www.islegitsite.com Open in urlscan Pro
195.154.106.41 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.islegitsite.com/check/antivirussales.com/
Submission: On April 04 via manual (April 4th 2022, 10:34:55 am UTC) from JP — Scanned from FR

Summary HTTP 209 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 54 IPs in 6 countries across 32 domains to perform 209 HTTP transactions. The main IP is 195.154.106.41, located in Ivry-sur-Seine, France and belongs to Online SAS, FR. The main domain is www.islegitsite.com.
TLS certificate: Issued by R3 on March 12th 2022. Valid for: 3 months.

This is the only time www.islegitsite.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	195.154.106.41 195.154.106.41	12876 (Online SAS) (Online SAS)
4	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
8 11	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3a	20446 (STACKPATH...) (STACKPATH-CDN)
12	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2	199.232.196.134 199.232.196.134	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
22	2600:9000:219... 2600:9000:219c:5c00:6:8656:f5c0:93a1	16509 (AMAZON-02) (AMAZON-02)
8	151.101.64.134 151.101.64.134	54113 (FASTLY) (FASTLY)
7	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
4	199.232.192.64 199.232.192.64	54113 (FASTLY) (FASTLY)
7	199.232.192.134 199.232.192.134	54113 (FASTLY) (FASTLY)
20	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
2	104.102.28.254 104.102.28.254	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	99.86.7.31 99.86.7.31	16509 (AMAZON-02) (AMAZON-02)
2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638::b 2a02:2638::b	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 5	13.225.80.105 13.225.80.105	16509 (AMAZON-02) (AMAZON-02)
2 4	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.0.160 178.250.0.160	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	178.250.0.139 178.250.0.139	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.2.150 178.250.2.150	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	199.232.198.49 199.232.198.49	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
7	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
4	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2	2600:1f18:612... 2600:1f18:612b:4216:1045:b1b6:a84f:9c3b	14618 (AMAZON-AES) (AMAZON-AES)
4 4	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
2	18.195.192.101 18.195.192.101	16509 (AMAZON-02) (AMAZON-02)
1 1	2620:116:800d... 2620:116:800d:21:36a9:ecb:e518:b308	16509 (AMAZON-02) (AMAZON-02)
1 1	104.92.74.8 104.92.74.8	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.205.235.133 23.205.235.133	16625 (AKAMAI-AS) (AKAMAI-AS)
2	51.195.5.234 51.195.5.234	16276 (OVH) (OVH)
2	63.32.97.205 63.32.97.205	16509 (AMAZON-02) (AMAZON-02)
2	52.10.138.188 52.10.138.188	16509 (AMAZON-02) (AMAZON-02)
1	34.120.133.55 34.120.133.55	15169 (GOOGLE) (GOOGLE)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a04:4e42:200... 2a04:4e42:200::300	54113 (FASTLY) (FASTLY)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
209	54

3 195.154.106.41 (Ivry-sur-Seine, France)

ASN12876 (Online SAS, FR)
PTR: 195-154-106-41.rev.poneytelecom.eu

www.islegitsite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany) 8 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

t3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

t0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

t2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.196.134 (United States)

ASN54113 (FASTLY, US)

islegitsite.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2600:9000:219c:5c00:6:8656:f5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.64.134 (United States)

ASN54113 (FASTLY, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 199.232.192.64 (United States)

ASN54113 (FASTLY, US)

tempest.services.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 199.232.192.134 (United States)

ASN54113 (FASTLY, US)

referrer.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
15.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.102.28.254 (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-102-28-254.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.7.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-7-31.fra6.r.cloudfront.net

ats.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::b (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.225.80.105 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-225-80-105.fra2.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:1::13 (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 178.250.0.139 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.par.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.198.49 (United States)

ASN54113 (FASTLY, US)

a.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

f5679b1ff3988327047363fc4b049008.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
8d1c9081a8e39addda0248d786881ed6.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

am-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-vid-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:612b:4216:1045:b1b6:a84f:9c3b (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

taboola-supply-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.94.180.126 (Amsterdam, Netherlands) 4 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.192.101 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-192-101.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:36a9:ecb:e518:b308 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.92.74.8 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-74-8.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.195.5.234 (France)

ASN16276 (OVH, FR)
PTR: p36.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.32.97.205 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-97-205.eu-west-1.compute.amazonaws.com

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.10.138.188 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-10-138-188.us-west-2.compute.amazonaws.com

id.sharedid.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::300 (United States)

ASN54113 (FASTLY, US)

pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1049 trc.taboola.com — Cisco Umbrella Rank: 645 15.taboola.com — Cisco Umbrella Rank: 1847 images.taboola.com — Cisco Umbrella Rank: 1551 vidstat.taboola.com — Cisco Umbrella Rank: 1883 imprammp.taboola.com — Cisco Umbrella Rank: 12007 am-match.taboola.com — Cisco Umbrella Rank: 12278 wf.taboola.com — Cisco Umbrella Rank: 2277 am-vid-events.taboola.com — Cisco Umbrella Rank: 11590 sync-t1.taboola.com — Cisco Umbrella Rank: 1267 sync.taboola.com — Cisco Umbrella Rank: 963 trc-events.taboola.com — Cisco Umbrella Rank: 1670 pips.taboola.com — Cisco Umbrella Rank: 1727 cds.taboola.com — Cisco Umbrella Rank: 1451	713 KB
23	disquscdn.com c.disquscdn.com — Cisco Umbrella Rank: 4014 a.disquscdn.com — Cisco Umbrella Rank: 8302	967 KB
22	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 98 tpc.googlesyndication.com — Cisco Umbrella Rank: 125 f5679b1ff3988327047363fc4b049008.safeframe.googlesyndication.com 8d1c9081a8e39addda0248d786881ed6.safeframe.googlesyndication.com	243 KB
21	disqus.com islegitsite.disqus.com disqus.com — Cisco Umbrella Rank: 2785 tempest.services.disqus.com — Cisco Umbrella Rank: 12810 referrer.disqus.com — Cisco Umbrella Rank: 6142 reporting.services.disqus.com Failed	152 KB
17	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193	324 KB
15	criteo.net static.criteo.net — Cisco Umbrella Rank: 631 pix.eu.criteo.net — Cisco Umbrella Rank: 7880 csm.eu.criteo.net — Cisco Umbrella Rank: 7886	157 KB
15	google.com 8 redirects www.google.com — Cisco Umbrella Rank: 7 adservice.google.com — Cisco Umbrella Rank: 76	4 KB
12	gstatic.com t3.gstatic.com t0.gstatic.com t2.gstatic.com www.gstatic.com fonts.gstatic.com	250 KB
11	criteo.com 2 redirects rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 11668 ads.eu.criteo.com — Cisco Umbrella Rank: 7887 gum.criteo.com — Cisco Umbrella Rank: 389 mug.criteo.com — Cisco Umbrella Rank: 2685 cat.fr.eu.criteo.com — Cisco Umbrella Rank: 10325	50 KB
5	rubiconproject.com 1 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1110 eus.rubiconproject.com — Cisco Umbrella Rank: 551 token.rubiconproject.com — Cisco Umbrella Rank: 669 pixel.rubiconproject.com — Cisco Umbrella Rank: 348	11 KB
5	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 132	3 KB
5	rlcdn.com ats.rlcdn.com — Cisco Umbrella Rank: 1357 id.rlcdn.com — Cisco Umbrella Rank: 599 api.rlcdn.com — Cisco Umbrella Rank: 801	72 KB
4	spotxchange.com 4 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 515	3 KB
4	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 326	2 KB
4	google.fr adservice.google.fr — Cisco Umbrella Rank: 28668	1 KB
4	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 694	115 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 45	2 KB
3	islegitsite.com www.islegitsite.com	9 KB
2	sharedid.org id.sharedid.org — Cisco Umbrella Rank: 4767	431 B
2	crwdcntrl.net id.crwdcntrl.net — Cisco Umbrella Rank: 1694	678 B
2	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 607	1 KB
2	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 285	440 B
2	tremorhub.com taboola-supply-partners.tremorhub.com — Cisco Umbrella Rank: 3318	365 B
2	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 453	109 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 39	20 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 229	8 KB
1	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 1104	506 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 169	37 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 782	648 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 70	38 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 652	33 KB
0	alexa.com Failed traffic.alexa.com Failed
209	32

	Domain	Requested by
22	c.disquscdn.com	islegitsite.disqus.com disqus.com c.disquscdn.com www.islegitsite.com
12	pagead2.googlesyndication.com	www.islegitsite.com pagead2.googlesyndication.com www.googletagservices.com securepubads.g.doubleclick.net tpc.googlesyndication.com
11	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
11	www.google.com	8 redirects www.islegitsite.com tpc.googlesyndication.com
8	tpc.googlesyndication.com	googleads.g.doubleclick.net securepubads.g.doubleclick.net tpc.googlesyndication.com www.islegitsite.com pagead2.googlesyndication.com
8	cdn.taboola.com	www.islegitsite.com cdn.taboola.com
8	disqus.com	islegitsite.disqus.com c.disquscdn.com
7	static.criteo.net	ads.eu.criteo.com
7	referrer.disqus.com	www.islegitsite.com
6	images.taboola.com	www.islegitsite.com
6	pix.eu.criteo.net	ads.eu.criteo.com
6	securepubads.g.doubleclick.net	islegitsite.disqus.com securepubads.g.doubleclick.net
5	sb.scorecardresearch.com	1 redirects cdn.taboola.com www.islegitsite.com
5	t0.gstatic.com	www.islegitsite.com
4	sync.search.spotxchange.com	4 redirects
4	match.adsrvr.org	imprammp.taboola.com am-match.taboola.com ads.pubmatic.com
4	mug.criteo.com	www.islegitsite.com
4	gum.criteo.com	2 redirects
4	tempest.services.disqus.com	islegitsite.disqus.com
4	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
4	adservice.google.fr	pagead2.googlesyndication.com securepubads.g.doubleclick.net
4	maxcdn.bootstrapcdn.com	www.islegitsite.com maxcdn.bootstrapcdn.com
3	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	www.islegitsite.com maxcdn.bootstrapcdn.com cdnjs.cloudflare.com
3	www.islegitsite.com	www.islegitsite.com
2	id.sharedid.org	ads.pubmatic.com
2	id.crwdcntrl.net	ads.pubmatic.com
2	id5-sync.com	ads.pubmatic.com
2	eus.rubiconproject.com	am-match.taboola.com eus.rubiconproject.com
2	trc-events.taboola.com	www.islegitsite.com
2	x.bidswitch.net	imprammp.taboola.com am-match.taboola.com
2	sync-t1.taboola.com	imprammp.taboola.com am-match.taboola.com
2	taboola-supply-partners.tremorhub.com	imprammp.taboola.com am-match.taboola.com
2	csm.eu.criteo.net	ads.eu.criteo.com
2	trc.taboola.com	cdn.taboola.com
2	id.rlcdn.com	islegitsite.disqus.com
2	ats.rlcdn.com	islegitsite.disqus.com
2	ads.pubmatic.com	islegitsite.disqus.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	islegitsite.disqus.com	www.islegitsite.com islegitsite.disqus.com
2	cdnjs.cloudflare.com	www.islegitsite.com ads.eu.criteo.com
2	t3.gstatic.com	www.islegitsite.com
1	cds.taboola.com	cdn.taboola.com
1	pips.taboola.com	cdn.taboola.com
1	pixel.rubiconproject.com	eus.rubiconproject.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	api.rlcdn.com	ads.pubmatic.com
1	secure-assets.rubiconproject.com	1 redirects
1	sync.taboola.com	imprammp.taboola.com
1	cms.quantserve.com	1 redirects
1	am-vid-events.taboola.com	www.islegitsite.com
1	wf.taboola.com	vidstat.taboola.com
1	am-match.taboola.com	vidstat.taboola.com
1	imprammp.taboola.com	vidstat.taboola.com
1	vidstat.taboola.com	cdn.taboola.com
1	8d1c9081a8e39addda0248d786881ed6.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	15.taboola.com	cdn.taboola.com
1	f5679b1ff3988327047363fc4b049008.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	a.disquscdn.com	www.islegitsite.com
1	cat.fr.eu.criteo.com	ads.eu.criteo.com
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	rtb.nl.eu.criteo.com	googleads.g.doubleclick.net
1	www.googletagservices.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.gstatic.com	www.google.com
1	www.googletagmanager.com	www.islegitsite.com
1	t2.gstatic.com	www.islegitsite.com
1	code.jquery.com	www.islegitsite.com
0	reporting.services.disqus.com Failed	www.islegitsite.com
0	traffic.alexa.com Failed	www.islegitsite.com
209	70

