cb6dd432&vid=fa667f30f66211ec8c9b43b0ffb6a310&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Fungus%20Eliminator&kw=fungus,%20fungus%20eliminator,%20fungi-free,%20toenail%20treatment,%20purehealth%20research,%20toe%20fungus,%20immune%20system,%20toenail%20fungus,%20fungus%20discovery,%20pure%20health%20fungus%20eliminator%20reviews,%20nail%20fungus%20eliminator,%20best%20nail%20fungus%20treatment,%20foot%20fungus%20treatment&p=https%3A%2F%2Ffunguseliminator.com%2F&r=&lt=828&evt=pageLoad&msclkid=N&sv=1&rn=381734

Requested by

Host: funguseliminator.com
URL: https://funguseliminator.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C387F1F4A1404180A7BA7543B7D2D216 Ref B: FRAEDGE1415 Ref C: 2022-06-27T21:49:11Z
date: Mon, 27 Jun 2022 21:49:10 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 rt Show response
d1pqvb2h9xgm7r.cloudfront.net/v1/ 20 B
415 B 323ms
323ms XHR
application/json 18.66.92.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1pqvb2h9xgm7r.cloudfront.net/v1/rt

Requested by

Host: d9i5ve8f04qxt.cloudfront.net
URL: https://d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/collect-g.js?mid=PHR1&channel=secure.funguseliminator.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.92.98 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-92-98.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

7573b10466c66e9de1ae8a229abcbc963f985bcb6b1f05d6591bf3a13ceabe4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://funguseliminator.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type: application/json

Response headers

date: Mon, 27 Jun 2022 21:49:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
x-amz-cf-pop: FRA56-P2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json
via: 1.1 7ed0982309781d390a105a3ead66dbfa.cloudfront.net (CloudFront)
access-control-expose-headers: date, x-api-id
access-control-allow-origin: *
content-length: 35
apigw-requestid: UZrZrg26oAMESoQ=
x-amz-cf-id: B_U4Qu4PHYiQ0kKshy5w5sAX01plmwIG4ip8mMRF9C4z0-6jq_r2eA==

OPTIONS
H2 204 rt
d1pqvb2h9xgm7r.cloudfront.net/v1/ Frame 0
0 80ms
24ms Preflight 18.66.92.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1pqvb2h9xgm7r.cloudfront.net/v1/rt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.92.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-92-98.fra56.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://funguseliminator.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 300
age: 9443
apigw-requestid: UZUWPhJJIAMEMqA=
date: Mon, 27 Jun 2022 19:11:48 GMT
via: 1.1 7ed0982309781d390a105a3ead66dbfa.cloudfront.net (CloudFront)
x-amz-cf-id: w4p-VGDZXTrHmx8vWnywwOXg1Yy9EDE3j1-XdH6rPz5z7PjXBpje-w==
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
445 B 90ms
30ms XHR
text/plain 2a00:1450:400c:c02::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-55722554-1&cid=34659612.1656366551&jid=1390828410&gjid=855262818&_gid=973143881.1656366551&_u=aGBACEAARAAAAC~&z=1500894834

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c02::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://funguseliminator.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 27 Jun 2022 21:49:11 GMT
content-type: text/plain
access-control-allow-origin: https://funguseliminator.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1656366551078&aid=a-076h&se=e30&duid=497ad39143c8--01g6kj7kxhwh84gzc2ncvxpbcz&tna=v2.4.0&pu=https%3A%2F%2Ffunguseliminator.com%2F&wpn=lc-bundle&c=PHRpdGxlPkZ1bmd1cyBFb...
https://rp4.liadm.com/j?dtstmp=1656366551078&aid=a-076h&se=e30&duid=497ad39143c8--01g6kj7kxhwh84gzc2ncvxpbcz&tna=v2.4.0&pu=https%3A%2F%2Ffunguseliminator.com%2F&wpn=lc-bundle&c=PHRpdGxlPkZ1bmd1cyBF...

13 B
552 B

429ms
109ms

XHR
application/json

34.230.119.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rp4.liadm.com/j?dtstmp=1656366551078&aid=a-076h&se=e30&duid=497ad39143c8--01g6kj7kxhwh84gzc2ncvxpbcz&tna=v2.4.0&pu=https%3A%2F%2Ffunguseliminator.com%2F&wpn=lc-bundle&c=PHRpdGxlPkZ1bmd1cyBFbGltaW5hdG9yPC90aXRsZT48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iUG90ZW50IG5hdHVyYWwgZnVuZ3VzIGZpZ2h0ZXJzIHRhcmdldCB1Z2x5IHRvZW5haWwgaW5mZWN0aW9ucyBhdCB0aGUgcm9vdHMsIHNvIHlvdSBjYW4gZGl0Y2ggdGhlIHNvY2tzIGFuZCB3ZWFyIHNhbmRhbHMgYWdhaW4gb3IgZXZlbiBnbyBiYXJlZm9vdCEiPjxoMT5UUlk8YnI-RlVOR1VTPGJyPkVMSU1JTkFUT1I8YnI-UklTSy1GUkVFPC9oMT48aDE-VFJZPGJyPkZVTkdVUzxicj5FTElNSU5BVE9SPGJyPlJJU0stRlJFRTwvaDE-&i6=MjAwMToxYjYwOjEwMTA6MzoxMDEyOmI2MjE6MjY5NDo0MzJm&n3pc=true

Requested by

Host: funguseliminator.com
URL: https://funguseliminator.com/

Protocol

Server

34.230.119.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-230-119-25.compute-1.amazonaws.com

Software

Resource Hash

efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 21:49:11 GMT
x-pixel-event-id: cc035bff-5bc5-487f-b4f5-be9b02aed06f
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: null
x-xss-protection: 1; mode=block
vary: Origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
trace-id: 68dcaf92f575fd42
request-time: 0
content-length: 13
x-content-type-options: nosniff

Redirect headers

date: Mon, 27 Jun 2022 21:49:11 GMT
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies: master-only
location: https://rp4.liadm.com/j?dtstmp=1656366551078&aid=a-076h&se=e30&duid=497ad39143c8--01g6kj7kxhwh84gzc2ncvxpbcz&tna=v2.4.0&pu=https%3A%2F%2Ffunguseliminator.com%2F&wpn=lc-bundle&c=PHRpdGxlPkZ1bmd1cyBFbGltaW5hdG9yPC90aXRsZT48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iUG90ZW50IG5hdHVyYWwgZnVuZ3VzIGZpZ2h0ZXJzIHRhcmdldCB1Z2x5IHRvZW5haWwgaW5mZWN0aW9ucyBhdCB0aGUgcm9vdHMsIHNvIHlvdSBjYW4gZGl0Y2ggdGhlIHNvY2tzIGFuZCB3ZWFyIHNhbmRhbHMgYWdhaW4gb3IgZXZlbiBnbyBiYXJlZm9vdCEiPjxoMT5UUlk8YnI-RlVOR1VTPGJyPkVMSU1JTkFUT1I8YnI-UklTSy1GUkVFPC9oMT48aDE-VFJZPGJyPkZVTkdVUzxicj5FTElNSU5BVE9SPGJyPlJJU0stRlJFRTwvaDE-&i6=MjAwMToxYjYwOjEwMTA6MzoxMDEyOmI2MjE6MjY5NDo0MzJm&n3pc=true
x-frame-options: DENY
access-control-allow-origin: https://funguseliminator.com
x-xss-protection: 1; mode=block
vary: Origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
trace-id: 2951f1bf5cca7705
request-time: 0
content-length: 0
x-content-type-options: nosniff

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame A83C 15 KB
6 KB 200ms
32ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=funguseliminator.com&origin=onetag

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=92348

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

5e5c9149be229df7c934f8cd1acf1b3cc9e04e29cbbe6cbe0e2d726e79930cff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://funguseliminator.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 6144
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 27 Jun 2022 21:49:10 GMT
server-processing-duration-in-ticks: 2348
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 86ms
32ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-55722554-1&cid=34659612.1656366551&jid=1390828410&_u=aGBACEAARAAAAC~&z=1652316947

Requested by

Host: funguseliminator.com
URL: https://funguseliminator.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jun 2022 21:49:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 106ms
55ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-55722554-1&cid=34659612.1656366551&jid=1390828410&_u=aGBACEAARAAAAC~&z=1652316947

Requested by

Host: funguseliminator.com
URL: https://funguseliminator.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jun 2022 21:49:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 UCAffiliateNetworkPixel
secure.funguseliminator.com/cgi-bin/ 0
376 B 127ms
126ms Stylesheet
text/plain 13.248.155.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.funguseliminator.com/cgi-bin/UCAffiliateNetworkPixel?t=0.21851932584837797&r=&u=https%3A%2F%2Ffunguseliminator.com%2F
Requested by: Host: secure.funguseliminator.com
URL: https://secure.funguseliminator.com/cgi-bin/UCAffiliateNetworkPixel
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.155.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a746f2a683c73ece4.awsglobalaccelerator.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 21:49:11 GMT
content-length: 0
server: Apache

GET
H2

200

/ Show response
a1.adform.net/Serving/TrackPoint/
Redirect Chain

https://a1.adform.net/Serving/TrackPoint/?pm=2634138&ADFPageName=All%20Pages%20-%20Fungus%20Eliminator&ADFdivider=%7C&ord=45701644580&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F...
https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=2634138&ADFPageName=All%20Pages%20-%20Fungus%20Eliminator&ADFdivider=%7C&ord=45701644580&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%...

855 B
1 KB

47ms
47ms

Script
text/javascript

37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=2634138&ADFPageName=All%20Pages%20-%20Fungus%20Eliminator&ADFdivider=%7C&ord=45701644580&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Ffunguseliminator.com%2F

Requested by

Host: funguseliminator.com
URL: https://funguseliminator.com/

Protocol

Server

37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e2fbbdf343d4ecff6f43c5903b0ba3243f30263bd7519ccec51ee935977b08e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jun 2022 21:49:11 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 692
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 27 Jun 2022 21:49:11 GMT
server: nginx
location: https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=2634138&ADFPageName=All%20Pages%20-%20Fungus%20Eliminator&ADFdivider=%7C&ord=45701644580&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Ffunguseliminator.com%2F
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/html; charset=utf-8
expires: -1

OPTIONS
H2 204 rt
d1pqvb2h9xgm7r.cloudfront.net/v1/ Frame 0
0 24ms
23ms Preflight 18.66.92.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1pqvb2h9xgm7r.cloudfront.net/v1/rt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.92.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-92-98.fra56.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://funguseliminator.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 300
age: 9443
apigw-requestid: UZUWPhJJIAMEMqA=
date: Mon, 27 Jun 2022 19:11:48 GMT
via: 1.1 7ed0982309781d390a105a3ead66dbfa.cloudfront.net (CloudFront)
x-amz-cf-id: 9SdYaU7S1LHqEY0gmiuiGscAN4vCcqbxtKmD9Ppc6DP0-1sGYDuLYQ==
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront

POST
H2 200 rt Show response
d1pqvb2h9xgm7r.cloudfront.net/v1/ 20 B
418 B 317ms
317ms XHR
application/json 18.66.92.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1pqvb2h9xgm7r.cloudfront.net/v1/rt

Requested by

Host: d9i5ve8f04qxt.cloudfront.net
URL: https://d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/collect-g.js?mid=PHR1&channel=secure.funguseliminator.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.92.98 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-92-98.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

7573b10466c66e9de1ae8a229abcbc963f985bcb6b1f05d6591bf3a13ceabe4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://funguseliminator.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type: application/json

Response headers

date: Mon, 27 Jun 2022 21:49:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
x-amz-cf-pop: FRA56-P2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json
via: 1.1 7ed0982309781d390a105a3ead66dbfa.cloudfront.net (CloudFront)
access-control-expose-headers: date, x-api-id
access-control-allow-origin: *
content-length: 35
apigw-requestid: UZrZtjNqIAMESbg=
x-amz-cf-id: kusl3SawiZDEeBgIgOQSp-kOHmJPHlDBxAlmFqdaVN5d__tmFKMkWw==

GET
H2

200

sid Show response
mug.criteo.com/ Frame A83C
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=funguseliminator.com&sn=ChromeSyncframe&so=0&topUrl=funguseliminator.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=oCHbq3xJbk9Hc3E0ZzRGS2tQNUtxWWptdWRHMTBwNHBVMHJKNWJ4UCtSMmt5cHlEMkt1cTFmZ2tsUUFWb292bU8xU1hEUFVNY09vZHN6Z1M4aTgxTVFYN2xhQ25DenpJUk40T01RaUxBbDRmUG9BQlNTSC80aEgyS0txNW...