This site contains links to these domains. Also see Links.

Domain
www.apivoid.com
www.mywot.com
badbitcoin.org
www.malwaredomains.com
www.google.com
www.spam404.com
www.spamhaus.org
www.surbl.org
threatlog.com
urlvir.com
www.alexa.com
www.trustpilot.com
www.mcafeesecure.com
www.reddit.com
www.privalicy.com

Subject Issuer	Validity	Valid
www.islegitsite.com R3	`2022-03-12` - `2022-06-10`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2020-04-20` - `2022-05-09`	2 years	crt.sh
a.disquscdn.com Amazon	`2021-10-31` - `2022-11-28`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.google.fr GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.services.disqus.com GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-01-31` - `2023-03-04`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-15` - `2022-06-13`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-19` - `2022-06-18`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-04` - `2022-05-03`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-02` - `2022-05-03`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-13` - `2022-06-09`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-03` - `2022-05-02`	3 months	crt.sh
*.disquscdn.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2022-01-03` - `2023-02-04`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.tremorhub.com Amazon	`2022-03-24` - `2023-04-22`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-17` - `2023-04-04`	a year	crt.sh
*.id5-sync.com R3	`2022-03-08` - `2022-06-06`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
id.sharedid.org Amazon	`2021-12-09` - `2023-01-06`	a year	crt.sh

This page contains 26 frames:

Primary Page: https://www.islegitsite.com/check/antivirussales.com/
Frame ID: D8343902957C3435C0A573716EB9CE5D
Requests: 57 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220330/r20190131/zrt_lookup.html
Frame ID: DAEA0365581B710D9146BD99F98660C2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2303590238526826&output=html&h=280&slotname=1433402308&adk=207406793&adf=3296512626&pi=t.ma~as.1433402308&w=728&fwrn=4&fwrnh=100&lmt=1649068489&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.islegitsite.com%2Fcheck%2Fantivirussales.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649068489568&bpp=4&bdt=388&idt=152&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&correlator=4337501463018&frm=20&pv=2&ga_vid=1338158214.1649068490&ga_sid=1649068490&ga_hid=405430596&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=612&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065972%2C31066017&oid=2&pvsid=2930153952973527&pem=212&tmod=1855725876&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=54nlcBVBSD&p=https%3A//www.islegitsite.com&dtd=170
Frame ID: 6DDCAC339A675CBEE405D9B9FCB6A69A
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2303590238526826&output=html&h=280&slotname=1433402308&adk=207406793&adf=3697944342&pi=t.ma~as.1433402308&w=728&fwrn=4&fwrnh=100&lmt=1649068489&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.islegitsite.com%2Fcheck%2Fantivirussales.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649068489572&bpp=1&bdt=392&idt=176&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280&correlator=4337501463018&frm=20&pv=1&ga_vid=1338158214.1649068490&ga_sid=1649068490&ga_hid=405430596&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=2060&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065972%2C31066017&oid=2&pvsid=2930153952973527&pem=212&tmod=1855725876&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=xxTAJ6oVM9&p=https%3A//www.islegitsite.com&dtd=181
Frame ID: 1C056798EF47D6B70B9CBC599EC90CA2
Requests: 1 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=islegitsite&t_i=228750&t_u=https%3A%2F%2Fwww.islegitsite.com%2Fcheck%2Fantivirussales.com%2F&t_d=Is%20Antivirussales.com%20Legit%20or%20Scam%3F%20%7C%20IsLegitSite&t_t=Is%20Antivirussales.com%20Legit%20or%20Scam%3F%20%7C%20IsLegitSite&s_o=default
Frame ID: DC3263DEA44D38BB633C69113CB5F48D
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2303590238526826&output=html&h=280&slotname=1433402308&adk=207406793&adf=1905706653&pi=t.ma~as.1433402308&w=728&fwrn=4&fwrnh=100&lmt=1649068489&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.islegitsite.com%2Fcheck%2Fantivirussales.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649068489575&bpp=1&bdt=395&idt=200&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280%2C728x280&correlator=4337501463018&frm=20&pv=1&ga_vid=1338158214.1649068490&ga_sid=1649068490&ga_hid=405430596&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=3549&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065972%2C31066017&oid=2&pvsid=2930153952973527&pem=212&tmod=1855725876&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=kKUfx7Svqf&p=https%3A//www.islegitsite.com&dtd=206
Frame ID: AB8333D44973C8CF42C710DF392EAD0F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2303590238526826&output=html&adk=1812271804&adf=3025194257&lmt=1649068489&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.islegitsite.com%2Fcheck%2Fantivirussales.com%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649068489591&bpp=1&bdt=411&idt=193&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280%2C728x280%2C728x280&nras=1&correlator=4337501463018&frm=20&pv=1&ga_vid=1338158214.1649068490&ga_sid=1649068490&ga_hid=405430596&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065972%2C31066017&oid=2&pvsid=2930153952973527&pem=212&tmod=1855725876&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=198
Frame ID: B82D736968CCDEFCF50724E13364D019
Requests: 1 HTTP requests in this frame

Frame: https://disqus.com/recommendations/?base=default&f=islegitsite&t_u=https%3A%2F%2Fwww.islegitsite.com%2Fcheck%2Fantivirussales.com%2F&t_d=Is%20Antivirussales.com%20Legit%20or%20Scam%3F%20%7C%20IsLegitSite&t_t=Is%20Antivirussales.com%20Legit%20or%20Scam%3F%20%7C%20IsLegitSite
Frame ID: 3EE3980BFE7702BD2DC4973559CB2BCA
Requests: 9 HTTP requests in this frame