452 B
654 B

325ms
55ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=oCHbq3xJbk9Hc3E0ZzRGS2tQNUtxWWptdWRHMTBwNHBVMHJKNWJ4UCtSMmt5cHlEMkt1cTFmZ2tsUUFWb292bU8xU1hEUFVNY09vZHN6Z1M4aTgxTVFYN2xhQ25DenpJUk40T01RaUxBbDRmUG9BQlNTSC80aEgyS0txNWEwUThGVENFWUpKU1paZnhxdFNMTFF6RzRoY2xTUklNMDFQdWdwTE82ZGFrMWx1K0ZGc1hsZGpKWXp2N25KSTdRbHJ0WnpEZnJhUis2cXVNaittZ2FsLzhNOXlvWjRoOElHUU4wcGU2VmpDS0NuZ0ZVZm1sZFJMUm8yM0h1R3dvTmtHR002TjZvUmp4amJCR0ZmSno2Q3l5ZGpXQlZRWUgrRXFBaEhhRE5zMFlsWTVOR1d1ST18&cppv=2

Requested by

Host: funguseliminator.com
URL: https://funguseliminator.com/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

4bc9530a625745cefce0f81bee34894459f3c616e2bf0490a164388412d88fff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jun 2022 21:49:11 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 5221
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 27 Jun 2022 21:49:11 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=oCHbq3xJbk9Hc3E0ZzRGS2tQNUtxWWptdWRHMTBwNHBVMHJKNWJ4UCtSMmt5cHlEMkt1cTFmZ2tsUUFWb292bU8xU1hEUFVNY09vZHN6Z1M4aTgxTVFYN2xhQ25DenpJUk40T01RaUxBbDRmUG9BQlNTSC80aEgyS0txNWEwUThGVENFWUpKU1paZnhxdFNMTFF6RzRoY2xTUklNMDFQdWdwTE82ZGFrMWx1K0ZGc1hsZGpKWXp2N25KSTdRbHJ0WnpEZnJhUis2cXVNaittZ2FsLzhNOXlvWjRoOElHUU4wcGU2VmpDS0NuZ0ZVZm1sZFJMUm8yM0h1R3dvTmtHR002TjZvUmp4amJCR0ZmSno2Q3l5ZGpXQlZRWUgrRXFBaEhhRE5zMFlsWTVOR1d1ST18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1542
content-length: 567
expires: 0

GET
H2 200 pixels Show response
c1.adform.net/imatch/ Frame FD81 5 KB
2 KB 156ms
45ms Document
text/html 37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/imatch/pixels?uid=3820122970067763515&agencyId=8304&advertiserId=2122379&src=tp&rnd=11312

Requested by

Host: a1.adform.net
URL: https://a1.adform.net/Serving/TrackPoint/?pm=2634138&ADFPageName=All%20Pages%20-%20Fungus%20Eliminator&ADFdivider=%7C&ord=45701644580&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Ffunguseliminator.com%2F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

080e8f310f682543d9da75ee514175a129f51ddb9a6b7225a3d42a7092d8236b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://funguseliminator.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 27 Jun 2022 21:49:11 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

GET
H2 200 /
server.seadform.net/serving/cookie/sync/ 35 B
343 B 167ms
42ms Image
image/gif 37.157.4.40
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://server.seadform.net/serving/cookie/sync/?uid=3820122970067763515&stamp=MLS_LGskMhMDvP-67D9Y4w2

Requested by

Host: funguseliminator.com
URL: https://funguseliminator.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 27 Jun 2022 21:49:11 GMT
cache-control: private
server: nginx
content-type: image/gif
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"

GET
H2 200 plf
c1.adform.net/imatch/ Frame FD81 0
261 B 44ms
43ms Image
text/plain 37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plff

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3820122970067763515&agencyId=8304&advertiserId=2122379&src=tp&rnd=11312

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=3820122970067763515&agencyId=8304&advertiserId=2122379&src=tp&rnd=11312
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 21:49:11 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame FD81
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=3820122970067763515&Expiration=1657570573
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=3820122970067763515&Expiration=1657570573

43 B
424 B

46ms
45ms

Image
image/gif

54.77.200.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=3820122970067763515&Expiration=1657570573
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3820122970067763515&agencyId=8304&advertiserId=2122379&src=tp&rnd=11312
Protocol: H2
Server: 54.77.200.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-200-44.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 27 Jun 2022 21:49:11 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=3820122970067763515&Expiration=1657570573
date: Mon, 27 Jun 2022 21:49:11 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame FD81 0
522 B 105ms
29ms Image
text/plain 96.16.132.239
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=4879&ext_id=3820122970067763515

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3820122970067763515&agencyId=8304&advertiserId=2122379&src=tp&rnd=11312

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.132.239 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-132-239.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Jun 2022 21:49:11 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Sun, 26 Jun 2022 21:49:11 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame FD81 0
214 B 122ms
25ms Image
text/plain 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=5253&puid=3820122970067763515
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3820122970067763515&agencyId=8304&advertiserId=2122379&src=tp&rnd=11312
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame FD81
Redirect Chain

https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=3820122970067763515&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=3820122970067763515&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=1f888b6b15db45f9a...
https://c1.adform.net/serving/cookie/match?party=9&uid=2c79327f89125d84cd3f3806fc61dcf7ba122225810391d9468ee4464fe9dc0a

35 B
467 B

46ms
44ms

Image
image/gif

37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=9&uid=2c79327f89125d84cd3f3806fc61dcf7ba122225810391d9468ee4464fe9dc0a

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3820122970067763515&agencyId=8304&advertiserId=2122379&src=tp&rnd=11312

Protocol

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jun 2022 21:49:11 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://c1.adform.net/serving/cookie/match?party=9&uid=2c79327f89125d84cd3f3806fc61dcf7ba122225810391d9468ee4464fe9dc0a
date: Mon, 27 Jun 2022 21:49:11 GMT
content-length: 0
p3p: CP=NOI PSA OUR

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame FD81 43 B
163 B 157ms
31ms Image
image/gif 185.86.139.106
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=3820122970067763515&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3820122970067763515&agencyId=8304&advertiserId=2122379&src=tp&rnd=11312
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.106 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 21:49:10 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55944/ Frame FD81
Redirect Chain

https://pixel.advertising.com/ups/55944/sync?uid=3820122970067763515&_origin=1
https://ups.analytics.yahoo.com/ups/55944/sync?uid=3820122970067763515&_origin=1
https://ups.analytics.yahoo.com/ups/55944/sync?uid=3820122970067763515&_origin=1&verify=true

0
121 B

27ms
27ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55944/sync?uid=3820122970067763515&_origin=1&verify=true

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3820122970067763515&agencyId=8304&advertiserId=2122379&src=tp&rnd=11312

Protocol

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.46 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 21:49:11 GMT
server: ATS/9.1.0.46
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55944/sync?uid=3820122970067763515&_origin=1&verify=true
date: Mon, 27 Jun 2022 21:49:11 GMT
server: ATS/9.1.0.46
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK user-registering
ads.stickyadstv.com/ Frame FD81 43 B
711 B 121ms
34ms Image
image/gif 104.90.105.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=3820122970067763515
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3820122970067763515&agencyId=8304&advertiserId=2122379&src=tp&rnd=11312
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.90.105.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-105-191.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Jun 2022 21:49:11 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1656366551666043-429
Expires: Mon, 27 Jun 2022 21:49:11 GMT

GET
H2

401

setuid
u.4dex.io/ Frame FD81
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=70&user_id=3820122970067763515
https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=3820122970067763515
https://u.4dex.io/setuid?bidder=bidswitch&uid=0c1427b4-5840-4343-8dbb-24973f24b386&gdpr=&gdpr_consent=&us_privacy=

0
161 B

89ms
31ms

Image
text/plain

34.149.40.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.4dex.io/setuid?bidder=bidswitch&uid=0c1427b4-5840-4343-8dbb-24973f24b386&gdpr=&gdpr_consent=&us_privacy=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3820122970067763515&agencyId=8304&advertiserId=2122379&src=tp&rnd=11312
Protocol: H2
Server: 34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 38.40.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jun 2022 21:49:11 GMT
via: 1.1 google
vary: Origin, Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: 0

Redirect headers

Location: //u.4dex.io/setuid?bidder=bidswitch&uid=0c1427b4-5840-4343-8dbb-24973f24b386&gdpr=&gdpr_consent=&us_privacy=
Date: Mon, 27 Jun 2022 21:49:11 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame FD81
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=3820122970067763515&expiration=1657570573
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=3820122970067763515&expiration=1657570573&C=1

43 B
939 B

86ms
56ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=3820122970067763515&expiration=1657570573&C=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3820122970067763515&agencyId=8304&advertiserId=2122379&src=tp&rnd=11312
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 72216424fd84924d-FRA
pragma: no-cache
date: Mon, 27 Jun 2022 21:49:11 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pKhFmRScIL8GMkDn3OEVVBRgLS1nvs2q6qtIAsFvfP9lNAXEL3YDolui2VzFZ73gHCvdUcaPxEuozp7g1e70eqkS6Gc2hBT890ExXIphSHuuaKesGVxzwNcWVIr0oLcSRWY2XCtH3vBOTA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 27 Jun 2022 21:49:11 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P8hmStJEP6xfM%2B44cgBuBGL74Xs0TEqGPaxJvOz%2FSTrhpwBY9nGlTlxHSERXiwcGUvE0ucPfbUCEDdpVCKjr0fRs96I3phzkxyfJboYj5vz7FyreXaOfqJTTJc07RZqvVc2Pd7djhCkN1w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=111&external_user_id=3820122970067763515&expiration=1657570573&C=1
cache-control: no-cache
cf-ray: 722164247af19b3d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame FD81
Redirect Chain

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=3820122970067763515&sInitiator=external
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=3820122970067763515&sInitiator=external
https://se.semasio.net/sync/1/16266044?sExtCookieId=3820122970067763515&gdpr=&gdpr_consent=&sInitiator=external
https://pixel.mathtag.com/sync/img?mt_exid=10041&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F14876172%3FsExtCookieId%3D%5BMM_UUID%5D%26sInitiator%3Dinternal
https://se.semasio.net/sync/1/14876172?sExtCookieId=634062ba-25d8-4000-b136-04d99e841c26&sInitiator=internal&gdpr=0&gdpr_consent=
https://ib.adnxs.com/getuid?https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr=0&gdpr_consent=
https://se.semasio.net/sync/1/4354957?sExtCookieId=265387321350259004&sInitiator=internal&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=0&gdpr_consent=

70 B
264 B

50ms
50ms

Image
image/gif

35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3820122970067763515&agencyId=8304&advertiserId=2122379&src=tp&rnd=11312
Protocol: H2
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jun 2022 21:49:12 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 27 Jun 2022 21:49:18 GMT
uip-status: Ok
frontend-id: 07
location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=0&gdpr_consent=
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1 200
OK match
ps.eyeota.net/ Frame FD81 0
344 B 98ms
23ms Image
text/plain 3.125.70.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=3820122970067763515&bid=9gdtmu1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3820122970067763515&agencyId=8304&advertiserId=2122379&src=tp&rnd=11312
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.125.70.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-70-222.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 27 Jun 2022 21:49:11 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2 204 /
loadm.exelator.com/load/ Frame FD81 0
324 B 181ms
44ms Image
text/plain 54.78.254.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=3820122970067763515
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3820122970067763515&agencyId=8304&advertiserId=2122379&src=tp&rnd=11312
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 21:49:11 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H2 451 398366.gif
idsync.rlcdn.com/ Frame FD81 0
98 B 100ms
31ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/398366.gif?partner_uid=3820122970067763515
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3820122970067763515&agencyId=8304&advertiserId=2122379&src=tp&rnd=11312
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 21:49:11 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

gdpr_consent=
sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=3820122970067763515/gdpr=/ Frame FD81
Redirect Chain

https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=3820122970067763515/gdpr=/gdpr_consent=
https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=3820122970067763515/gdpr=/gdpr_consent=

49 B
278 B

43ms
43ms

Image
image/gif

63.34.67.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=3820122970067763515/gdpr=/gdpr_consent=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3820122970067763515&agencyId=8304&advertiserId=2122379&src=tp&rnd=11312
Protocol: H2
Server: 63.34.67.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-34-67-128.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jun 2022 21:49:12 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
expires: 0
cache-control: no-cache
x-server: 10.45.14.98
content-type: image/gif
content-length: 49
x-consent: absent

Redirect headers

pragma: no-cache
date: Mon, 27 Jun 2022 21:49:11 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=3820122970067763515/gdpr=/gdpr_consent=
cache-control: no-cache
x-server: 10.45.25.80
content-length: 0
expires: 0

GET
H2 200 29729
tags.bluekai.com/site/ Frame FD81 62 B
227 B 234ms
165ms Image
image/gif 104.92.72.137
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/29729?id=3820122970067763515
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3820122970067763515&agencyId=8304&advertiserId=2122379&src=tp&rnd=11312
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.72.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-72-137.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 21:49:12 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
content-length: 62
content-type: image/gif

GET
H2 200 sd
eu-u.openx.net/w/1.0/ Frame FD81 43 B
275 B 106ms
38ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3820122970067763515
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3820122970067763515&agencyId=8304&advertiserId=2122379&src=tp&rnd=11312
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/7f1e280 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jun 2022 21:49:11 GMT
via: 1.1 google
server: OXGW/7f1e280
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

pixel.gif
s3-eu-west-1.amazonaws.com/adality-cdn-content/ Frame FD81
Redirect Chain

https://api.adrtx.net/thirdparty/click?p=adfo
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

35 B
390 B

223ms
57ms

Image
image/gif

52.218.56.203
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3820122970067763515&agencyId=8304&advertiserId=2122379&src=tp&rnd=11312
Protocol: HTTP/1.1
Server: 52.218.56.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 27 Jun 2022 21:49:13 GMT
Last-Modified: Thu, 29 Oct 2015 16:41:57 GMT
Server: AmazonS3
x-amz-request-id: 2ETSX2KJ82KT2EJB
ETag: "c2196de8ba412c60c22ab491af7b1409"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 35
x-amz-id-2: HDjesnKB+aGCmPQ8wO9QzneM/URkac8ZHTSxPmWVmT/6TMqN+/oaC1KUR5lRWw9Jid5wjNkMh74=

Redirect headers

X-Error-Reason: Missing UserId
Date: Mon, 27 Jun 2022 21:49:11 GMT
Server: akka-http/10.2.9
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 137

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame FD81
Redirect Chain

https://pixel.onaudience.com/?mapped=3820122970067763515&partner=68
https://c1.adform.net/serving/cookie/match?party=1242&redirect=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D68%26icm%26cver%26mapped%3D__ADFUID__%26gdpr%3D1
https://pixel.onaudience.com/?partner=68&icm&cver&mapped=3820122970067763515&gdpr=1
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1&xl8blockcheck=1
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=759213aff43c0ceefacae9c413865500&gdpr=1
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1

70 B
264 B

50ms
49ms

Image
image/gif

35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3820122970067763515&agencyId=8304&advertiserId=2122379&src=tp&rnd=11312
Protocol: H2
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jun 2022 21:49:12 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
content-length: 0

GET
H/1.1

200
OK

/
cm.adsafety.net/ Frame FD81
Redirect Chain

https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=3820122970067763515
https://tags.adsafety.net/v1/cm?cm_uid=CM12022062721a5a404960567fd074ea&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dct%26_chainsrc%3Dcommon%26idt%3D%5B%25IDT%25%5D%26did%3D%5B%25DID%25%5D
https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=common&idt=100&did=fddeddbc3d0af414c31b55cd4fe37253
https://ads.smartstream.tv/cm/?cmsrc=cm&cm_uid=CM12022062721a5a404960567fd074ea&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dstv%26_chainsrc%3Dcommon&gdpr_consent=
https://cm.adsafety.net/?_cmsrc=stv&_chainsrc=common&idt=100&did=fddeddbc3d0af414c31b55cd4fe37253&idt_did_status=added&gdpr_consent=&gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=dataxtrade_dmp&google_cm&google_hm=Q00xMjAyMjA2MjcyMWE1YTQwNDk2MDU2N2ZkMDc0ZWE
https://cm.adsafety.net/?_cmsrc=dbmx&midt=100&mdid=CAESEAEGBSt9buiKoh_7y0PFKKU&google_cver=1
https://c1.adform.net/serving/cookie/match?party=28&cid=CM12022062721a5a404960567fd074ea
https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=3820122970067763515

43 B
2 KB

27ms
27ms

Image
image/gif

139.162.147.254
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=3820122970067763515
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3820122970067763515&agencyId=8304&advertiserId=2122379&src=tp&rnd=11312
Protocol: HTTP/1.1
Server: 139.162.147.254 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1414-254.members.linode.com
Software: nginx /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Jun 2022 21:49:12 GMT
Last-Modified: Mon, 27 Jun 2022 21:49:12 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
Connection: keep-alive
Expires: Mon, 28 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Jun 2022 21:49:12 GMT
server: nginx
location: https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=3820122970067763515
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame FD81 0
338 B 154ms
45ms Image
text/plain 52.50.52.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=adform&partner_uid=3820122970067763515
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3820122970067763515&agencyId=8304&advertiserId=2122379&src=tp&rnd=11312
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.52.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-52-140.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 21:49:12 GMT
cache-control: private, no-cache, no-store
x-request-time: D=33 t=1656366552
x-served-by: beacon-n024-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

/
c1.adform.net/serving/cookie/match/ Frame FD81
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=MzgyMDEyMjk3MDA2Nzc2MzUxNQ
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm=&google_ula=1641347&party=1&google_hm=MzgyMDEyMjk3MDA2Nzc2MzUxNQ&google_tc=
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJbt9WRB2KamuRK-5jLvQOw&google_cver=1&google_ula=1641347,0

35 B
467 B

44ms
44ms

Image
image/gif

37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJbt9WRB2KamuRK-5jLvQOw&google_cver=1&google_ula=1641347,0

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3820122970067763515&agencyId=8304&advertiserId=2122379&src=tp&rnd=11312

Protocol

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jun 2022 21:49:12 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 27 Jun 2022 21:49:12 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJbt9WRB2KamuRK-5jLvQOw&google_cver=1&google_ula=1641347,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
secure.adnxs.com/ Frame FD81
Redirect Chain

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1
https://c1.adform.net/serving/cookie/match?party=3&id=265387321350259004&redirect=1
https://secure.adnxs.com/setuid?entity=91&code=3820122970067763515

43 B
1009 B

38ms
38ms

Image
image/gif

185.33.221.11
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=91&code=3820122970067763515

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3820122970067763515&agencyId=8304&advertiserId=2122379&src=tp&rnd=11312

Protocol

HTTP/1.1

Server

185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Jun 2022 21:49:12 GMT
X-Proxy-Origin: 217.114.215.132; 217.114.215.132; 733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 8a85142c-b6ff-4433-a0da-14ed3cdd299e
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Jun 2022 21:49:12 GMT
server: nginx
location: https://secure.adnxs.com/setuid?entity=91&code=3820122970067763515
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 plf
c1.adform.net/imatch/ Frame FD81 0
261 B 46ms
43ms Image
text/plain 37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfm

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3820122970067763515&agencyId=8304&advertiserId=2122379&src=tp&rnd=11312

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=3820122970067763515&agencyId=8304&advertiserId=2122379&src=tp&rnd=11312
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 21:49:11 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame FD81 0
225 B 245ms
30ms Image
text/html 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3820122970067763515
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3820122970067763515&agencyId=8304&advertiserId=2122379&src=tp&rnd=11312
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 11:06:36 GMT
content-encoding: gzip
server: nginx
cache-control: no-store, no-cache, private
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK cs
pdw-adf.userreport.com/ Frame FD81 43 B
443 B 121ms
27ms Image
image/gif 13.225.78.117
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pdw-adf.userreport.com/cs
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3820122970067763515&agencyId=8304&advertiserId=2122379&src=tp&rnd=11312
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-117.fra2.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 27 Jun 2022 12:53:19 GMT
Via: 1.1 a10d58b5ce965502cc34c5b27682fe22.cloudfront.net (CloudFront)
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.20.0
Age: 32153
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C2
Content-Length: 43
X-Amz-Cf-Id: 8NiPgrM3cbTRaeFtTYfmrZwyyhKBOdXK28wvgu39ayW5PN5xCQ3wHg==

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame FD81
Redirect Chain

https://a.audrte.com/a?adform_uid=3820122970067763515
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent=&google_gid=CAESECvHDQKrK9pila-HdO7p2UM&google_cver=1
https://ps.eyeota.net/match?bid=kh51m51&uid=hh1VnYIhHULT42QKObTpMfMPA&gdpr=0&gdpr_consent=

0
344 B

32ms
32ms

Image
text/plain

3.125.70.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=kh51m51&uid=hh1VnYIhHULT42QKObTpMfMPA&gdpr=0&gdpr_consent=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3820122970067763515&agencyId=8304&advertiserId=2122379&src=tp&rnd=11312
Protocol: HTTP/1.1
Server: 3.125.70.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-70-222.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 27 Jun 2022 21:49:12 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Date: Mon, 27 Jun 2022 21:49:12 GMT
Server: nginx/1.18.0
Access-Control-Allow-Origin: *
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Location: https://ps.eyeota.net/match?bid=kh51m51&uid=hh1VnYIhHULT42QKObTpMfMPA&gdpr=0&gdpr_consent=
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame FD81
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=3820122970067763515&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=3820122970067763515&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredire...
https://c1.adform.net/serving/cookie/match?party=1007&cid=42620536662102682320060529011694636423&noredirect=1

35 B
467 B

44ms
44ms

Image
image/gif

37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1007&cid=42620536662102682320060529011694636423&noredirect=1

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3820122970067763515&agencyId=8304&advertiserId=2122379&src=tp&rnd=11312

Protocol

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jun 2022 21:49:13 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

DCS: dcs-prod-irl1-1-v035-0ba01071f.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: pfGAAtXkQ08=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://c1.adform.net/serving/cookie/match?party=1007&cid=42620536662102682320060529011694636423&noredirect=1
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame FD81
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=3820122970067763515
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=216393104195005081315

35 B
467 B

44ms
43ms

Image
image/gif

37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1014&cid=216393104195005081315

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3820122970067763515&agencyId=8304&advertiserId=2122379&src=tp&rnd=11312

Protocol

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jun 2022 21:49:12 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 27 Jun 2022 21:49:12 GMT
server: AAWebServer
location: https://dmp.adform.net/serving/cookie/match/?party=1014&cid=216393104195005081315
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires: 0