Frame: https://reporting.services.disqus.com/_log/taboola?placement=%7B%22domain%22%3A%20%22https%3A%2F%2Fwww.islegitsite.com%22%2C%20%22experiment%22%3A%20%22network_default%22%2C%20%22position%22%3A%20%22top%22%2C%20%22shortname%22%3A%20%22islegitsite%22%2C%20%22variant%22%3A%20%22fallthrough%22%7D&is_taboola_named=true&language=en&colorscheme=light&typeface=sans-serif&variant=fallthrough&forum_id=4819311&source_url=https%3A%2F%2Fwww.islegitsite.com%2Fcheck%2Fantivirussales.com%2F&organization_id=2371240&taboola_publisher_name=disqus-network&experiment=network_default&mode=thumbnails-a&position=top&shortname=islegitsite&referrer_url=https%3A%2F%2Fwww.islegitsite.com%2F&canonical_url&1649068489941
Frame ID: B3E6508C796E67519EA0759931BE978F
Requests: 23 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/pwt/158685/2513/pwt.js
Frame ID: 24E8D16813B75F24B407950C62DF3030
Requests: 22 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkrJyQAMS_8Iu_8xAA87UJ3vuHLrgedrAknU8g&u=%7CnNurWnmJSVR2iVKvIVExOaxlBWQUEmSwYrg52hwESbk%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGephfTH5JL0zydALMisec7v4dU5de-TFyMyKuX9u2jeaiBCM7qKcRGjf6Dp0jYkhy-myq9YqrqMYv77MmyrvonhM3wT-2pUfBFCSCjycRc80c_WdD_HQW4TqU7PlJ_ybTTHrCDN7tVtUr_dtCyNUnUgFL9rY1hW4MJwaX0ff5QV8WOOxNQW1rgSzvlngH_f32y9zIVez_9D8yWAKTaW_O_nH9-kqjV7hUxPh4nm_TcaWoeCtaevq7pZ0MuYe6UuIBMqb_hRMfZ2eQibF2vLI8R6TEwNTtSbOo0IkXMGfJH4uZ35gKfEqKt_mfudlTuLBt3fYIXal_NlagiHUqfR8883RZFW6ylRAwYIgJgScFq7B5cOykj8MzJOgBB5tBe4LX4P4ArsfkR_lkFgEteXRS8IZS2euPR2N4Nb1u8QcA5RPqCN8Cy-RYRYYTybbehL4XbG&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCoarcyclKYv-XMbH-7_UP0Pa88A_JntKxXKX8k_dwwI23ARABIABg-wGCARdjYS1wdWItMjMwMzU5MDIzODUyNjgyNqAB1bbS6gPIAQmpAqCspPNdhbI-qAMBqgTiAU_QmLRGiIRGlJr-JCpG08OslX97dEkPEZQhjFOrkBD4SY1NAAU__46jDTVSU3410uTdBHxTNUegsrYvFSnww3qYOvsf5BHD4pAwhCzhieXfSBMDf5VurJXbWwBaxfdEL_2OpfcMz5gHa25rMegRIJH34vmdlmw_aHXsdgPsyso24MXBeUKZHd7sIVnq69BYZPege5iqgjrMSJKqhHrrwTCL-wKzuNGZy17q7YbkOxzCSUh0le7vwBt_CSE82jbyfcyfGlqdNSpiOItnUW0XauZRHI1NtpJ3lTBorKfcSpiF5eaABuzYra7F2fSv7QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgHAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1rX94OIWHVOy33ACUOUzYs0U7x7Q%26client%3Dca-pub-2303590238526826%26adurl%3D
Frame ID: 94A129A1B465B1313B9A9C885EF4BD0B
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2303590238526826&output=html&h=280&adk=1816755489&adf=3114342387&pi=t.aa~a.2302073625~i.3~rp.4&w=938&fwrn=4&fwrnh=100&lmt=1649068490&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2834756182&psa=1&ad_type=text_image&format=938x280&url=https%3A%2F%2Fwww.islegitsite.com%2Fcheck%2Fantivirussales.com%2F&fwr=0&pra=3&rh=200&rw=938&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649068490113&bpp=2&bdt=933&idt=-M&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De48b86984b4b0454-22322f066dcd00b2%3AT%3D1649068489%3ART%3D1649068489%3AS%3DALNI_MZBHCC3A8H9mOcqvX3DQ8V-BLsd7w&prev_fmts=728x280%2C728x280%2C728x280%2C0x0&nras=2&correlator=4337501463018&frm=20&pv=1&ga_vid=1338158214.1649068490&ga_sid=1649068490&ga_hid=405430596&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=1441&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065972%2C31066017&oid=2&pvsid=2930153952973527&pem=212&tmod=1855725876&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=FUOUjZdDq6&p=https%3A//www.islegitsite.com&dtd=29
Frame ID: 83AAF67A66C6F399CA36C85B09AEEED7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2303590238526826&output=html&h=280&adk=1816755489&adf=1230875943&pi=t.aa~a.2806030886~i.7~rp.4&w=938&fwrn=4&fwrnh=100&lmt=1649068490&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2834756182&psa=1&ad_type=text_image&format=938x280&url=https%3A%2F%2Fwww.islegitsite.com%2Fcheck%2Fantivirussales.com%2F&fwr=0&pra=3&rh=200&rw=938&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649068490113&bpp=1&bdt=933&idt=-M&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De48b86984b4b0454-22322f066dcd00b2%3AT%3D1649068489%3ART%3D1649068489%3AS%3DALNI_MZBHCC3A8H9mOcqvX3DQ8V-BLsd7w&prev_fmts=728x280%2C728x280%2C728x280%2C0x0%2C938x280&nras=3&correlator=4337501463018&frm=20&pv=1&ga_vid=1338158214.1649068490&ga_sid=1649068490&ga_hid=405430596&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=2684&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065972%2C31066017&oid=2&pvsid=2930153952973527&pem=212&tmod=1855725876&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=Q3cj64jmaN&p=https%3A//www.islegitsite.com&dtd=33
Frame ID: A821A8E8F8F5A6845C7F735333F3BE11
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2303590238526826&output=html&h=280&adk=1816755489&adf=2939543314&pi=t.aa~a.3921975827~i.9~rp.4&w=938&fwrn=4&fwrnh=100&lmt=1649068490&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2834756182&psa=1&ad_type=text_image&format=938x280&url=https%3A%2F%2Fwww.islegitsite.com%2Fcheck%2Fantivirussales.com%2F&fwr=0&pra=3&rh=200&rw=938&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649068490113&bpp=1&bdt=933&idt=-M&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De48b86984b4b0454-22322f066dcd00b2%3AT%3D1649068489%3ART%3D1649068489%3AS%3DALNI_MZBHCC3A8H9mOcqvX3DQ8V-BLsd7w&prev_fmts=728x280%2C728x280%2C728x280%2C0x0%2C938x280%2C938x280&nras=4&correlator=4337501463018&frm=20&pv=1&ga_vid=1338158214.1649068490&ga_sid=1649068490&ga_hid=405430596&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=3359&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065972%2C31066017&oid=2&pvsid=2930153952973527&pem=212&tmod=1855725876&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=0NDK6Qoivx&p=https%3A//www.islegitsite.com&dtd=38
Frame ID: C7DD4C37205291F975DC69C8E8B50CCB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2303590238526826&output=html&h=280&adk=1816755489&adf=2737652629&pi=t.aa~a.3921975827~i.11~rp.4&w=938&fwrn=4&fwrnh=100&lmt=1649068490&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2834756182&psa=1&ad_type=text_image&format=938x280&url=https%3A%2F%2Fwww.islegitsite.com%2Fcheck%2Fantivirussales.com%2F&fwr=0&pra=3&rh=200&rw=938&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649068490113&bpp=1&bdt=933&idt=-M&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De48b86984b4b0454-22322f066dcd00b2%3AT%3D1649068489%3ART%3D1649068489%3AS%3DALNI_MZBHCC3A8H9mOcqvX3DQ8V-BLsd7w&prev_fmts=728x280%2C728x280%2C728x280%2C0x0%2C938x280%2C938x280%2C938x280&nras=5&correlator=4337501463018&frm=20&pv=1&ga_vid=1338158214.1649068490&ga_sid=1649068490&ga_hid=405430596&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=3674&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065972%2C31066017&oid=2&pvsid=2930153952973527&pem=212&tmod=1855725876&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=6&fsb=1&xpc=om9wvPTb6q&p=https%3A//www.islegitsite.com&dtd=41
Frame ID: F80D68BD7C69E74522CA9B4D5C0EF072
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2303590238526826&output=html&h=90&adk=3715568144&adf=3449663321&pi=t.aa~a.368216207~rp.1&w=938&fwrn=4&fwrnh=100&lmt=1649068490&rafmt=1&to=qs&pwprc=2834756182&psa=1&format=938x90&url=https%3A%2F%2Fwww.islegitsite.com%2Fcheck%2Fantivirussales.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649068490113&bpp=1&bdt=933&idt=1&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De48b86984b4b0454-22322f066dcd00b2%3AT%3D1649068489%3ART%3D1649068489%3AS%3DALNI_MZBHCC3A8H9mOcqvX3DQ8V-BLsd7w&prev_fmts=728x280%2C728x280%2C728x280%2C0x0%2C938x280%2C938x280%2C938x280%2C938x280&nras=6&correlator=4337501463018&frm=20&pv=1&ga_vid=1338158214.1649068490&ga_sid=1649068490&ga_hid=405430596&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=1757&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065972%2C31066017&oid=2&pvsid=2930153952973527&pem=212&tmod=1855725876&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=7&fsb=1&xpc=BetFwvV6Sj&p=https%3A//www.islegitsite.com&dtd=44
Frame ID: E77D6EB1D1EA8F3E8B0687D96C33149C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/pwt/158685/2513/pwt.js
Frame ID: 9C7718015547E33329F424BA07DFE523
Requests: 17 HTTP requests in this frame

Frame: https://f5679b1ff3988327047363fc4b049008.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 1F37FDB47EF2336339AD505417923E6F
Requests: 1 HTTP requests in this frame

Frame: https://8d1c9081a8e39addda0248d786881ed6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: F9BFC95AECC931CC0A2C0F029A9E06B5
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8061395&crid=4826575&dast=V7HDgCFgOnZMTWIYfa2ASnZMTWIYfa2AUAAAAGBuIHHMObTWYbymJCWW4Gg-FotlyMVsPdYrIYDYawMbzZZLahLCaU5WYwGI5mw81oMlltJrvNFAIn9yLyux1Ou0U6kAhNp8Pnutfrfr-70nN2-Zymz9P0smv8botYIFEZDy_L0-2ymy7SgUTuMv3-lq-_5LI5XGfTRSyQCP6ep-npt1ukA4nob7iIBRLN0W853R1ul0U6kCg9Z5fPafo8TS-LWCCRPSxPh910kQ4kMofZbDpa_q6f0aJ-Qw2aTofPda_X_X53pefs8jlNn6fpZdf43X6N0eXx-hV209P2tLw-n4fZ5blr_G6_HAAAAAAeAJJKnyF-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAAKUo80AJI4DuTvujicxn8AADw8gAAACGCQAAy4NZUAlHAtnAAAAAAAAAAAsPz____HAOwFTMsAXACO9QA8-AA8EBUwFzECAAAAKNkhPTua1AmVRRUAAEG6FcAVAEDAHz0J0GkYAACAgJgWktJu49vq99gCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTUhJ-TANSCkdS-wUEAFj7BQQAYFM3AIC3ALiQ40DT6fC57vW63--u9JxdPqfp8zS97Bq_2y86glYMBqsLiNkBAAAA3P3____jaSEp7Ta-rX7rgdjIuZt4PCbfcmKZjEwmw25m8uxGo5XLsHDuNoPtbY6OqMroNVv0BU7uReR3O5x2i3QgEZpOh891r9f9fnel5-zyOU2fp-ll1_jdFrFAojIeXpan22U3XaQDidxl-v0tX3_JZXO4zqaLWCAR_D1P09Nvt0gHEtHfcBELJJqj33K6O9wui3QgUXrOLp_T9HmaXhaxQCJ7WJ4Ou-kiHUhkDrPZdLT8XT-jRX2_CVuMVpPJZjmcLReTwXA0HI32NxCDwQAnYrBcTiaLyW41Wo02w91oNligQAwmSNGiwWQ1Gk0Wk-FqNFnNlovdboMUrVrNRpvBcDWbzHa71XAwXI5GOGGL0Woy2SyHs-ViMhiOhqPREGHCsPENRx7XWmUYLdai5cTilhgnk7XCsZtYZiOLw2KbuUWvj-k5Go1mpoUXBQNa9iK4SCcip-fx-ryVnrPL5zR9nqaXRSzRnCzSieyyr42cu4nHY_ItJ5bJyGQy7GYmz240WrkMC-duM9g3DBvfcORxrVWG0WItWk4sbolxMlkrHLuJZTayOCy2mVv0-pieo9FoZlr4G7PRcjAbjpaDfWM2Wg5mw9FysO8wmZ6pz9koXRt7Hpnm1nqJ_DLzQeEyWLxP1epi7I4O2t7z6FQZV8rOzmjeVoReg8Jz8Jim5Z72ceyGDMPhQeE4GBSxRHC6SCeil_F0EUskT4t0opw5ZwvXZmJyTgyLhcPhG82Ws-VqZJmZbLvNYjYRS5Smi3Si1xhdHq9fYTc9bU_L6_N5mF2eu8bvtqj_2DC7uWo5V8xGc8Vgs0oAAAAAAAAAAEuYM28CAAAAcBrIZDQcrZYLMOFYqwsMAgAAAAAAUNz4sQQ5PY_X5630nF0-p-nzNL2sDPDgtMi82TNBrNVqWQMAAAhgAwAABHDr5j2AJBrJAQ!&cmcv=&pix=undefined&cb=1649068491369&uv=3154&tms=1649068491369&abt=adh5c-1_vA!adh5c_vA!iiqd1_vB!iiqd2_vB!iiqd5_vB!lvlstst-in1_vC!lvlstst_vC!pblc_vE!rv2r_vB!spa2_vB!t45!t45!t45!t45!u2822_vA!ufm!ul108542-557_vB&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=C7626C21B2930084691458712140&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: C65BFEF8D87D2FD85CC9E5CC9097D918
Requests: 6 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7HDgCFgOnZMTWIYfa2ASnZMTWIYfa2AUAAAAGBuIHHMObTWYbymJCWW4Gg-FotlyMVsPdYrIYDYawMbzZZLahLCaU5WYwGI5mw81oMlltJrvNFAIn9yLyux1Ou0U6kAhNp8Pnutfrfr-70nN2-Zymz9P0smv8botYIFEZDy_L0-2ymy7SgUTuMv3-lq-_5LI5XGfTRSyQCP6ep-npt1ukA4nob7iIBRLN0W853R1ul0U6kCg9Z5fPafo8TS-LWCCRPSxPh910kQ4kMofZbDpa_q6f0aJ-Qw2aTofPda_X_X53pefs8jlNn6fpZdf43X6N0eXx-hV209P2tLw-n4fZ5blr_G6_HAAAAAAeAJJKnyF-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAAKUo80AJI4DuTvujicxn8AADw8gAAACGCQAAy4NZUAlHAtnAAAAAAAAAAAsPz____HAOwFTMsAXACO9QA8-AA8EBUwFzECAAAAKNkhPTua1AmVRRUAAEG6FcAVAEDAHz0J0GkYAACAgJgWktJu49vq99gCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTUhJ-TANSCkdS-wUEAFj7BQQAYFM3AIC3ALiQ40DT6fC57vW63--u9JxdPqfp8zS97Bq_2y86glYMBqsLiNkBAAAA3P3____jaSEp7Ta-rX7rgdjIuZt4PCbfcmKZjEwmw25m8uxGo5XLsHDuNoPtbY6OqMroNVv0BU7uReR3O5x2i3QgEZpOh891r9f9fnel5-zyOU2fp-ll1_jdFrFAojIeXpan22U3XaQDidxl-v0tX3_JZXO4zqaLWCAR_D1P09Nvt0gHEtHfcBELJJqj33K6O9wui3QgUXrOLp_T9HmaXhaxQCJ7WJ4Ou-kiHUhkDrPZdLT8XT-jRX2_CVuMVpPJZjmcLReTwXA0HI32NxCDwQAnYrBcTiaLyW41Wo02w91oNligQAwmSNGiwWQ1Gk0Wk-FqNFnNlovdboMUrVrNRpvBcDWbzHa71XAwXI5GOGGL0Woy2SyHs-ViMhiOhqPREGHCsPENRx7XWmUYLdai5cTilhgnk7XCsZtYZiOLw2KbuUWvj-k5Go1mpoUXBQNa9iK4SCcip-fx-ryVnrPL5zR9nqaXRSzRnCzSieyyr42cu4nHY_ItJ5bJyGQy7GYmz240WrkMC-duM9g3DBvfcORxrVWG0WItWk4sbolxMlkrHLuJZTayOCy2mVv0-pieo9FoZlr4G7PRcjAbjpaDfWM2Wg5mw9FysO8wmZ6pz9koXRt7Hpnm1nqJ_DLzQeEyWLxP1epi7I4O2t7z6FQZV8rOzmjeVoReg8Jz8Jim5Z72ceyGDMPhQeE4GBSxRHC6SCeil_F0EUskT4t0opw5ZwvXZmJyTgyLhcPhG82Ws-VqZJmZbLvNYjYRS5Smi3Si1xhdHq9fYTc9bU_L6_N5mF2eu8bvtqj_2DC7uWo5V8xGc8Vgs0oAAAAAAAAAAEuYM28CAAAAcBrIZDQcrZYLMOFYqwsMAgAAAAAAUNz4sQQ5PY_X5630nF0-p-nzNL2sDPDgtMi82TNBrNVqWQMAAAhgAwAABHDr5j2AJBrJAQ!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 7C730D7531C823C20B4430ED6B73D371
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3D9C3B601EF422324BD2F5E2A42D94A1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 757163C7C64BE658A01B01EB52EB54DC
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Frame ID: 936FDDC3556EDCED4F66076721117245
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A5C8B3B0E4232527AAD900527BD05B8B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BB8C64C7B2CA1277C161652E4B4DCBF6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Is Antivirussales.com Legit or Scam? | IsLegitSite