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame FD81
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7114040171033393293

35 B
467 B

70ms
44ms

Image
image/gif

37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7114040171033393293

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3820122970067763515&agencyId=8304&advertiserId=2122379&src=tp&rnd=11312

Protocol

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jun 2022 21:49:12 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Location: https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7114040171033393293
Date: Mon, 27 Jun 2022 21:49:12 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 33302
tags.bluekai.com/site/ Frame FD81 62 B
426 B 167ms
166ms Image
image/gif 104.92.72.137
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/33302?id=3820122970067763515
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3820122970067763515&agencyId=8304&advertiserId=2122379&src=tp&rnd=11312
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.72.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-72-137.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 21:49:12 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
content-length: 62
content-type: image/gif

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame FD81
Redirect Chain

https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D
https://c1.adform.net/serving/cookie/match?party=1066&cid=e1da62ba-25d8-4800-83a7-0416de923cb5

35 B
467 B

44ms
43ms

Image
image/gif

37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1066&cid=e1da62ba-25d8-4800-83a7-0416de923cb5

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3820122970067763515&agencyId=8304&advertiserId=2122379&src=tp&rnd=11312

Protocol

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jun 2022 21:49:12 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Date: Mon, 27 Jun 2022 21:49:12 GMT
Server: MT3 4475 c1dc35a master zrh-pixel-x26 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://c1.adform.net/serving/cookie/match?party=1066&cid=e1da62ba-25d8-4800-83a7-0416de923cb5
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Mon, 27 Jun 2022 21:49:11 GMT

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame FD81
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://c1.adform.net/serving/cookie/match?party=1084&cid=H8iogtKM1O5WBy5

35 B
467 B

43ms
43ms

Image
image/gif

37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1084&cid=H8iogtKM1O5WBy5

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3820122970067763515&agencyId=8304&advertiserId=2122379&src=tp&rnd=11312

Protocol

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jun 2022 21:49:12 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Pragma: no-cache
Date: Mon, 27 Jun 2022 21:49:11 GMT
Server: PingMatch/658332f#658332fc5aaa95d8a9be88d89d84d3c319923363 i-0ec0c6ff59ec4bd79@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://c1.adform.net/serving/cookie/match?party=1084&cid=H8iogtKM1O5WBy5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame FD81 70 B
265 B 157ms
49ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3820122970067763515&agencyId=8304&advertiserId=2122379&src=tp&rnd=11312
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jun 2022 21:49:12 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.0 200
OK image.sbmx
global.ib-ibi.com/ Frame FD81 0
72 B 406ms
98ms Image
text/plain 69.169.85.6
AMC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=3820122970067763515
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3820122970067763515&agencyId=8304&advertiserId=2122379&src=tp&rnd=11312
Protocol: HTTP/1.0
Security: TLS 1.2, RSA, AES_256_CBC
Server: 69.169.85.6 Colonia, United States, ASN29838 (AMC, US),
Reverse DNS
Software: BigIP /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Connection: close
Content-Length: 0
Server: BigIP

GET
H/1.1 200 0.gif
id5-sync.com/s/10/ Frame FD81 43 B
1 KB 82ms
24ms Image
image/gif 141.95.98.71
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/10/0.gif?puid=3820122970067763515

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3820122970067763515&agencyId=8304&advertiserId=2122379&src=tp&rnd=11312

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.71 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216577.ip-141-95-98.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 21:49:11 GMT
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/gif;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame FD81
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=3306750570
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=qNMjJ4rzTZZpyV4.LrPQvO

35 B
467 B

43ms
43ms

Image
image/gif

37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1145&cid=qNMjJ4rzTZZpyV4.LrPQvO

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3820122970067763515&agencyId=8304&advertiserId=2122379&src=tp&rnd=11312

Protocol

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jun 2022 21:49:12 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 27 Jun 2022 21:49:11 GMT
via: 1.1 google
last-modified: Mon, 27 Jun 2022 21:49:12 GMT
server: Weborama Collect Frontend
location: https://dmp.adform.net/serving/cookie/match/?party=1145&cid=qNMjJ4rzTZZpyV4.LrPQvO
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame FD81 23 B
172 B 147ms
48ms Image
image/gif 23.35.237.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=119&uid=3820122970067763515
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3820122970067763515&agencyId=8304&advertiserId=2122379&src=tp&rnd=11312
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-56.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jun 2022 21:49:12 GMT
cache-control: max-age=0, no-cache, no-store
expires: Mon, 27 Jun 2022 21:49:12 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

GET
H2

200

pixel.gif
sync.1dmp.io/ Frame FD81
Redirect Chain

https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=3820122970067763515
https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=3820122970067763515&cs=1

35 B
378 B

26ms
25ms

Image
image/gif

78.46.100.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=3820122970067763515&cs=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3820122970067763515&agencyId=8304&advertiserId=2122379&src=tp&rnd=11312
Protocol: H2
Server: 78.46.100.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.100.46.78.clients.your-server.de
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 21:49:12 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-type: image/gif
content-length: 35
expires: 0

Redirect headers

location: /pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=3820122970067763515&cs=1
date: Mon, 27 Jun 2022 21:49:12 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 0
expires: 0

GET
H2 204 /
s.ad.smaato.net/c/ Frame FD81 0
239 B 90ms
25ms Image
text/plain 2600:9000:224a:9000:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=3820122970067763515
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3820122970067763515&agencyId=8304&advertiserId=2122379&src=tp&rnd=11312
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:9000:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 21:49:12 GMT
via: 1.1 9ce5bc08de451222a6a280b1273d60c6.cloudfront.net (CloudFront)
server: CloudFront
cache-control: no-cache, must-revalidate
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: h6dSwGEEpnEtka7ui2KNq5pMqzb3P_RGaJUGklyOo0e8j3XrPfa4OA==
x-cache: FunctionGeneratedResponse from cloudfront

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame FD81
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=3820122970067763515&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DE...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=3820122970067763515&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7...
https://c1.adform.net/serving/cookie/match?party=2007&cid=8ef30fa0-faf6-4110-ba9b-d6abe5488e22

35 B
467 B

43ms
43ms

Image
image/gif

37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=2007&cid=8ef30fa0-faf6-4110-ba9b-d6abe5488e22

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3820122970067763515&agencyId=8304&advertiserId=2122379&src=tp&rnd=11312

Protocol

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jun 2022 21:49:12 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://c1.adform.net/serving/cookie/match?party=2007&cid=8ef30fa0-faf6-4110-ba9b-d6abe5488e22
date: Mon, 27 Jun 2022 21:49:12 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2 200 3820122970067763515
match.contentexchange.me/adform/ Frame FD81 0
49 B 154ms
42ms Image
text/plain 46.19.11.36
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.contentexchange.me/adform/3820122970067763515?redirect_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1219
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3820122970067763515&agencyId=8304&advertiserId=2122379&src=tp&rnd=11312
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.19.11.36 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: ilog.vsn.si
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 21:49:12 GMT
content-length: 0
server: nginx/1.16.1

GET
H2 200 xuid
eb2.3lift.com/ Frame FD81 37 B
140 B 75ms
23ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7354&xuid=3820122970067763515&dongle=AD20
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3820122970067763515&agencyId=8304&advertiserId=2122379&src=tp&rnd=11312
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 21:49:12 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 204 put
e1.emxdgt.com/ Frame FD81 0
59 B 167ms
46ms Image
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d52&uid=3820122970067763515
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3820122970067763515&agencyId=8304&advertiserId=2122379&src=tp&rnd=11312
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 21:49:11 GMT
content-length: 0
content-type: text/html

GET
H2 200 plf
c1.adform.net/imatch/ Frame FD81 0
261 B 43ms
43ms Image
text/plain 37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfl

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3820122970067763515&agencyId=8304&advertiserId=2122379&src=tp&rnd=11312

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=3820122970067763515&agencyId=8304&advertiserId=2122379&src=tp&rnd=11312
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 21:49:11 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 204 unip Show response
trc-events.taboola.com/1331528/log/3/ 0
250 B 151ms
33ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1331528/log/3/unip?en=pre_d_eng_tb&tos=1554&scd=29&ssd=1&est=1656366550942&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1656366552497&vi=1656366550938&ri=fbcefb6b53f3e619a315ceaf99132e6d&ref=null&cv=20220626-8-RELEASE&item-url=https%3A%2F%2Ffunguseliminator.com%2F
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1331528/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: https://funguseliminator.com
pragma: no-cache
date: Mon, 27 Jun 2022 21:49:12 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H3

200

activityi;dc_pre=CIivoKDOzvgCFYPi5godLjEEjw;src=10720395;type=allvi000;cat=allvi0;ord=1;num=786711350864;gtm=2wg6m0;auiddc=1445705038.1656366551;~oref=https%3A%2F%2Ffunguseliminator.com%2F Show response
10720395.fls.doubleclick.net/ Frame B874
Redirect Chain

https://10720395.fls.doubleclick.net/activityi;src=10720395;type=allvi000;cat=allvi0;ord=1;num=786711350864;gtm=2wg6m0;auiddc=1445705038.1656366551;~oref=https%3A%2F%2Ffunguseliminator.com%2F?
https://10720395.fls.doubleclick.net/activityi;dc_pre=CIivoKDOzvgCFYPi5godLjEEjw;src=10720395;type=allvi000;cat=allvi0;ord=1;num=786711350864;gtm=2wg6m0;auiddc=1445705038.1656366551;~oref=https%3A%...

404 B
357 B

123ms
75ms

Document
text/html

172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10720395.fls.doubleclick.net/activityi;dc_pre=CIivoKDOzvgCFYPi5godLjEEjw;src=10720395;type=allvi000;cat=allvi0;ord=1;num=786711350864;gtm=2wg6m0;auiddc=1445705038.1656366551;~oref=https%3A%2F%2Ffunguseliminator.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KWDB7M9

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f6.1e100.net

Software

cafe /

Resource Hash

5f80e5dc07099a2be656fa31db137f0a936bf832063d0f78d17dca509cd9cbb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 334
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Jun 2022 21:49:13 GMT
expires: Mon, 27 Jun 2022 21:49:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Jun 2022 21:49:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10720395.fls.doubleclick.net/activityi;dc_pre=CIivoKDOzvgCFYPi5godLjEEjw;src=10720395;type=allvi000;cat=allvi0;ord=1;num=786711350864;gtm=2wg6m0;auiddc=1445705038.1656366551;~oref=https%3A%2F%2Ffunguseliminator.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

event Show response
widget.as.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=92348&v=5.11.0&p0=e%3Dce%26m%3D%255B%255D%26h%3Dnone&p1=e%3Dexd%26z%3D%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-ee-1.2.0&p3=e%3Ddis&adce=1&bundle=vRkh2V9OSG1kT2wzJ...
https://widget.as.criteo.com/event?a=92348&v=5.11.0&p0=e%3Dce%26m%3D%255B%255D%26h%3Dnone&p1=e%3Dexd%26z%3D%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-ee-1.2.0&p3=e%3Ddis&adce=1&bundle=vRkh2V9OSG1kT2wzJ...

9 KB
9 KB

906ms
278ms

Script
application/x-javascript

182.161.74.16
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.as.criteo.com/event?a=92348&v=5.11.0&p0=e%3Dce%26m%3D%255B%255D%26h%3Dnone&p1=e%3Dexd%26z%3D%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-ee-1.2.0&p3=e%3Ddis&adce=1&bundle=vRkh2V9OSG1kT2wzJTJCTG5HRUJ1NzZBZ0luU2FIRWN3TDE0NW1yNHJiTkZEcVRBbVRrN25tZUZ6U0tVbTdjTE5ORnQlMkZZUjRUSjRsSmFyZ3JQQ2VjSUtFOHRFMEJhSTR4Q083MHJqeVBadG5qN1hXcHAxZFpYVG1SaEcxeGR3RmlFRU1ObU9DeGFHWjZtbXd5WUlLcDBsWTNDMVd6dndUOGpWTyUyQmg2dGppdzJhQVNsU00lM0Q&tld=funguseliminator.com&dy=1&fu=https%3A%2F%2Ffunguseliminator.com%2F&dtycbr=66861

Protocol

Server

182.161.74.16 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

114a6d946bf5c3de71c97b363876b61c865289c58755c4e80d5a3d3a2515b58d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jun 2022 21:49:13 GMT
server: Kestrel
timing-allow-origin: *
strict-transport-security: max-age=31536000; preload;
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 9555133
content-type: application/x-javascript
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 27 Jun 2022 21:49:11 GMT
server: Kestrel
location: https://widget.as.criteo.com/event?a=92348&v=5.11.0&p0=e%3Dce%26m%3D%255B%255D%26h%3Dnone&p1=e%3Dexd%26z%3D%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-ee-1.2.0&p3=e%3Ddis&adce=1&bundle=vRkh2V9OSG1kT2wzJTJCTG5HRUJ1NzZBZ0luU2FIRWN3TDE0NW1yNHJiTkZEcVRBbVRrN25tZUZ6U0tVbTdjTE5ORnQlMkZZUjRUSjRsSmFyZ3JQQ2VjSUtFOHRFMEJhSTR4Q083MHJqeVBadG5qN1hXcHAxZFpYVG1SaEcxeGR3RmlFRU1ObU9DeGFHWjZtbXd5WUlLcDBsWTNDMVd6dndUOGpWTyUyQmg2dGppdzJhQVNsU00lM0Q&tld=funguseliminator.com&dy=1&fu=https%3A%2F%2Ffunguseliminator.com%2F&dtycbr=66861
strict-transport-security: max-age=31536000; preload;
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2244884
timing-allow-origin: *
content-length: 0
expires: 0

GET
H2 200 dc_pre=CIivoKDOzvgCFYPi5godLjEEjw;src=10720395;type=allvi000;cat=allvi0;ord=1;num=786711350864;gtm=2wg6m0;auiddc=*;~oref=https%3A%2F%2Ffunguseliminator.com%2F
adservice.google.com/ddm/fls/z/ Frame B874 42 B
494 B 115ms
58ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CIivoKDOzvgCFYPi5godLjEEjw;src=10720395;type=allvi000;cat=allvi0;ord=1;num=786711350864;gtm=2wg6m0;auiddc=*;~oref=https%3A%2F%2Ffunguseliminator.com%2F

Requested by

Host: 10720395.fls.doubleclick.net
URL: https://10720395.fls.doubleclick.net/activityi;dc_pre=CIivoKDOzvgCFYPi5godLjEEjw;src=10720395;type=allvi000;cat=allvi0;ord=1;num=786711350864;gtm=2wg6m0;auiddc=1445705038.1656366551;~oref=https%3A%2F%2Ffunguseliminator.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10720395.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jun 2022 21:49:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame DE5D
Redirect Chain

https://ib.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=265387321350259004

43 B
370 B

145ms
38ms

Image
image/gif

178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=265387321350259004

Protocol

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jun 2022 21:49:13 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3481546
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 27 Jun 2022 21:49:14 GMT
X-Proxy-Origin: 217.114.215.132; 217.114.215.132; 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 76e34728-949f-47d4-8254-c76e27825e6b
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=265387321350259004
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame DE5D
Redirect Chain

https://secure.adnxs.com/seg?add=1005440&redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=265387321350259004

43 B
370 B

63ms
38ms

Image
image/gif

178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=265387321350259004

Protocol

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jun 2022 21:49:14 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2836764
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 27 Jun 2022 21:49:14 GMT
X-Proxy-Origin: 217.114.215.132; 217.114.215.132; 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: f4826092-3797-4f4a-b8d2-b14b205bd48c
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=265387321350259004
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame DE5D 43 B
220 B 27ms
23ms Image
image/gif 3.72.114.165
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-DyPIur8_dWaN1kJQKOsxi8kTmAeFcUjIPa0-zQ&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.72.114.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-72-114-165.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 27 Jun 2022 21:49:14 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame DE5D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-EoJotb8_dWaN1kJQKOsxi8kTmAdfrfeZHfrAmQ&google_cm&google_hm=ay1Fb0pvdGI4X2RXYU4xa0pRS09zeGk4a1RtQWRmcmZlW...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-EoJotb8_dWaN1kJQKOsxi8kTmAdfrfeZHfrAmQ&google_gid=CAESEMFN62-2aetDKtEjO9o23mc&google_cver=1&google_ula=913071,0

43 B
371 B

172ms
36ms

Image
image/gif

178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-EoJotb8_dWaN1kJQKOsxi8kTmAdfrfeZHfrAmQ&google_gid=CAESEMFN62-2aetDKtEjO9o23mc&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jun 2022 21:49:14 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1271284
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Jun 2022 21:49:14 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-EoJotb8_dWaN1kJQKOsxi8kTmAdfrfeZHfrAmQ&google_gid=CAESEMFN62-2aetDKtEjO9o23mc&google_cver=1&google_ula=913071,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame DE5D 49 B
235 B 125ms
33ms Image
image/gif 185.255.84.153
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-IhOuC78_dWaN1kJQKOsxi8kTmAfdkyFbs4fXnw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.153 Ivry-sur-Seine, France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jun 2022 21:49:13 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 2
content-length: 49
expires: 0

GET
H2 200 rum
r.casalemedia.com/ Frame DE5D 43 B
936 B 130ms
59ms Image
image/gif 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-mMb0Fb8_dWaN1kJQKOsxi8kTmAedjgZhpI3Vyg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 72216434cc73bb65-FRA
pragma: no-cache
date: Mon, 27 Jun 2022 21:49:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LAEW3YiN8gbLuFU4OO0qdylVNmtv8W84DGNZfjhe3vNUMHL6y4Tp2Vk1IYEfSzoHiB5zaMncbSNzet2ijiBS%2BAd4ioErKGsa5UPOFlybZumx0uWlHAvUeHkw44i5U4yxs8RO"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

GET
H2 200 match
ad.360yield.com/ Frame DE5D 43 B
509 B 49ms
45ms Image
image/gif 54.77.200.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-dpq4Q78_dWaN1kJQKOsxi8kTmAdfwn7f0NAdxQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.200.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-200-44.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 27 Jun 2022 21:49:14 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3

451

397596.gif
idsync.rlcdn.com/ Frame DE5D
Redirect Chain

https://gum.criteo.com/sync?c=6&r=1&k=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40
https://idsync.rlcdn.com/397596.gif?partner_uid=B7apb6PxhAAuadQNU0MK9Vuw71HdQPt3

0
9 B

83ms
32ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/397596.gif?partner_uid=B7apb6PxhAAuadQNU0MK9Vuw71HdQPt3
Protocol: H3
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 21:49:14 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

location: https://idsync.rlcdn.com/397596.gif?partner_uid=B7apb6PxhAAuadQNU0MK9Vuw71HdQPt3
date: Mon, 27 Jun 2022 21:49:13 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2780
content-length: 197
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8

GET
H2 200 cksync.php
contextual.media.net/ Frame DE5D 45 B
786 B 395ms
326ms Image
image/gif 104.90.104.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-XOE9Rr8_dWaN1kJQKOsxi8kTmAeu259aRE4t_Q

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.90.104.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-90-104-26.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
server: Apache
date: Mon, 27 Jun 2022 21:49:14 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Mon, 27 Jun 2022 21:49:14 GMT

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame DE5D 40 B
40 B 95ms
25ms Image
text/html 18.185.150.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-RXTMPb8_dWaN1kJQKOsxi8kTmAf6IwYdP7LBRw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.150.140 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-150-140.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 21:49:14 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame DE5D 0
476 B 435ms
104ms Image
text/plain 70.42.32.191
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-dkLSa78_dWaN1kJQKOsxi8kTmAecQ2wAc3qkvA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 27 Jun 2022 21:49:14 GMT
Cache-Control: no-cache
X-TraceId: 216e59904bac5e4a43e48e8cbc786cdb
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame DE5D 0
74 B 40ms
36ms Image
text/html 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-VmV8Pb8_dWaN1kJQKOsxi8kTmAcP7zYpxLSl4g
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 11:03:55 GMT
content-encoding: gzip
server: nginx
cache-control: no-store, no-cache, private
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type: text/html; charset=utf-8

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame DE5D 0
239 B 131ms
24ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-w9V0pr8_dWaN1kJQKOsxi8kTmAc4lqmCG8ixFg&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/gif

GET
H2 204 v1
match.sharethrough.com/sync/ Frame DE5D 0
35 B 114ms
23ms Image
text/plain 3.66.244.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-0Cr2eb8_dWaN1kJQKOsxi8kTmAe3szOSoPImvw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.66.244.147 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-244-147.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 21:49:14 GMT

GET
H2 204 /
s.ad.smaato.net/c/ Frame DE5D 0
240 B 28ms
25ms Image
text/plain 2600:9000:224a:9000:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-pnpyHb8_dWaN1kJQKOsxi8kTmAebtdxm-kFAnQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:9000:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 21:49:14 GMT
via: 1.1 9ce5bc08de451222a6a280b1273d60c6.cloudfront.net (CloudFront)
server: CloudFront
cache-control: no-cache, must-revalidate
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: -5AaTiqhykuxnCQfABxyAVLEkymDEbPG3aiBKR_-kyW3FXxcK6ODZA==
x-cache: FunctionGeneratedResponse from cloudfront

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame DE5D 43 B
163 B 32ms
31ms Image
image/gif 185.86.139.106
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k--qIVLL8_dWaN1kJQKOsxi8kTmAdzhumOEwMYpA
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.106 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 21:49:14 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame DE5D 0
98 B 44ms
28ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-nhoCHL8_dWaN1kJQKOsxi8kTmAetRP7bx4ksag
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 21:49:14 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 27971

GET
H2 200 um
criteo-sync.teads.tv/ Frame DE5D 23 B
172 B 72ms
50ms Image
image/gif 23.35.237.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-1F0b2L8_dWaN1kJQKOsxi8kTmAdoRUhaTR_6_w
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-56.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jun 2022 21:49:14 GMT
cache-control: max-age=0, no-cache, no-store
expires: Mon, 27 Jun 2022 21:49:14 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame DE5D 37 B
139 B 25ms
22ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-Gri1UL8_dWaN1kJQKOsxi8kTmAcgwXyWAYwy8g&dongle=013b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 21:49:14 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 204 v1
ads.yahoo.com/cms/ Frame DE5D 0
194 B 167ms
35ms Image
text/plain 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 21:49:14 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame DE5D 0
323 B 38ms
35ms Image
text/plain 3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-1v9e_r8_dWaN1kJQKOsxi8kTmAfucOYP3tyU-Q

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.46 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 21:49:14 GMT
server: ATS/9.1.0.46
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame DE5D 0
522 B 35ms
34ms Image
text/plain 96.16.132.239
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dm_id=8666&ext_id=k-TP7c1r8_dWaN1kJQKOsxi8kTmAfYLr-_4OfT5A

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.132.239 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-132-239.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Jun 2022 21:49:14 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Sun, 26 Jun 2022 21:49:14 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame DE5D 43 B
220 B 173ms
43ms Image
image/gif 34.249.170.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-esO-Er8_dWaN1kJQKOsxi8kTmAehPZe2qCiqxw&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.170.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-170-53.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 27 Jun 2022 21:49:14 GMT
content-type: image/gif
content-length: 43
access-control-allow-methods: GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