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

209
Requests

92 %
HTTPS

48 %
IPv6

32
Domains

70
Subdomains

54
IPs

6
Countries

3319 kB
Transfer

8950 kB
Size

20
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://www.apivoid.com/api/site-trustworthiness/
Title: API

Search URL Search Domain Scan URL

URL: https://www.mywot.com/en/scorecard/antivirussales.com
Title: Check the scorecard report on WOT

Search URL Search Domain Scan URL

URL: https://www.mywot.com/en/faq/site-owners-support/review-request
Title: How do I request a site review?

Search URL Search Domain Scan URL

URL: https://badbitcoin.org/
Title: More Information

Search URL Search Domain Scan URL

URL: http://www.malwaredomains.com/
Title: More Information

Search URL Search Domain Scan URL

URL: http://www.google.com/safebrowsing/diagnostic?site=antivirussales.com
Title: More Information

Search URL Search Domain Scan URL

URL: http://www.spam404.com/apps/search?q=antivirussales.com
Title: More Information

Search URL Search Domain Scan URL

URL: http://www.spamhaus.org/query/domain/antivirussales.com
Title: More Information

Search URL Search Domain Scan URL

URL: http://www.surbl.org/surbl-analysis
Title: More Information

Search URL Search Domain Scan URL

URL: http://threatlog.com/search/antivirussales.com/domain/
Title: More Information

Search URL Search Domain Scan URL

URL: http://urlvir.com/search/antivirussales.com/domain/
Title: More Information

Search URL Search Domain Scan URL

URL: http://www.alexa.com/siteinfo/antivirussales.com
Title: according to Alexa traffic rank

Search URL Search Domain Scan URL

URL: https://www.trustpilot.com/review/antivirussales.com
Title: Check the website reviews on TrustPilot

Search URL Search Domain Scan URL

URL: https://www.mcafeesecure.com/verify?host=antivirussales.com
Title: Validate if the website is a certified site by McAfee SECURE

Search URL Search Domain Scan URL

URL: https://www.reddit.com/domain/antivirussales.com/
Title: Search for website discussions on Reddit

Search URL Search Domain Scan URL

URL: http://www.privalicy.com/privacy-policy/22994150/
Title: Privacy Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://www.google.com/s2/favicons?domain=badbitcoin.org HTTP 301
https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://badbitcoin.org&size=16

Request Chain 9

https://www.google.com/s2/favicons?domain=www.malwaredomains.com HTTP 301
https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://www.malwaredomains.com&size=16

Request Chain 10

https://www.google.com/s2/favicons?domain=developers.google.com HTTP 301
https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://developers.google.com&size=16

Request Chain 11

https://www.google.com/s2/favicons?domain=www.spam404.com HTTP 301
https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://www.spam404.com&size=16

Request Chain 12

https://www.google.com/s2/favicons?domain=www.spamhaus.org HTTP 301
https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://www.spamhaus.org&size=16

Request Chain 13

https://www.google.com/s2/favicons?domain=www.surbl.org HTTP 301
https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://www.surbl.org&size=16

Request Chain 14

https://www.google.com/s2/favicons?domain=www.threatlog.com HTTP 301
https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://www.threatlog.com&size=16

Request Chain 15

https://www.google.com/s2/favicons?domain=urlvir.com HTTP 301
https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://urlvir.com&size=16

Request Chain 88

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.islegitsite.com%2F&domain=www.islegitsite.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=95RfmXx0clRwLzI4L2VQMEJxUE5QcjkvTVBIT2NrYnVBcUprVDFRRWVJUWtpUTdyY0hCVjFMaU41WWROWWUyNm1NV1ZyczlEWU5QTktkQmdzMDJ5R29RSTg2UjZXTjBIclBBbXBMRmtRYUdYVUNEZDhQV0k1YlI1RXkrRFlnRTRjaFdyWmRLckUvUytTZWNoQlhucFVWYWp0ejBTeENtajZUemxtTjkra2pUK01qVjVCWXYwMzNPT2w5Tis4Z3M3OEVHRmlWOXlKbHNvSlJpdnV2RklIa1E5ZjVGVU1lUkRGZnJwbUx1TGhIMVN5REI2ZHFjNkNvQkdTRmlhN3BIWjVqWHpTfA&cppv=2

Request Chain 93

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.islegitsite.com%2F&domain=www.islegitsite.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=dlOmxHxsL2VJc2lLMm5ZSzFVWTgwV2Y2d2xrT0pUM0xUY1AvNG1PZ0ZWZHc3UkZMSXU4eGpYenpPcEE3MzM0bUdhcktMeTkvanloZUNlNzdIVCtJSlRiaHo1SUh1WTB0Ni9hRUk0VXk5bjJUSGlzanBna28zSDdiYUl0b3NiOHNlNldOc2Z5dFZvYnh0eVRpUWpuMCswU2JiSlprNWQrTDhRMit2YjVMai82dmgxVmNHUUdVRC9HOWVBUnE5TG9pNUpOVUR5SjA2eXg1akdqYXhlVmdKbDdPN1JrWlhZQTR6b3VFUWx3YmQzUmtTNld5RWM1Vm1MclE4T0lIbjlsdk1FU25ufA&cppv=2

Request Chain 104

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1649068490628&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fwww.islegitsite.com%2Fcheck%2Fantivirussales.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1649068490628&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fwww.islegitsite.com%2Fcheck%2Fantivirussales.com%2F&c9=

Request Chain 165

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=dc3796ec-b402-11ec-820d-1fe3cd8f0406 HTTP 302
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=dc3796b5-b402-11ec-820d-1fe3cd8f0406&orig=video&us_privacy=1---gdpr=1&

Request Chain 167

https://cms.quantserve.com/pixel/p-FyWrHAMskJyru.gif?idmatch=0&us_privacy=1---&gdpr=1&&redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fquantcastrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24UID%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
https://sync.taboola.com/sg/quantcastrtb-network/1/rtb-h/?&taboola_hm=59ympbLX8ab8ivCm44u_8eaIo_f836Cm4o3WO53M

Request Chain 170

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=dc37db40-b402-11ec-9989-1891fad20406 HTTP 302
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=dc37dafd-b402-11ec-9989-1891fad20406&orig=video&us_privacy=1---gdpr=1&

Request Chain 182

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP 301
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

209 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.islegitsite.com/check/antivirussales.com/ 22 KB
6 KB 110ms
39ms Document
text/html 195.154.106.41
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.islegitsite.com/check/antivirussales.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.154.106.41 Ivry-sur-Seine, France, ASN12876 (Online SAS, FR),

Reverse DNS

195-154-106-41.rev.poneytelecom.eu

Software

nginx /

Resource Hash

cbda9b9eeb5e949b05af1e4752614a50050aa2b64a945548f48143f4a19cea87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: fr-FR,fr;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 04 Apr 2022 10:34:49 GMT
server: nginx
strict-transport-security: max-age=63072000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootswatch/3.3.7/flatly/ 124 KB
21 KB 71ms
29ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootswatch/3.3.7/flatly/bootstrap.min.css

Requested by

Host: www.islegitsite.com
URL: https://www.islegitsite.com/check/antivirussales.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af55a28d6fd234c80ec24e4b0e4ed0447afaa156186d858cc3fd643977d825f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 10:34:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 565, 617, 617
age: 29914780
cdn-cachedat: 2021-04-23 06:49:23
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:28 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 4ff9a0f74dd711b7665ceb55a5f1773d
cf-ray: 6f6964c9da2b99ab-CDG
cdn-requestcountrycode: FR
cdn-requestpullsuccess: True