GET
H/1.1 200 9.gif
id5-sync.com/s/966/ Frame DE5D 43 B
1 KB 23ms
22ms Image
image/gif 141.95.98.71
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-2y2Qg78_dWaN1kJQKOsxi8kTmAcyUxy9dFfVzw

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.71 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216577.ip-141-95-98.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 21:49:13 GMT
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/gif;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

GET
H/1.1

200
OK

ibs:dpid=28645&dpuuid=A9u39_zY39S17k4pQ266v5V5lueI4vk4
dpm.demdex.net/ Frame DE5D
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=A9u39_zY39S17k4pQ266v5V5lueI4vk4

42 B
945 B

1093ms
1093ms

Image
image/gif

52.49.145.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=28645&dpuuid=A9u39_zY39S17k4pQ266v5V5lueI4vk4

Protocol

HTTP/1.1

Server

52.49.145.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-145-37.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v034-087a1f9d4.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: /hOwlv5NTes=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=28645&dpuuid=A9u39_zY39S17k4pQ266v5V5lueI4vk4
date: Mon, 27 Jun 2022 21:49:13 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2517
content-length: 198
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame DE5D 0
522 B 30ms
30ms Image
text/plain 96.16.132.239
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-TP7c1r8_dWaN1kJQKOsxi8kTmAfYLr-_4OfT5A

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.132.239 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-132-239.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Jun 2022 21:49:14 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Sun, 26 Jun 2022 21:49:14 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame DE5D
Redirect Chain

https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=265387321350259004

43 B
370 B

38ms
37ms

Image
image/gif

178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=265387321350259004

Protocol

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jun 2022 21:49:13 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1613329
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 27 Jun 2022 21:49:14 GMT
X-Proxy-Origin: 217.114.215.132; 217.114.215.132; 733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 324499be-fe74-4d21-87ca-d32c40dfc29e
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=265387321350259004
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 v1
ads.yahoo.com/cms/ Frame DE5D 0
17 B 35ms
35ms Image
text/plain 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~fa63d183df77c65a03eac82806b701b9c4f726b8&nwid=10000892938&sigv=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 21:49:14 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame DE5D 43 B
219 B 44ms
43ms Image
image/gif 34.249.170.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=%3Ccriteo%20user%20id%3E&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.170.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-170-53.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 27 Jun 2022 21:49:14 GMT
content-type: image/gif
content-length: 43
access-control-allow-methods: GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

GET
H/1.1 200
OK setuid
secure.adnxs.com/ Frame DE5D 43 B
1 KB 41ms
41ms Image
image/gif 185.33.221.11
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=52&code=k-n8nJ7b8_dWaN1kJQKOsxi8kTmAcXAPf63Zf0SQ&seg=130915

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Jun 2022 21:49:14 GMT
X-Proxy-Origin: 217.114.215.132; 217.114.215.132; 733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 4e027a85-0573-4f7e-9636-4aff9cac7c20
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 unip Show response
trc-events.taboola.com/1331528/log/3/ 0
249 B 29ms
29ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1331528/log/3/unip?en=pre_d_eng_tb&tos=4555&scd=29&ssd=1&est=1656366550942&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1656366555498&vi=1656366550938&ri=fbcefb6b53f3e619a315ceaf99132e6d&ref=null&cv=20220626-8-RELEASE&item-url=https%3A%2F%2Ffunguseliminator.com%2F
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1331528/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: https://funguseliminator.com
pragma: no-cache
date: Mon, 27 Jun 2022 21:49:15 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H3 200 error
connect.facebook.net//log/ 0
0 47ms
46ms Image
text/html 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://connect.facebook.net//log/error?p=pixel&v=2.9.62&e=TypeError%3A%20URL%20is%20not%20a%20constructor&s=TypeError%3A%20URL%20is%20not%20a%20constructor%0A%20%20%20%20at%20Object.%3Canonymous%3E%20(https%3A%2F%2Fconnect.facebook.net%2Fsignals%2Fconfig%2F1181125052062198%3Fv%3D2.9.62%26r%3Dstable%3A29%3A6135)%0A%20%20%20%20at%20https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A24%3A6282%0A%20%20%20%20at%20v%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A24%3A71160)%0A%20%20%20%20at%20a.value%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A24%3A6209)%0A%20%20%20%20at%20sa%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A27%3A10951)%0A%20%20%20%20at%20Function.Z%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A27%3A9182)%0A%20%20%20%20at%20Function.X%20%5Bas%20callMethod%5D%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A27%3A3936)%0A%20%20%20%20at%20b.fbq.b.fbq%20(%3Canonymous%3E%3A1%3A79)%0A%20%20%20%20at%20%3Canonymous%3E%3A1%3A1%0A%20%20%20%20at%20https%3A%2F%2Fwww.googletagmanager.com%2Fgtm.js%3Fid%3DGTM-KWDB7M9%3A480%3A414&ue=0&rs=stable&rqm=FGET
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

99 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.funguseliminator.com/	1970-01-20 06:15:42	Name: _gcl_au Value: 1.1.1445705038.1656366551
.bing.com/	1970-01-20 13:27:42	Name: MUID Value: 0B341757A84760E514E20687A92C61C1
.funguseliminator.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .funguseliminator.com
.funguseliminator.com/	1970-01-20 21:37:18	Name: _lc2_fpi Value: 497ad39143c8--01g6kj7kxhwh84gzc2ncvxpbcz
.funguseliminator.com/	1970-01-20 21:37:18	Name: _ga Value: GA1.2.34659612.1656366551
.funguseliminator.com/	1970-01-20 04:07:32	Name: _gid Value: GA1.2.973143881.1656366551
.funguseliminator.com/	1970-01-20 04:06:06	Name: _gat_UA-55722554-1 Value: 1
.funguseliminator.com/	1970-01-20 04:07:32	Name: _uetsid Value: fa6676d0f66211ec96327574cb6dd432
.funguseliminator.com/	1970-01-20 13:27:42	Name: _uetvid Value: fa667f30f66211ec8c9b43b0ffb6a310
.funguseliminator.com/	1970-01-20 12:51:42	Name: ucacid Value: 1658621986.233865
.funguseliminator.com/	1970-01-20 06:15:42	Name: _fbp Value: fb.1.1656366551196.1768658411
.criteo.com/	1970-01-20 13:27:42	Name: uid Value: 318ba454-99d6-41a0-abf5-f841656bae4f
secure.funguseliminator.com/	1970-01-20 04:16:11	Name: AWSALB Value: KZIB+Z7LQIi2XbIzTWmPSAiqSZVBZoc++Ai2AG3YLrnN8Q3BbXR1Rtm9TZP05qd9iiYHMgBfSp1MmHomoTGihYMxFdttKlWG94t7D98G8L6o5Oqu9temsOfdfxXb
secure.funguseliminator.com/	1970-01-20 04:16:11	Name: AWSALBCORS Value: KZIB+Z7LQIi2XbIzTWmPSAiqSZVBZoc++Ai2AG3YLrnN8Q3BbXR1Rtm9TZP05qd9iiYHMgBfSp1MmHomoTGihYMxFdttKlWG94t7D98G8L6o5Oqu9temsOfdfxXb
funguseliminator.com/	1970-01-20 04:06:06	Name: outbrain_cid_fetch Value: true
.adform.net/	1970-01-20 04:49:18	Name: C Value: 1
.adform.net/	1970-01-20 05:32:30	Name: uid Value: 3820122970067763515
.adform.net/	1970-01-20 04:07:32	Name: CM Value: 1\|1
.liadm.com/	1970-01-20 21:37:18	Name: lidid Value: fc2998e3-a2a4-4e62-b4df-9f22c31cd4e2
.adform.net/	1970-01-20 04:26:10	Name: CM14 Value: 1656447373_1656360973_1_Hu7u4e4e4R7u7u4REREeERERERHhEQ
.seadform.net/	1970-01-20 05:32:30	Name: uid Value: 3820122970067763515
.funguseliminator.com/	1970-01-20 13:35:30	Name: cto_bundle Value: vRkh2V9OSG1kT2wzJTJCTG5HRUJ1NzZBZ0luU2FIRWN3TDE0NW1yNHJiTkZEcVRBbVRrN25tZUZ6U0tVbTdjTE5ORnQlMkZZUjRUSjRsSmFyZ3JQQ2VjSUtFOHRFMEJhSTR4Q083MHJqeVBadG5qN1hXcHAxZFpYVG1SaEcxeGR3RmlFRU1ObU9DeGFHWjZtbXd5WUlLcDBsWTNDMVd6dndUOGpWTyUyQmg2dGppdzJhQVNsU00lM0Q
.adscale.de/	1970-01-20 12:48:22	Name: uu Value: 1f888b6b15db45f9af6d174a88adf5b7
.adscale.de/	1970-01-20 12:48:22	Name: cct Value: 1656366551772
.casalemedia.com/	1970-01-20 12:51:42	Name: CMID Value: Yrol10hfIFFUZoVArx7z.gAA
.casalemedia.com/	1970-01-20 06:15:42	Name: CMPS Value: 2239
.casalemedia.com/	1970-01-20 06:15:42	Name: CMPRO Value: 2239
.yieldlab.net/	1970-01-20 12:51:42	Name: id Value: c4d6646f-3219-412c-9b4c-86bbb83ad9b5
.bidswitch.net/	1970-01-20 12:51:42	Name: tuuid Value: 0c1427b4-5840-4343-8dbb-24973f24b386
.bidswitch.net/	1970-01-20 12:51:42	Name: c Value: 1656366551
.bidswitch.net/	1970-01-20 12:51:42	Name: tuuid_lu Value: 1656366551
.ih.adscale.de/	1970-01-20 12:48:22	Name: tu Value: 4#3647358500#42~3820122970067763515~460101~0~0
ads.stickyadstv.com/	1970-01-20 05:32:30	Name: uid-bp-617 Value: 3820122970067763515
ads.stickyadstv.com/	1970-01-20 04:49:18	Name: UID Value: 8cca1911a77d91fe6f6a4c30845413e5
ads.stickyadstv.com/	1969-12-31 23:59:59	Name: sessionId Value: cd2d6d2861f17859450bc987fe4b
.360yield.com/	1970-01-20 06:15:42	Name: tuuid Value: 72780e38-d775-4aaa-91de-2c328dd18dbb
.360yield.com/	1970-01-20 06:15:42	Name: tuuid_lu Value: 1656366551
.eyeota.net/	1970-01-20 04:06:07	Name: SERVERID Value: 23799~DM
.yahoo.com/	1970-01-20 12:52:04	Name: A3 Value: d=AQABBNclumICEHqLoWTRff6dQYFuU-gL-zYFEgEBAQF3u2LEYgAAAAAA_eMAAA&S=AQAAAn4CKHEiwwAvqs4HB2JP8rE
.semasio.net/	1970-01-20 12:51:42	Name: SEUNCY Value: 38D28523189B03A3
.crwdcntrl.net/	1969-12-31 23:59:59	Name: _cc_cc Value: ctst
cm.adsafety.net/	1970-01-20 12:51:42	Name: UID Value: CM12022062721a5a404960567fd074ea
.adsafety.net/	1970-01-20 12:51:42	Name: cm_uid Value: CM12022062721a5a404960567fd074ea
.krxd.net/	1970-01-20 08:25:18	Name: _kuid_ Value: O7I5hIzA
tags.adsafety.net/	1970-01-20 12:51:42	Name: UID Value: fddeddbc3d0af414c31b55cd4fe37253
tags.adsafety.net/	1970-01-20 12:51:42	Name: DID Value: fddeddbc3d0af414c31b55cd4fe37253
tags.adsafety.net/	1970-01-20 12:51:42	Name: IDT Value: 100
tags.adsafety.net/	1970-01-20 12:51:42	Name: cookie_ver Value: 2
tags.adsafety.net/	1970-01-20 04:49:18	Name: block_reset Value: 1
.adsafety.net/	1970-01-20 12:51:42	Name: ct_uid Value: fddeddbc3d0af414c31b55cd4fe37253
.adsafety.net/	1970-01-20 12:51:42	Name: ct_did Value: fddeddbc3d0af414c31b55cd4fe37253
.adsafety.net/	1970-01-20 12:51:42	Name: ct_idt Value: 100
.adnxs.com/	1970-01-20 06:15:42	Name: uuid2 Value: 265387321350259004
cm.adsafety.net/	1970-01-20 12:51:42	Name: permanent Value: 1
.doubleclick.net/	1970-01-20 13:27:42	Name: IDE Value: AHWqTUmcuVMk3D79N-xRntLW5IJJ8nd_TsNNSnzdYA-MjLiqBgB_J2_AEtHvS3RFQVU
ads.smartstream.tv/	1970-01-20 12:51:42	Name: DID Value: fddeddbc3d0af414c31b55cd4fe37253
ads.smartstream.tv/	1970-01-20 12:51:42	Name: idt Value: 100
ads.smartstream.tv/	1970-01-20 12:51:42	Name: permanent Value: 1
ads.smartstream.tv/	1970-01-20 04:49:18	Name: cm_uid Value: CM12022062721a5a404960567fd074ea
.adfarm1.adition.com/	1970-01-20 06:15:42	Name: UserID1 Value: 7114040171033393293
.onaudience.com/	1970-01-20 12:51:42	Name: cookie Value: 8bdabf92f45c4e7e
.onaudience.com/	1970-01-20 04:07:32	Name: done_redirects68 Value: 1
.agkn.com/	1970-01-20 12:51:42	Name: ab Value: 0001%3AET1KMFkw%2BqmOeFco7gr6WT2u7%2FmKZ4GG
cm.adsafety.net/	1970-01-20 12:51:42	Name: cache0 Value: KzFHSk9wMUZsMkpMMjlsMzBXenlaNHliSDVMb0VoclFLcjhrbndKdjdrU0dxbDM0K0tFOG9yYXExYkI3L2pJcEc2NUpJMnduNnFtVzNrWGZyQnkwSHlFb2FmeFdRZEdZU1VnRnB1R0diek54TW5hMnNldnNUUm80cFNjMjVSZzJLU0MwMkh4RDlBNU16dzZkSzhta3NpcVRUREpzT0RmckVlbW10UjcwV2Yzbk1jTFFpcEhybjdCY3gyazZJMHdVRjc3TnpTb1E2Nks2eHVvTnkvSStoc3hEbEthMHE4a2J2VnI4TUd2U05hTCtJeFNzbkpWeEdYN2pTQlFNQXpXcGQrNVRyeUZ0NUh3VjVGREQyeWMrZ3VXdGVDU2xDRm4zQUQ4MmtwOUlHOFdsZDJ2cTRoUXBuejMxbGJHMTJWek15cWcrVzl4S0Z5S2k1VFlrc2dGMlJqZ2Uwb251SmtlYmRWVS9nZXRLOUQxRy85ZGNLMEVaVGdKVTNJL3krYlc1WWVoT0RZOE8wRGYzL2pjRVpLaU1jNE1oaVZzNGFyL1pKRTNmemkvQmp6Y1AyNEdERkNvNjFrME9sSkszRU1EandwTk1xYk1PYVNSMWJaOFA4cUhsZjFJYXBXUW9ad21uSE1qNnJ3YTcvS1Q0S1VZZEZjZTJlNmN0RDl4UmNFZ0NFS3RhemY4ejlZVTZndVhGcFd5eGl2OEZsUVdEVUtPM0p0UXF1R3RwaTBZVGpuU3B6alFmT3RiU3dyL2VhajZYZXUwa3JIRThkVGowUHdCTkZtMFBFdFFkTUVxSXM1SjNJdVJOb1FHb3Q0MlVYQ3d0QjZoSjg1Uk5CODhJbWRab1pGL3pSaVhzQ01kallocjV2OW10R3RselVwbWtteE1KQk8yclcyYW1SNWVCS2k4Tlo0Wm5rWFRSTUxHdDBNOE8xQnppUi84QW1pQkNKYVoyMzVJMk40TGszc2FuZkVNdHRtdUhMVm1yMitPVmwvTTNVRXF2em5EclZlZ1N3cUlScGp3Uk5meHZVVlJWcnEwOFgxTTgzdEpBbzJvbmp5eG9HcThYZklVUEh2Q2pYU0pPY0o2cnNNMGtqMzRHdmprbmJGR0d4elFZOGU3c0Z0UTg0Qlh1UkE9PQ%3D%3D
.w55c.net/	1970-01-20 13:34:54	Name: wfivefivec Value: H8iogtKM1O5WBy5
.w55c.net/	1970-01-20 04:49:18	Name: matchadform Value: 5
.id5-sync.com/	1970-01-20 04:06:06	Name: cf Value:
.id5-sync.com/	1970-01-20 04:06:06	Name: cip Value:
.id5-sync.com/	1970-01-20 04:06:06	Name: cnac Value:
.id5-sync.com/	1970-01-20 04:06:06	Name: car Value:
.id5-sync.com/	1970-01-20 04:06:06	Name: gdpr Value:
.id5-sync.com/	1970-01-20 04:06:06	Name: callback Value:
.onaudience.com/	1970-01-20 04:07:32	Name: done_redirects161 Value: 1
.weborama.fr/	1970-01-20 13:32:01	Name: AFFICHE_W Value: GFCsQScYNncY14
.1dmp.io/	1970-01-20 12:51:42	Name: uid Value: fb4c6b00-f662-11ec-8677-901b0e934d81
.mathtag.com/	1970-01-20 13:32:01	Name: uuid Value: 634062ba-25d8-4000-b136-04d99e841c26
.audrte.com/	1970-01-20 04:27:42	Name: arcki2 Value: hh1VnYIhHULT42QKObTpMfMPA!20210804!1656366552479
.audrte.com/	1970-01-20 04:27:42	Name: arcki2_adform Value: 3820122970067763515!20210804!1656366552480
.audrte.com/	1970-01-20 04:16:11	Name: arcki2_TTT Value: 1656366552481!hh1VnYIhHULT42QKObTpMfMPA!H4sIAAAAAAAAACWXWXJtIQhFB+O3VQrYMBw75j+ErHPzlcqLR2GzG14cfW++yFJrzaZN8lxn5eazux3dtXoq/YnedfKV51ljr+xSV96u5za9EnWnuotEs5PF1s726s3+omS7PbSeaDs81TBpcnvmzMq2u+cpS/Lu2+XNboPnNF7oiJNLj5bVw7P39fL1+pr1Mv3WdO6cu5yeefJlO1PzniFZ9vTQ21y6J3ntTD+Sz+Ml26/lXefOXLHnbfF2tNRVuWiWPIpbNn8778bJeUbRfcfxO1M/PV6fvFSc6sVaXi04HtLqqaXsZSlW7e2dlu9Sy3qp3qNrbpXPZd46rqbGT/CyPKZy3eM6r7vmLuXuc5bF7MnqfFPvyd3Hy/pKZC9W8o5+qm2papKq3LGlHG5iGNbNMl/tHHLvkXPGmC1d8xqHduJ2nnONvLWXfBjeK7NZ25pWCCWs+70EC+RuEG/M+wB3rNMCnNYpw957ue95GOtXjk7PAQDtrVqq7/S8FvhgeX0Q2FjgWDm5CtfvN8qcnlatnTZHZgqS9bSV14R0sxTXqnwaO/Vtdwn3v/eN5cCXtZsxwLLtLYCOl17bS73OfHVw6D0O3RO5mNposFkl0rge4tQ09HKo7M5NVPcqA923e8RNy2n7CXPYzNbmhgXF1jclhQEW3U+Kd46fDU5d14fTRQMyc1HnQOXzOdPU6mW1QeEC/cer1Fw3LY6OmlYV8RSnyeoGN94VmCkw87SSn9MdFBHbIG5jH+7OXY9yiHLoe2c57ditGrQFn1BAnQCjOiHdJ4RKn6jxdu4t0Dt1h1ql0Nhq77vJGDAc3E/vZZJzHCCgslIDegeSM+koGIZ8Ay69rb17WWl8zwxswpfSnS0u8c8w+vVjE5+ISHeavSmPAetgdo6rbG7ixBo3eivPU7/L2/i8IDaFeREkZcwutNUVDKXt5A0A37n56QpI9xFgtpbbLDD/jlUHODHOhVpBT2Am9eXpYnhaL2Mz6rUkHWi7ZIBjPx99hRbGhl5x7dnUKDaTmvYWpedz5HeIAev+dIN+ny+cLFK1t6s2zQsBQpVLnw1JvXUeeu+jnp6kQfYPQuUfwMkjz1uovpc+t4jq0FRamzQ/crkXxCvu6XOMfKosX1d2WT0FzCrCc14c9z2bmxaSQikjmmr0K2lNbFskMIxPnHsD5iqQrke5y+xzvNSA8p1Rs4xyv8IPLSh88et8P5HMSOW1wZAsh1OJDfv6hIPb+bGrwPyXjpV2+CXrAAJQY7ZCC7s2MaICEG8KpovhbCT1gL3pyfuz/cogPhh815FuOU8a4q0X8VGnfbHx8vJzoAC2SuGC+dlXM06qIIqrQOGVTz8LB5hnBu4LXLdTqSIhcGKKG/PCC16NffddYyR6vDFN8q0fnwpvbsfz5sLF+Gb4qWlQ2/tm72t93Q2o0vvEfVuxPhcWj8xf7LMRvwDMf5QtPssVGc2hs3UdiQTFQBE3BjkR3+KQMIAWinGM2oqshJU+bSDeDVLqhm+T33McDEK8kQWRws69My5gjp75M2PpSOY0UI4rfmJi9nf2iu44WDk08VRyIe/71Bv5OKMkm8HrVfMtXzyPSSIU4g9qtBPWO2JKJsTQB8yIzzPlJ4QKGG8/4DvTvlDs42EANZ8x6S5Q+G7e6GO8BtJe10nY+219tFzqtzwox5l+xTOfVTGLIQjhEWgDbjCk+c3uGwv0PJeJsDAEGKRaln0hhI18/oQnI/M3ctSHEDqmCX2fDuKpfvH9BbXy5j6Bwvg7g+q3i6Wfe0RFKNN4bhxqWjjZtxAAfyMyPdl6ep7BosGUrcLhjdTyO9S/sQu8FDs89yES0MMBlK0J7FvPsLobJgboWA+UsYZxf6RHt1gs3s+vU+SoCzrWhHvAX3aVLvDNGuJa/lDoo+o1GU7RdLdXfI9yZiCpCqnQ+8mfNT0+LwgwOaZf8NvPc+3b6X7dPabsUxx72lYSXfR1id/muK8+WpgNn/UYUYaijttJBDQuuFLFR4nXotxJ8k34StrHLHuTnLLKJVZ2wwlVtWKHLFFOHdJJppCSSJ8jnU1N+ueJctu3+JGhVTSwF+vXUinrOFaZSdP6xQY1fQrGutkkmGd76M5HWTsiv/v5eEAA/9ZSFosBXh2DmknKxmxXZev5fLxRsw/AgKiI9HIqamp71EkQf+jw3CTU1ucapd5vE2PVGj0NdtHQTx4xf0LAK+aAeTLru0VZ2iJ1pvEDphPNX8CQd+Hw5fRXrdkdrCHM6JLUCKkDEaHHkhTNM9uFVvyhiY8kbG27cP/7VmlzxAmM1FTekWHy9nlsYgeiYdw4vn/+BGIXz2wsE/iyMQIWP2pSJ6NRPYYhtOD3fRsATD0oUkpLu+1vb2TsX/JaY2EhFDFzX5jwUn0KCxbY+2JBlvaFIuv9YlUiqO+2wFeu1STrGHiejPMRGzAxE0L8b4CsYQmPj2F/DYxgMG0MAAA=
.tapad.com/	1970-01-20 05:32:30	Name: TapAd_TS Value: 1656366552620
.tapad.com/	1970-01-20 05:32:30	Name: TapAd_DID Value: 8ef30fa0-faf6-4110-ba9b-d6abe5488e22
.onaudience.com/	1970-01-20 04:07:32	Name: done_redirects147 Value: 1
.audrte.com/	1970-01-20 04:27:42	Name: arcki2_ddp Value: CAESECvHDQKrK9pila-HdO7p2UM!20210804!1656366552631
.tapad.com/	1970-01-20 05:32:30	Name: TapAd_3WAY_SYNCS Value:
.demdex.net/	1970-01-20 08:25:18	Name: demdex Value: 42620536662102682320060529011694636423
.dpm.demdex.net/	1970-01-20 08:25:18	Name: dpm Value: 42620536662102682320060529011694636423
.analytics.yahoo.com/	1970-01-20 12:51:42	Name: IDSYNC Value: "1760~25p9:18zh~25p9"
.360yield.com/	1970-01-20 06:15:42	Name: um Value: !42,7BRWSKtJlb.UnkMUYoynZJTG5CBX.VKy4X0GZnpuWXa-,1657570573!38,jAROHD07wLEw2U0mMlWLQaKC4qD.hGSy0lcC8moTqYLrn8eFK.E8Xg31x20AcoOLF9Lcj0hU,1664142554
.360yield.com/	1970-01-20 06:15:42	Name: umeh Value: !42,0,1718574551,-1!38,0,1718574554,-1
exchange.mediavine.com/	1970-01-20 04:26:16	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%22fc6a8530-f662-11ec-b7e2-8d606a8279a1%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 04:26:16	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22fc6a8530-f662-11ec-b7e2-8d606a8279a1%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 04:26:16	Name: criteo Value: %7B%22id%22%3A%22k-RXTMPb8_dWaN1kJQKOsxi8kTmAf6IwYdP7LBRw%22%2C%22version%22%3A%22criteo%22%7D
.casalemedia.com/	1970-01-20 06:15:42	Name: CMTS Value: 3310
.adnxs.com/	1970-01-20 06:15:42	Name: anj Value: dTM7k!M4/QCxrEQF']wIg2GTsvWlzM!fDuh#MUTtns5:!00MXRGllocFSp]kHMCofHNo)(G4t+=o:N<2GdD1[EkQ`i:Y0pgau8)>COSkusP@JVM^URcNduGJ)v$no.m@[X([Ur.F$`ac$2Tnq`npQOf=kWg0D(Es@>?
.media.net/	1970-01-20 12:51:42	Name: visitor-id Value: 2993681548214836000V10
.media.net/	1970-01-20 04:49:18	Name: data-c-ts Value: 1656366554
.media.net/	1970-01-20 04:49:18	Name: data-c Value: k-XOE9Rr8_dWaN1kJQKOsxi8kTmAeu259aRE4t_Q~~3
.outbrain.com/	1970-01-20 06:15:42	Name: obuid Value: d491cfc7-a19f-49b6-9fe2-19cbdd6063bd
.outbrain.com/	1970-01-20 04:26:16	Name: criteo Value: k-dkLSa78_dWaN1kJQKOsxi8kTmAecQ2wAc3qkvA