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 71ms
28ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: www.islegitsite.com
URL: https://www.islegitsite.com/check/antivirussales.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 10:34:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723, 617
age: 22670365
cdn-cachedat: 2021-07-16 02:05:22
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: fd6f36efeb8a69a6a6931679416a77d0
cf-ray: 6f6964c9da2d99ab-CDG
cdn-requestcountrycode: FR
cdn-requestpullsuccess: True

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 101ms
40ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:300,400,700

Requested by

Host: www.islegitsite.com
URL: https://www.islegitsite.com/check/antivirussales.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

52a034771e615f209e16877f12a0d203a643b125de783f95342efaa9ffb80737

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 08:40:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 04 Apr 2022 10:34:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Apr 2022 10:34:49 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
969 B 119ms
55ms Script
text/javascript 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: www.islegitsite.com
URL: https://www.islegitsite.com/check/antivirussales.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

14fa5c43301ed98f0ef1f603cd818ad1d81a18f5988e26d4883a42663efc5826

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 10:34:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 556
x-xss-protection: 1; mode=block
expires: Mon, 04 Apr 2022 10:34:49 GMT

GET
H2 200 jquery-1.11.3.min.js Show response
code.jquery.com/ 94 KB
33 KB 67ms
23ms Script
application/javascript 2001:4de0:ac18::1:a:3a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.11.3.min.js
Requested by: Host: www.islegitsite.com
URL: https://www.islegitsite.com/check/antivirussales.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 10:34:49 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-176d5"
vary: Accept-Encoding
x-hw: 1649068489.dop026.pa1.t,1649068489.cds232.pa1.hn,1649068489.cds029.pa1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 33261

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 36 KB
11 KB 69ms
28ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Host: www.islegitsite.com
URL: https://www.islegitsite.com/check/antivirussales.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 10:34:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 602
age: 3321366
cdn-cachedat: 09/26/2021 20:53:49
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver: 1.0
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 1c57f0c2fc94ef1cf256fbb4d9a5c2a2
cf-ray: 6f6964c9da2f99ab-CDG
cdn-requestcountrycode: FR
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 logo.png
www.islegitsite.com/images/ 1 KB
2 KB 18ms
18ms Image
image/png 195.154.106.41
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.islegitsite.com/images/logo.png

Requested by

Host: www.islegitsite.com
URL: https://www.islegitsite.com/check/antivirussales.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.154.106.41 Ivry-sur-Seine, France, ASN12876 (Online SAS, FR),

Reverse DNS

195-154-106-41.rev.poneytelecom.eu

Software

nginx /

Resource Hash

bc8eae918596f55f432ab6e1e7ff48834f5177646e0bf18c21f9d189b9c3458d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/check/antivirussales.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 10:34:49 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Jan 2017 23:01:08 GMT
server: nginx
etag: "5876b934-56b"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=315360000
strict-transport-security: max-age=63072000
accept-ranges: bytes
content-length: 1387
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 156 KB
53 KB 113ms
45ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.islegitsite.com
URL: https://www.islegitsite.com/check/antivirussales.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f82864929e0a4c30a4256c5b500e6aaed92699b6686fc84f1f3eecb15eb82256

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 10:34:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54206
x-xss-protection: 0
server: cafe
etag: 8202301847735947931
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 04 Apr 2022 10:34:49 GMT

GET
H2

200

faviconV2
t3.gstatic.com/
Redirect Chain

https://www.google.com/s2/favicons?domain=badbitcoin.org
https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://badbitcoin.org&size=16

913 B
2 KB

132ms
27ms

Image
image/png

2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://badbitcoin.org&size=16

Requested by

Host: www.islegitsite.com
URL: https://www.islegitsite.com/check/antivirussales.com/

Protocol

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04015d09b0e4d5446692458e86ef150aa9c4a082595c426fc75aa84a44d137bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 18:25:20 GMT
x-content-type-options: nosniff
age: 576569
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 913
x-xss-protection: 0
last-modified: Fri, 01 Feb 2019 06:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://badbitcoin.org/favicon.ico
expires: Mon, 04 Apr 2022 18:25:20 GMT

Redirect headers

date: Mon, 04 Apr 2022 10:28:33 GMT
x-content-type-options: nosniff
server: sffe
age: 376
content-type: text/html; charset=UTF-8
location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://badbitcoin.org&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 334
x-xss-protection: 0
expires: Mon, 04 Apr 2022 10:58:33 GMT

GET
H2

200

faviconV2
t0.gstatic.com/
Redirect Chain

https://www.google.com/s2/favicons?domain=www.malwaredomains.com
https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://www.malwaredomains.com&size=16

182 B
359 B

109ms
28ms

Image
image/png

2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://www.malwaredomains.com&size=16

Requested by

Host: www.islegitsite.com
URL: https://www.islegitsite.com/check/antivirussales.com/

Protocol

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9417d165564f14fc7d223274850a19cc0be3e6dbae3f1f4ad2271a8ec11a9425

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 00:56:07 GMT
x-content-type-options: nosniff
age: 34722
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 182
x-xss-protection: 0
last-modified: Sun, 22 Nov 2020 20:03:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://riskanalytics.com/wp-content/uploads/2020/07/cropped-orangeslash_small-32x32.png
expires: Mon, 11 Apr 2022 00:56:07 GMT

Redirect headers

date: Mon, 04 Apr 2022 10:06:07 GMT
x-content-type-options: nosniff
server: sffe
age: 1722
content-type: text/html; charset=UTF-8
location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://www.malwaredomains.com&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 342
x-xss-protection: 0
expires: Mon, 04 Apr 2022 10:36:07 GMT

GET
H2

200

faviconV2
t0.gstatic.com/
Redirect Chain

https://www.google.com/s2/favicons?domain=developers.google.com
https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://developers.google.com&size=16

305 B
521 B

108ms
28ms

Image
image/png

2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://developers.google.com&size=16

Requested by

Host: www.islegitsite.com
URL: https://www.islegitsite.com/check/antivirussales.com/

Protocol

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6a9f968f2660d826f86e39e5e2dd4eebc1d8c62ac3fb05551308362a26ea84a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 10:06:43 GMT
x-content-type-options: nosniff
age: 520086
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 305
x-xss-protection: 0
last-modified: Fri, 29 Mar 2019 15:41:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://www.gstatic.com/devrel-devsite/prod/v870be6fb6841f3532cd3aec5bc0b3146031642f2794ae8ba7f51ebf843a655f9/developers/images/favicon.png
expires: Tue, 05 Apr 2022 10:06:43 GMT

Redirect headers

date: Mon, 04 Apr 2022 10:26:24 GMT
x-content-type-options: nosniff
server: sffe
age: 505
content-type: text/html; charset=UTF-8
location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://developers.google.com&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 341
x-xss-protection: 0
expires: Mon, 04 Apr 2022 10:56:24 GMT

GET
H2

200

faviconV2
t2.gstatic.com/
Redirect Chain

https://www.google.com/s2/favicons?domain=www.spam404.com
https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://www.spam404.com&size=16

616 B
1 KB

105ms
25ms

Image
image/png

2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://www.spam404.com&size=16

Requested by

Host: www.islegitsite.com
URL: https://www.islegitsite.com/check/antivirussales.com/

Protocol

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94f0ba828c6a9863bd0f4ba7d7f9c24c20ae64c4bb4f40895221a4af539a72b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 18:53:07 GMT
x-content-type-options: nosniff
age: 488502
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 616
x-xss-protection: 0
last-modified: Wed, 29 Nov 2017 12:34:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://www.spam404.com/favicon.ico
expires: Tue, 05 Apr 2022 18:53:07 GMT

Redirect headers

date: Mon, 04 Apr 2022 10:28:33 GMT
x-content-type-options: nosniff
server: sffe
age: 376
content-type: text/html; charset=UTF-8
location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://www.spam404.com&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 335
x-xss-protection: 0
expires: Mon, 04 Apr 2022 10:58:33 GMT

GET
H2

200

faviconV2
t0.gstatic.com/
Redirect Chain

https://www.google.com/s2/favicons?domain=www.spamhaus.org
https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://www.spamhaus.org&size=16

193 B
336 B

107ms
28ms

Image
image/png

2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://www.spamhaus.org&size=16

Requested by

Host: www.islegitsite.com
URL: https://www.islegitsite.com/check/antivirussales.com/

Protocol

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1da88b92dba24e5bf090d31e5b66e0a0958cb60e0f582f78eb41cb4dbaf0628f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 00:15:39 GMT
x-content-type-options: nosniff
age: 296350
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 193
x-xss-protection: 0
last-modified: Wed, 29 Nov 2017 12:34:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://www.spamhaus.org/favicon.ico
expires: Fri, 08 Apr 2022 00:15:39 GMT

Redirect headers

date: Mon, 04 Apr 2022 10:22:04 GMT
x-content-type-options: nosniff
server: sffe
age: 765
content-type: text/html; charset=UTF-8
location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://www.spamhaus.org&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 336
x-xss-protection: 0
expires: Mon, 04 Apr 2022 10:52:04 GMT

GET
H2

404

faviconV2
t3.gstatic.com/
Redirect Chain

https://www.google.com/s2/favicons?domain=www.surbl.org
https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://www.surbl.org&size=16

726 B
790 B

138ms
34ms

Image
image/png

2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://www.surbl.org&size=16

Requested by

Host: www.islegitsite.com
URL: https://www.islegitsite.com/check/antivirussales.com/

Protocol

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 10:34:49 GMT
x-content-type-options: nosniff
server: sffe
content-type: image/png
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 726
x-xss-protection: 0

Redirect headers

date: Mon, 04 Apr 2022 10:28:33 GMT
x-content-type-options: nosniff
server: sffe
age: 376
content-type: text/html; charset=UTF-8
location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://www.surbl.org&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 333
x-xss-protection: 0
expires: Mon, 04 Apr 2022 10:58:33 GMT

GET
H2

200

faviconV2
t0.gstatic.com/
Redirect Chain

https://www.google.com/s2/favicons?domain=www.threatlog.com
https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://www.threatlog.com&size=16

232 B
866 B

107ms
27ms

Image
image/png

2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://www.threatlog.com&size=16

Requested by

Host: www.islegitsite.com
URL: https://www.islegitsite.com/check/antivirussales.com/

Protocol

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d7b380a8622800488ca14eb8369126d66401b5fc0c4b3de5947aadfb0c79f6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 19:54:43 GMT
x-content-type-options: nosniff
age: 312006
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 232
x-xss-protection: 0
last-modified: Mon, 03 Aug 2020 02:58:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://www.threatlog.com/favicon.ico
expires: Thu, 07 Apr 2022 19:54:43 GMT

Redirect headers

date: Mon, 04 Apr 2022 10:28:34 GMT
x-content-type-options: nosniff
server: sffe
age: 375
content-type: text/html; charset=UTF-8
location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://www.threatlog.com&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 337
x-xss-protection: 0
expires: Mon, 04 Apr 2022 10:58:34 GMT

GET
H2

404

faviconV2
t0.gstatic.com/
Redirect Chain

https://www.google.com/s2/favicons?domain=urlvir.com
https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://urlvir.com&size=16

726 B
790 B

122ms
43ms

Image
image/png

2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://urlvir.com&size=16

Requested by

Host: www.islegitsite.com
URL: https://www.islegitsite.com/check/antivirussales.com/

Protocol

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 10:34:49 GMT
x-content-type-options: nosniff
server: sffe
content-type: image/png
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 726
x-xss-protection: 0

Redirect headers

date: Mon, 04 Apr 2022 10:28:34 GMT
x-content-type-options: nosniff
server: sffe
age: 375
content-type: text/html; charset=UTF-8
location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://urlvir.com&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 330
x-xss-protection: 0
expires: Mon, 04 Apr 2022 10:58:34 GMT

GET
H2 200 https.png
www.islegitsite.com/images/ 1 KB
1 KB 21ms
18ms Image
image/png 195.154.106.41
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.islegitsite.com/images/https.png

Requested by

Host: www.islegitsite.com
URL: https://www.islegitsite.com/check/antivirussales.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.154.106.41 Ivry-sur-Seine, France, ASN12876 (Online SAS, FR),

Reverse DNS

195-154-106-41.rev.poneytelecom.eu

Software

nginx /

Resource Hash

5e7569adc42cb5a187dc0c9d075f40e6673d522111d300d76da5ad242b4b189e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/check/antivirussales.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 10:34:49 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Jan 2017 16:18:34 GMT
server: nginx
etag: "5877ac5a-4c2"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=315360000
strict-transport-security: max-age=63072000
accept-ranges: bytes
content-length: 1218
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET graph
traffic.alexa.com/ 0
0

GET
H2 200 cookiebanner.min.js Show response
cdnjs.cloudflare.com/ajax/libs/cookie-banner/1.2.1/ 8 KB
3 KB 74ms
31ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookie-banner/1.2.1/cookiebanner.min.js

Requested by

Host: www.islegitsite.com
URL: https://www.islegitsite.com/check/antivirussales.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4ab19488b0742634780edaa7caf0a4fd4923af2936f182c90de5d7e1ae9512f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 10:34:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 10585669
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2642
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-1f8f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FYMzo3uOKIWcU8tCsQ1iaxDXB8itfODmpILFw11w2A%2Fp25YiZr67r11sDskKVtG657uxWhYsAnga2%2FGRRPuh9ZJHBOwfmoYiZ%2Fc9DNStGDR2u78IziqyzZEyH592J1CC%2FCWUgncJi34kM4twoet9yCv7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6f6964ca9de53a0b-CDG
expires: Sat, 25 Mar 2023 10:34:49 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 101ms
35ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-7525666-93

Requested by

Host: www.islegitsite.com
URL: https://www.islegitsite.com/check/antivirussales.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c0fba64fac60642502e35ea201de849e61a37a5da4c2f17afee6073703bee659

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 10:34:49 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38089
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 04 Apr 2022 10:34:49 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
501 B 37ms
37ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700,400italic

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/bootswatch/3.3.7/flatly/bootstrap.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

60aea1e86c2da2b0a77f8dd41b079c32a3a53a0a7cbb1df1ca71a1adafd40e7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://maxcdn.bootstrapcdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 09:40:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 04 Apr 2022 10:34:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Apr 2022 10:34:49 GMT

GET
H2 200 recaptcha__fr.js Show response
www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/ 363 KB
144 KB 92ms
26ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/recaptcha__fr.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f70db3c1558f5fae86f87d324a7d80de86d92e68b9bb93f5a86b94d7af84beee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.islegitsite.com/
Origin: https://www.islegitsite.com
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 16:12:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 584522
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 146275
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 04:22:14 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 28 Mar 2023 16:12:47 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v26/ 46 KB
47 KB 88ms
25ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v26/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:300,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.islegitsite.com
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 18:48:55 GMT
x-content-type-options: nosniff
age: 488754
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47312
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:15:33 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 29 Mar 2023 18:48:55 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v22/ 23 KB
23 KB 116ms
53ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,400italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.islegitsite.com
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 19:30:55 GMT
x-content-type-options: nosniff
age: 399834
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:14:03 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 30 Mar 2023 19:30:55 GMT

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 63ms
41ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://www.islegitsite.com
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 10:34:49 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 602
age: 12039761
cdn-proxyver: 1.0
cdn-cachedat: 09/27/2021 18:49:47
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 7757870a5e496ca9c41db9c0307123ef
accept-ranges: bytes
cf-ray: 6f6964ca9f35998a-CDG
cdn-requestcountrycode: FR
cdn-status: 200
cdn-requestpullsuccess: True

GET
H/1.1 200
OK embed.js Show response
islegitsite.disqus.com/ 78 KB
25 KB 214ms
150ms Script
application/javascript 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://islegitsite.disqus.com/embed.js

Requested by

Host: www.islegitsite.com
URL: https://www.islegitsite.com/check/antivirussales.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

f81c71f304845e845fc404a661d994ce414493f7d16ad6d297c7efc3f37fd16a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Mon, 04 Apr 2022 10:34:49 GMT
Content-Encoding: gzip
Connection: keep-alive
Server: openresty
Age: 0
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
X-Service: router
Fastly-Original-Body-Size: 25453
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 25453
Cross-Origin-Resource-Policy: cross-origin

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 115ms
28ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-7525666-93

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1803
date: Mon, 04 Apr 2022 10:04:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 04 Apr 2022 12:04:46 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203290101/ 301 KB
108 KB 86ms
48ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203290101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2303590238526826&plah=www.islegitsite.com&bust=31065972

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3456dcf2c28fa394f88d1b63e0e305f82e6400474148883fa7b70e202676d35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 10:34:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110221
x-xss-protection: 0
server: cafe
etag: 8524262902180202612
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 04 Apr 2022 10:34:49 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220330/r20190131/ Frame DAEA 10 KB
5 KB 85ms
24ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220330/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

age: 39948
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4502
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Apr 2022 23:29:01 GMT
etag: 4044455266028820542
expires: Sun, 17 Apr 2022 23:29:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 lounge.63860eb743c7d9d2adf0fa435788abe7.css
c.disquscdn.com/next/embed/styles/ 0
26 KB 87ms
21ms Other
text/css 2600:9000:219c:5c00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.63860eb743c7d9d2adf0fa435788abe7.css

Requested by

Host: islegitsite.disqus.com
URL: https://islegitsite.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:219c:5c00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 19:26:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1177716
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 26078
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 21 Mar 2022 19:03:40 GMT
server: nginx
etag: "6238cc0c-65de"
content-type: text/css; charset=utf-8
via: 1.1 c4341fb26af0c8ea61cf721453e6bebc.cloudfront.net (CloudFront)
expires: Tue, 21 Mar 2023 19:26:13 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: CDG3-C2
timing-allow-origin: *
x-amz-cf-id: xyTQ9FH01rGEoEh-gck877C9LgttaJPsNnMsAelYHpyfSDKcD6A6Ng==
x-cache-hits: 0

GET
H2 200 common.bundle.9450cde9dd2c9d366781a8fc5ff6e933.js
c.disquscdn.com/next/embed/ 0
93 KB 101ms
35ms Other
application/javascript 2600:9000:219c:5c00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.9450cde9dd2c9d366781a8fc5ff6e933.js

Requested by

Host: islegitsite.disqus.com
URL: https://islegitsite.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:219c:5c00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 22:16:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2204277
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 94746
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 09 Mar 2022 21:55:40 GMT
server: nginx
etag: "6229225c-1721a"
content-type: application/javascript; charset=utf-8
via: 1.1 c4341fb26af0c8ea61cf721453e6bebc.cloudfront.net (CloudFront)
expires: Thu, 09 Mar 2023 22:16:52 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: CDG3-C2
timing-allow-origin: *
x-amz-cf-id: BGmElw-Ls0A2mxL3yoMK66Cy6WdvuKALhLyEO9DFiOf-LsRNiuvs7w==
x-cache-hits: 0

GET
H2 200 lounge.bundle.90614da243fa6052a038b5539f5086e5.js
c.disquscdn.com/next/embed/ 0
121 KB 124ms
59ms Other
application/javascript 2600:9000:219c:5c00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.90614da243fa6052a038b5539f5086e5.js

Requested by

Host: islegitsite.disqus.com
URL: https://islegitsite.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:219c:5c00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 19:26:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1177716
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 123045
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 21 Mar 2022 19:03:40 GMT
server: nginx
etag: "6238cc0c-1e0a5"
content-type: application/javascript; charset=utf-8
via: 1.1 c4341fb26af0c8ea61cf721453e6bebc.cloudfront.net (CloudFront)
expires: Tue, 21 Mar 2023 19:26:13 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: CDG3-C2
timing-allow-origin: *
x-amz-cf-id: BAEW0AZlN99S0U6G7qSO3CFWu0oBjydVjfD1L4RlgxsXRtxCtJRylw==
x-cache-hits: 0

GET
H/1.1 200
OK config.js
disqus.com/next/ 0
15 KB 74ms
18ms Other
application/javascript 151.101.64.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: islegitsite.disqus.com
URL: https://islegitsite.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Mon, 04 Apr 2022 10:34:49 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 38
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 14710
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK recommendations.js Show response
islegitsite.disqus.com/ 64 KB
21 KB 142ms
142ms Script
application/javascript 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://islegitsite.disqus.com/recommendations.js

Requested by

Host: islegitsite.disqus.com
URL: https://islegitsite.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

e1cc490dae0d994fb66e4f3e2daae176e6e53c11d2971ba036bee794fc053ea7

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Mon, 04 Apr 2022 10:34:49 GMT
Content-Encoding: gzip
Connection: keep-alive
Server: openresty
Age: 0
Vary: Accept-Encoding, Accept, Accept-Encoding, X-Forwarded-Proto, X-Disqus-Shortname, X-Disqus-Device, X-Disqus-Experiment, X-Disqus-Is-Private, X-Disqus-Development-Base
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: application/javascript; charset=utf-8
Cache-Control: stale-while-revalidate=60, public, stale-if-error=86400, max-age=60
X-Service: router
Fastly-Original-Body-Size: 21306
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 21306
Cross-Origin-Resource-Policy: cross-origin

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 70ms
35ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=405430596&t=pageview&_s=1&dl=https%3A%2F%2Fwww.islegitsite.com%2Fcheck%2Fantivirussales.com%2F&ul=en-us&de=UTF-8&dt=Is%20Antivirussales.com%20Legit%20or%20Scam%3F%20%7C%20IsLegitSite&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1550858364&gjid=879966432&cid=1338158214.1649068490&tid=UA-7525666-93&_gid=1982979222.1649068490&_r=1&gtm=2ou3u0&z=2133432628

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.islegitsite.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 10:34:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.islegitsite.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 219 B
648 B 122ms
37ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.islegitsite.com&callback=_gfp_s_&client=ca-pub-2303590238526826

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203290101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2303590238526826&plah=www.islegitsite.com&bust=31065972