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://idsync.rlcdn.com/398366.gif?partner_uid=3820122970067763515 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://u.4dex.io/setuid?bidder=bidswitch&uid=0c1427b4-5840-4343-8dbb-24973f24b386&gdpr=&gdpr_consent=&us_privacy= Message: Failed to load resource: the server responded with a status of 401 ()
other	warning	URL: https://dynamic.criteo.com/js/ld/ld.js?a=92348(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://idsync.rlcdn.com/397596.gif?partner_uid=B7apb6PxhAAuadQNU0MK9Vuw71HdQPt3 Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10720395.fls.doubleclick.net
a.audrte.com
a1.adform.net
aa.agkn.com
ad.360yield.com
ad.yieldlab.net
ads.smartstream.tv
ads.stickyadstv.com
ads.yahoo.com
adservice.google.com
amplify.outbrain.com
api.adrtx.net
b-code.liadm.com
bat.bing.com
beacon.krxd.net
c1.adform.net
cdn.taboola.com
cm.adsafety.net
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
criteo-sync.teads.tv
d1pqvb2h9xgm7r.cloudfront.net
d9i5ve8f04qxt.cloudfront.net
dis.criteo.com
dmp.adform.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dynamic.criteo.com
e1.emxdgt.com
eb2.3lift.com
eu-u.openx.net
exchange.mediavine.com
funguseliminator.com
global.ib-ibi.com
gum.criteo.com
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
loada.exelator.com
loadm.exelator.com
match.adsrvr.org
match.contentexchange.me
match.sharethrough.com
mug.criteo.com
pdw-adf.userreport.com
pixel.advertising.com
pixel.mathtag.com
pixel.onaudience.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
ps.eyeota.net
r.casalemedia.com
redirect.frontend.weborama.fr
rp.liadm.com
rp4.liadm.com
rtb-csync.smartadserver.com
s.ad.smaato.net
s2.adform.net
s3-eu-west-1.amazonaws.com
se.semasio.net
secure.adnxs.com
secure.funguseliminator.com
server.seadform.net
simage2.pubmatic.com
sslwidget.criteo.com
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.1dmp.io
sync.crwdcntrl.net
sync.outbrain.com
sync.teads.tv
tags.adsafety.net
tags.bluekai.com
token.rubiconproject.com
tr.outbrain.com
trc-events.taboola.com
trc.taboola.com
u.4dex.io
uipglob.semasio.net
ups.analytics.yahoo.com
visitor.omnitagjs.com
widget.as.criteo.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
x.bidswitch.net
104.18.18.126
104.18.19.126
104.90.104.26
104.90.105.191
104.92.72.137
13.224.194.49
13.225.78.117
13.248.155.138
13.248.245.213
139.162.147.254
141.226.228.48
141.95.98.71
142.250.186.98
151.101.193.44
159.89.239.100
172.217.16.198
178.250.0.147
178.250.0.157
178.250.0.163
178.250.2.151
18.156.126.13
18.185.150.140
18.193.237.214
18.195.155.181
18.198.126.47
18.66.92.98
182.161.74.16
185.255.84.153
185.33.220.244
185.33.221.11
185.64.189.110
185.86.139.106
193.135.9.114
23.35.228.210
23.35.237.56
23.35.237.86
2600:1f18:730:b110:af35:be39:7aa6:3548
2600:9000:20eb:9a00:8:8845:1500:93a1
2600:9000:224a:9000:1b:5138:8a40:93a1
2620:1ec:c11::200
2a00:1288:80:807::1
2a00:1450:4001:806::2002
2a00:1450:4001:808::2004
2a00:1450:4001:810::200e
2a00:1450:4001:813::2008
2a00:1450:4001:82a::2003
2a00:1450:400c:c02::9a
2a02:2638::1c
2a03:2880:f02d:12:face:b00c:0:3
3.125.70.222
3.126.56.137
3.66.244.147
3.72.114.165
34.149.40.38
34.199.197.121
34.230.119.25
34.249.162.61
34.249.170.53
35.190.24.218
35.227.248.159
35.244.159.8
35.244.174.68
35.71.131.137
37.157.2.234
37.157.4.28
37.157.4.40
37.157.5.71
46.19.11.36
51.222.80.231
51.77.65.169
52.218.56.203
52.49.145.37
52.50.52.140
52.59.103.170
52.59.31.58
54.77.200.44
54.78.254.47
63.34.67.128
69.169.85.6
69.173.144.139
69.173.144.165
70.42.32.191
77.243.60.138
78.46.100.125
85.114.159.118
96.16.132.239
080e8f310f682543d9da75ee514175a129f51ddb9a6b7225a3d42a7092d8236b
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0fcff9391b8f4560e9bc64c28dcd9101f66de7b93676ea8cc254980567f663db
114a6d946bf5c3de71c97b363876b61c865289c58755c4e80d5a3d3a2515b58d
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
28372e451b595f06bdad50d39c5c263fbd28e41d6ff038f0abccb14400cf0f75
28a8958e125a729dc52ca7f2b5df3a92ebb0eb2f9549ad4ef7180c6eac881612
2965d0b6cf0b93445978d796dd5c6ce3cf93368a31627dc4955a515496ecc5e2
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bc9530a625745cefce0f81bee34894459f3c616e2bf0490a164388412d88fff
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5b36d5cfb6483be8550f49a2f69186ee7bd700b1459da64937b95d471fc1c1a7
5e5c9149be229df7c934f8cd1acf1b3cc9e04e29cbbe6cbe0e2d726e79930cff
5f80e5dc07099a2be656fa31db137f0a936bf832063d0f78d17dca509cd9cbb9
64aa56a4447f9f6d432779bb0799b4c322b192fb984664cbed67f5b9271893fc
6aba1b4335fac53bc1eab7aeb9a6484fb1c2f0f6ac88b8b6ca7348f509f13773
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b620bbb313fc9b28c396f4890bfee1e0ba82ecf41e506e1ef0e495f652b34e0
7573b10466c66e9de1ae8a229abcbc963f985bcb6b1f05d6591bf3a13ceabe4f
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83db3bbe981876d41cce2ddff9a3f3eb388342c9d70a4112fd79b995dae26dd0
842c669762d07c305bdda30b288f2e306d63a3ab591c8ac5902df7bcd1911c59
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8785200400ea1f10bd11fc7632ef4eb9a89d6e230131ab2510de27a3958e06b7
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f60d1a5976f23f28211b563ed94a3664ca45d87ee45f9219dc48386050ffad8
9be2cbea2cac2b433fe9f435e605aefd185863e5ad6f2a1fd74017f602ab5ac2
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a083561b94f722dd1fbba1a09b19fd5d919fd0e08ce82c53ecd3682f8d02fbf8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1e656d74f629b1325ac5acc9fa1f72acbdb03ef4ae6f4833706298deec0050f
ad2048c068b9dab6125e354259704e0fb8904b720f7d097c1b2f0a07c935b81a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bee245a73ffeda4be11e0f5c4e6dc3e572465c3a64a93d12c0fc022966dbf11e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d128f14b581aa6261d20c46cc52c7f98f0bdd4f1cec75d3e39544e8235869e07
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d2b679aeb43fa0b40ab84a43596a6fb6248087d01ff17e0ca9be84d7d83f41fb
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df9dddd16a1f7f5204495628a5c22d893d3337e24e0fa0acded4fe876558a82a
e2fbbdf343d4ecff6f43c5903b0ba3243f30263bd7519ccec51ee935977b08e2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee94251fea8b03da5d0dc6f8489a529c1a2d2a031d874b0ec61866784e3c73c3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
efd79577f5970d0724a327b8456ac9a3fb0a71c8f80d98e163a3f9fb89774239
faf2303d75fa0de736dd422ca79a991a3fff619f03bcf13ec7b4f6df3684552c

funguseliminator.com Open in urlscan Pro 159.89.239.100 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

125 Requests

75 %HTTPS

15 %IPv6

64 Domains

92 Subdomains

67 IPs

12 Countries

1112 kBTransfer

2206 kBSize

99 Cookies

0 Outgoing links

Page URL History

Redirected requests

125 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

funguseliminator.com Open in urlscan Pro
159.89.239.100 Public Scan

Screenshot
Live screenshot

Full Image

125
Requests

75 %
HTTPS

15 %
IPv6

64
Domains

92
Subdomains

67
IPs

12
Countries

1112 kB
Transfer

2206 kB
Size

99
Cookies

125 HTTP transactions
0 data transactions