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

ec4b11d2ac706b0b369c3e944952897f92e8b857edb5bb74f68579d02c359f07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 10:34:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 204
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
792 B 101ms
39ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=www.islegitsite.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Apr 2022 10:34:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 98ms
36ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.islegitsite.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Apr 2022 10:34:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6DDC 23 KB
10 KB 242ms
206ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2303590238526826&output=html&h=280&slotname=1433402308&adk=207406793&adf=3296512626&pi=t.ma~as.1433402308&w=728&fwrn=4&fwrnh=100&lmt=1649068489&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.islegitsite.com%2Fcheck%2Fantivirussales.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649068489568&bpp=4&bdt=388&idt=152&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&correlator=4337501463018&frm=20&pv=2&ga_vid=1338158214.1649068490&ga_sid=1649068490&ga_hid=405430596&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=612&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065972%2C31066017&oid=2&pvsid=2930153952973527&pem=212&tmod=1855725876&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=54nlcBVBSD&p=https%3A//www.islegitsite.com&dtd=170

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

73b9cf8758e9da116026fe6569b10db01fbf000eec46be37192b97260bcc9ac1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 9796
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Apr 2022 10:34:49 GMT
expires: Mon, 04 Apr 2022 10:34:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1C05 430 B
229 B 267ms
245ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2303590238526826&output=html&h=280&slotname=1433402308&adk=207406793&adf=3697944342&pi=t.ma~as.1433402308&w=728&fwrn=4&fwrnh=100&lmt=1649068489&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.islegitsite.com%2Fcheck%2Fantivirussales.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649068489572&bpp=1&bdt=392&idt=176&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280&correlator=4337501463018&frm=20&pv=1&ga_vid=1338158214.1649068490&ga_sid=1649068490&ga_hid=405430596&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=2060&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065972%2C31066017&oid=2&pvsid=2930153952973527&pem=212&tmod=1855725876&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=xxTAJ6oVM9&p=https%3A//www.islegitsite.com&dtd=181

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

77ca43cbba178e7cc9d69e2b4aa3462d6e69501f22ae8fd46bca5fc00af8ae65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 206
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Apr 2022 10:34:49 GMT
expires: Mon, 04 Apr 2022 10:34:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK / Show response
disqus.com/embed/comments/ Frame DC32 6 KB
4 KB 137ms
136ms Document
text/html 151.101.64.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/embed/comments/?base=default&f=islegitsite&t_i=228750&t_u=https%3A%2F%2Fwww.islegitsite.com%2Fcheck%2Fantivirussales.com%2F&t_d=Is%20Antivirussales.com%20Legit%20or%20Scam%3F%20%7C%20IsLegitSite&t_t=Is%20Antivirussales.com%20Legit%20or%20Scam%3F%20%7C%20IsLegitSite&s_o=default

Requested by

Host: islegitsite.disqus.com
URL: https://islegitsite.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

004ccedd2a53b06ba64606e5caf40030e51894c69e870897dc6898a6bf49c7dc

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Age: 0
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 2645
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Content-Type: text/html; charset=utf-8
Cross-Origin-Resource-Policy: cross-origin
Date: Mon, 04 Apr 2022 10:34:49 GMT
ETag: W/"lounge:view:8998374435.fcb2f58520da0733e05de735865f1ac3.2"
Fastly-Original-Body-Size: 2645
Last-Modified: Mon, 31 Jan 2022 20:20:06 GMT
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Referrer-Policy: no-referrer-when-downgrade
Server: nginx
Strict-Transport-Security: max-age=300; includeSubdomains
Timing-Allow-Origin: *
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"

GET
H/1.1 200
OK / Show response
tempest.services.disqus.com/ads-iframe/taboola/ 28 KB
10 KB 176ms
122ms XHR
text/html 199.232.192.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://tempest.services.disqus.com/ads-iframe/taboola/?position=top&shortname=islegitsite&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%2318bc9c&colorScheme=light&sourceUrl=https%3A%2F%2Fwww.islegitsite.com%2Fcheck%2Fantivirussales.com%2F&typeface=sans-serif&disqus_version=current
Requested by: Host: islegitsite.disqus.com
URL: https://islegitsite.disqus.com/embed.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.192.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty /
Resource Hash: acd36ce98f5ad63215cef51493e69fb0ef3e1bc9b4ecccddd11ed4c4a529e490

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Mon, 04 Apr 2022 10:34:49 GMT
Content-Encoding: gzip
Server: openresty
Age: 0
Vary: Accept-Encoding,
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=300
X-Service: router
Fastly-Original-Body-Size: 9431
Content-Length: 9431
Cross-Origin-Resource-Policy: cross-origin

GET
H/1.1 200
OK / Show response
tempest.services.disqus.com/ads-iframe/google/ 28 KB
10 KB 171ms
123ms XHR
text/html 199.232.192.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://tempest.services.disqus.com/ads-iframe/google/?position=bottom&shortname=islegitsite&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%2318bc9c&colorScheme=light&sourceUrl=https%3A%2F%2Fwww.islegitsite.com%2Fcheck%2Fantivirussales.com%2F&typeface=sans-serif&disqus_version=current
Requested by: Host: islegitsite.disqus.com
URL: https://islegitsite.disqus.com/embed.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.192.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty /
Resource Hash: cea5d46ac598196db57d44d8fb8aad9b5134b318e6cf8c2cb5917dd60dabe7b1

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Mon, 04 Apr 2022 10:34:49 GMT
Content-Encoding: gzip
Server: openresty
Vary: Accept-Encoding,
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private
transfer-encoding: chunked
X-Service: router
Fastly-Original-Body-Size: 0
Cross-Origin-Resource-Policy: cross-origin

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ 43 B
339 B 148ms
98ms Image
image/gif 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?imp=8cse51837nsq3d&experiment=network_default&variant=fallthrough&service=dynamic&area=top&product=embed&forum=islegitsite&zone=thread&version=31cd6fbd4797db790bc183cea2909ab5&page_url=https%3A%2F%2Fwww.islegitsite.com%2Fcheck%2Fantivirussales.com%2F&page_referrer=&object_type=provider&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&section=default&verb=call&adjective=1&forum_id=4819311

Requested by

Host: www.islegitsite.com
URL: https://www.islegitsite.com/check/antivirussales.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Mon, 04 Apr 2022 10:34:49 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ 43 B
339 B 145ms
97ms Image
image/gif 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?imp=8cse51837nsq3d&experiment=network_default&variant=fallthrough&service=dynamic&area=bottom&product=embed&forum=islegitsite&zone=thread&version=31cd6fbd4797db790bc183cea2909ab5&page_url=https%3A%2F%2Fwww.islegitsite.com%2Fcheck%2Fantivirussales.com%2F&page_referrer=&object_type=provider&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&section=default&verb=call&adjective=1&forum_id=4819311

Requested by

Host: www.islegitsite.com
URL: https://www.islegitsite.com/check/antivirussales.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Mon, 04 Apr 2022 10:34:49 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AB83 430 B
232 B 190ms
189ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2303590238526826&output=html&h=280&slotname=1433402308&adk=207406793&adf=1905706653&pi=t.ma~as.1433402308&w=728&fwrn=4&fwrnh=100&lmt=1649068489&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.islegitsite.com%2Fcheck%2Fantivirussales.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649068489575&bpp=1&bdt=395&idt=200&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280%2C728x280&correlator=4337501463018&frm=20&pv=1&ga_vid=1338158214.1649068490&ga_sid=1649068490&ga_hid=405430596&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=3549&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065972%2C31066017&oid=2&pvsid=2930153952973527&pem=212&tmod=1855725876&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=kKUfx7Svqf&p=https%3A//www.islegitsite.com&dtd=206

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

91d6c3d7a6a44528c21b0b1348c2866d960d28e1281963c7a954c07419efee9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Apr 2022 10:34:49 GMT
expires: Mon, 04 Apr 2022 10:34:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 58ms
57ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.islegitsite.com%2Fcheck%2Fantivirussales.com%2F&tn=DIV&cls=cookiebanner&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: www.islegitsite.com
URL: https://www.islegitsite.com/check/antivirussales.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 10:34:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B82D 19 KB
5 KB 255ms
254ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2303590238526826&output=html&adk=1812271804&adf=3025194257&lmt=1649068489&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.islegitsite.com%2Fcheck%2Fantivirussales.com%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649068489591&bpp=1&bdt=411&idt=193&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280%2C728x280%2C728x280&nras=1&correlator=4337501463018&frm=20&pv=1&ga_vid=1338158214.1649068490&ga_sid=1649068490&ga_hid=405430596&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065972%2C31066017&oid=2&pvsid=2930153952973527&pem=212&tmod=1855725876&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=198

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e4c10838e4d0597a5588959765e0cf065ce9e991fea6b3ee50f23b9d7eb2269b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 5035
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Apr 2022 10:34:50 GMT
expires: Mon, 04 Apr 2022 10:34:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 recommendations.10022a97346f1c6e3798931bbd8e4bb5.css
c.disquscdn.com/next/recommendations/styles/ 0
3 KB 21ms
19ms Other
text/css 2600:9000:219c:5c00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/styles/recommendations.10022a97346f1c6e3798931bbd8e4bb5.css

Requested by

Host: islegitsite.disqus.com
URL: https://islegitsite.disqus.com/recommendations.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:219c:5c00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 01:57:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12127046
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 2978
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 10 Nov 2021 23:08:20 GMT
server: nginx
etag: "618c50e4-ba2"
content-type: text/css; charset=utf-8
via: 1.1 c4341fb26af0c8ea61cf721453e6bebc.cloudfront.net (CloudFront)
expires: Tue, 15 Nov 2022 01:57:23 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: CDG3-C2
timing-allow-origin: *
x-amz-cf-id: GTjB5dUbesy5S6qKnNPNqzSf2zp61jeo9lY9gGh3z_Nm4ctKLBkHBg==
x-cache-hits: 0

GET
H2 200 common.bundle.e74fcfd3f6ed52bbcd40cf72972ae6c3.js
c.disquscdn.com/next/recommendations/ 0
87 KB 22ms
20ms Other
application/javascript 2600:9000:219c:5c00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/common.bundle.e74fcfd3f6ed52bbcd40cf72972ae6c3.js

Requested by

Host: islegitsite.disqus.com
URL: https://islegitsite.disqus.com/recommendations.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:219c:5c00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 22:17:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2204255
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 88824
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 09 Mar 2022 21:55:40 GMT
server: nginx
etag: "6229225c-15af8"
content-type: application/javascript; charset=utf-8
via: 1.1 c4341fb26af0c8ea61cf721453e6bebc.cloudfront.net (CloudFront)
expires: Thu, 09 Mar 2023 22:17:13 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: CDG3-C2
timing-allow-origin: *
x-amz-cf-id: Bldt5QXjLCBh_w-3REPEHhgIf3SbJVf8Mzwef0sYLlJ0ykkvrUGTDA==
x-cache-hits: 0

GET
H2 200 recommendations.bundle.926bc472e4859a48daa346b4ba2ab4f4.js
c.disquscdn.com/next/recommendations/ 0
20 KB 25ms
24ms Other
application/javascript 2600:9000:219c:5c00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/recommendations.bundle.926bc472e4859a48daa346b4ba2ab4f4.js

Requested by

Host: islegitsite.disqus.com
URL: https://islegitsite.disqus.com/recommendations.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:219c:5c00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 20:25:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15084548
x-cache: Hit from cloudfront
content-length: 20244
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 11 Oct 2021 20:15:56 GMT
server: nginx
etag: "61649b7c-4f14"
content-type: application/javascript; charset=utf-8
via: 1.1 c4341fb26af0c8ea61cf721453e6bebc.cloudfront.net (CloudFront)
expires: Tue, 11 Oct 2022 20:25:41 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: CDG3-C2
timing-allow-origin: *
x-amz-cf-id: 4GtR4SxSSo6PFcpOUzAc1DUDBiJgoXzhrdTFXxc5yXhX9HTs8NsmNg==
x-cache-hits: 0

GET
H2 200 lounge.load.31cd6fbd4797db790bc183cea2909ab5.js Show response
c.disquscdn.com/next/embed/ Frame DC32 958 B
1 KB 56ms
18ms Script
application/javascript 2600:9000:219c:5c00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.load.31cd6fbd4797db790bc183cea2909ab5.js

Requested by

Host: disqus.com
URL: https://disqus.com/embed/comments/?base=default&f=islegitsite&t_i=228750&t_u=https%3A%2F%2Fwww.islegitsite.com%2Fcheck%2Fantivirussales.com%2F&t_d=Is%20Antivirussales.com%20Legit%20or%20Scam%3F%20%7C%20IsLegitSite&t_t=Is%20Antivirussales.com%20Legit%20or%20Scam%3F%20%7C%20IsLegitSite&s_o=default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:219c:5c00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

93f2072c521fbd53054fe2a73577cff9b62b94dac4573502aacd93625d9d52fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=islegitsite&t_i=228750&t_u=https%3A%2F%2Fwww.islegitsite.com%2Fcheck%2Fantivirussales.com%2F&t_d=Is%20Antivirussales.com%20Legit%20or%20Scam%3F%20%7C%20IsLegitSite&t_t=Is%20Antivirussales.com%20Legit%20or%20Scam%3F%20%7C%20IsLegitSite&s_o=default
Origin: https://disqus.com
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 19:26:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1177714
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 498
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 21 Mar 2022 19:03:40 GMT
server: nginx
etag: "6238cc0c-1f2"
content-type: application/javascript; charset=utf-8
via: 1.1 d30b80e15d08db34625ccde343c59236.cloudfront.net (CloudFront)
expires: Tue, 21 Mar 2023 19:26:15 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: CDG3-C2
timing-allow-origin: *
x-amz-cf-id: LhxqKZVR8WsUuprm1jE3phg8zrTGqx_8E18kTxYiRg2jobqF5LHQzg==
x-cache-hits: 0

GET
H/1.1 200
OK / Show response
disqus.com/recommendations/ Frame 3EE3 5 KB
3 KB 128ms
127ms Document
text/html 151.101.64.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/recommendations/?base=default&f=islegitsite&t_u=https%3A%2F%2Fwww.islegitsite.com%2Fcheck%2Fantivirussales.com%2F&t_d=Is%20Antivirussales.com%20Legit%20or%20Scam%3F%20%7C%20IsLegitSite&t_t=Is%20Antivirussales.com%20Legit%20or%20Scam%3F%20%7C%20IsLegitSite

Requested by

Host: islegitsite.disqus.com
URL: https://islegitsite.disqus.com/recommendations.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

f74b6b819a1fa1fc9be61d5ecf07d103b85ab9eb4f6e42b5b6ebd86fe88529be

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Age: 0
Cache-Control: stale-while-revalidate=30, no-cache, must-revalidate, stale-if-error=3600, public
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 2241
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Content-Type: text/html; charset=utf-8
Cross-Origin-Resource-Policy: cross-origin
Date: Mon, 04 Apr 2022 10:34:50 GMT
Fastly-Original-Body-Size: 0
Last-Modified: Mon, 03 May 2021 23:02:27 GMT
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Server: nginx
Strict-Transport-Security: max-age=300; includeSubdomains
Timing-Allow-Origin: *
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"

GET
H/1.1 200
OK / Show response
tempest.services.disqus.com/ads-iframe/google/ 27 KB
9 KB 152ms
127ms XHR
text/html 199.232.192.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://tempest.services.disqus.com/ads-iframe/google/?position=recommendations&shortname=islegitsite&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%2318bc9c&colorScheme=light&sourceUrl=https%3A%2F%2Fwww.islegitsite.com%2Fcheck%2Fantivirussales.com%2F&typeface=sans-serif&disqus_version=current
Requested by: Host: islegitsite.disqus.com
URL: https://islegitsite.disqus.com/recommendations.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.192.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty /
Resource Hash: 38d9fc643e046c182c6719aa7896d6ed3cf37dd25c22d0c8274891586af251ac

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Mon, 04 Apr 2022 10:34:50 GMT
Content-Encoding: gzip
Server: openresty
Vary: Accept-Encoding,
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private
transfer-encoding: chunked
X-Service: router
Fastly-Original-Body-Size: 0
Cross-Origin-Resource-Policy: cross-origin

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ 43 B
339 B 98ms
98ms Image
image/gif 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?imp=8cse56a1j6a0he&experiment=network_default&variant=fallthrough&service=dynamic&area=recommendations&product=recommendations&forum=islegitsite&zone=thread&version=9a1bc22f669e65e0fad921dc193f5254&page_url=https%3A%2F%2Fwww.islegitsite.com%2Fcheck%2Fantivirussales.com%2F&page_referrer=&object_type=provider&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&section=default&verb=call&adjective=1&forum_id=4819311

Requested by

Host: www.islegitsite.com
URL: https://www.islegitsite.com/check/antivirussales.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Mon, 04 Apr 2022 10:34:50 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET taboola
reporting.services.disqus.com/_log/ Frame B3E6 0
0

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/disqus-network/ Frame B3E6 651 KB
148 KB 69ms
30ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/disqus-network/loader.js
Requested by: Host: www.islegitsite.com
URL: https://www.islegitsite.com/check/antivirussales.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bcad1b0a71b616ecaee72f4eac6cd781d24ee330b025211feb02418609793adb

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id: 1Qr3TuBCoKVDQuRGXGfm__P0.dwk0rHp
content-encoding: gzip
etag: "982febb127c87558cbfe0ce7de95b3c9"
age: 4477
x-cache: HIT
content-length: 150785
x-amz-id-2: 4uHR2O/YmBn8Cewce6SPcyNVRwhgmKv2KQT2PKrKUA6mU2hL4tM6bmTz1ZKF6Ejd0KhvTtmqWvU=
x-served-by: cache-cdg20723-CDG
last-modified: Mon, 04 Apr 2022 09:19:06 GMT
server: AmazonS3
x-timer: S1649068490.997161,VS0,VE1
date: Mon, 04 Apr 2022 10:34:49 GMT
vary: Accept-Encoding
x-amz-request-id: 71JF6VGP7JYBE338
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 37
x-cache-hits: 1

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/158685/2513/ Frame 24E8 168 KB
55 KB 134ms
33ms Script
text/javascript 104.102.28.254
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/158685/2513/pwt.js
Requested by: Host: islegitsite.disqus.com
URL: https://islegitsite.disqus.com/embed.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.102.28.254 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-102-28-254.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: efc8c4e1d66b3a8230e712a48b2bb1df41e77b00d0c9092b6b3f5b5170cc4581

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 10:34:50 GMT
content-encoding: gzip
last-modified: Thu, 27 Jan 2022 22:46:05 GMT
server: Apache/2.2.15 (CentOS)
etag: "10a14d7-2a1b2-5d69815653e45"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=46348
accept-ranges: bytes
content-type: text/javascript
content-length: 55445
expires: Mon, 04 Apr 2022 23:27:18 GMT

GET
H2 200 ats.js Show response
ats.rlcdn.com/ Frame 24E8 109 KB
36 KB 118ms
24ms Script
application/x-javascript 99.86.7.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ats.rlcdn.com/ats.js
Requested by: Host: islegitsite.disqus.com
URL: https://islegitsite.disqus.com/embed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-31.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 72c5d10e99c6620a2561415895a84064b5b5616c2b1914602263886be4cdc229

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 01:46:46 GMT
content-encoding: br
age: 31685
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:6fbe2bf4-0d3f-4234-a84e-c584de5ecb5e
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-sha256: ae589a6335869a8948d0172dfafea0c42638763d87ea89591504c580a5c4f6c7
x-amz-meta-codebuild-content-md5: 8c7650e47b7f894f6ae5a1fc4919cee6
last-modified: Thu, 16 Dec 2021 12:45:56 GMT
server: AmazonS3
etag: W/"d7dfa2940a5d5ce3beedd8774c961dd7"
vary: Accept-Encoding
x-amz-version-id: 28x_tDvW9kJ.rWgfbdZIcgxbFDdgh9p3
via: 1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=86400
x-amz-cf-pop: FRA6-C1
content-type: application/x-javascript
x-amz-cf-id: Mwg-mpX9GBlKZ2kbRBPKMLyJMj6UGJ4yQwS0xLkMDORM3nsseGhDsg==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 24E8 83 KB
28 KB 123ms
45ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: islegitsite.disqus.com
URL: https://islegitsite.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

c70dfdb6d1ec988a3ac72b75796fc160cf9cf002ad256da1c606aa88e314008f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 10:34:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28271
x-xss-protection: 0
server: sffe
etag: "1177 / 349 of 1000 / last-modified: 1649062076"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 04 Apr 2022 10:34:50 GMT

GET
H2 200 prebid.6.13.1.js Show response
c.disquscdn.com/js/dist/ Frame 24E8 362 KB
104 KB 19ms
18ms Script
application/javascript 2600:9000:219c:5c00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/js/dist/prebid.6.13.1.js

Requested by

Host: islegitsite.disqus.com
URL: https://islegitsite.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:219c:5c00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

8f4cd813eb95d02715c30dac1d1bb4b2cb6a1c435383c380578328af3963ccb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 09:03:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2165477
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 105662
x-xss-protection: 1; mode=block
x-served-by: static-web-1
last-modified: Wed, 09 Mar 2022 21:12:16 GMT
server: nginx
etag: "62291830-19cbe"
content-type: application/javascript; charset=utf-8
via: 1.1 c4341fb26af0c8ea61cf721453e6bebc.cloudfront.net (CloudFront)
expires: Sat, 09 Apr 2022 09:03:32 GMT
cache-control: max-age=2592000
x-amz-cf-pop: CDG3-C2
x-amz-cf-id: qYsA-2O8qa9yO9k3R1Ue_24K24k7lKp3aftg8V2Beg4TPttmdag4yA==
x-cache-hits: 0

GET
H2 451 711970.gif
id.rlcdn.com/ Frame 24E8 0
0 101ms
24ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/711970.gif
Requested by: Host: islegitsite.disqus.com
URL: https://islegitsite.disqus.com/embed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

GET
H2 200 common.bundle.9450cde9dd2c9d366781a8fc5ff6e933.js Show response
c.disquscdn.com/next/embed/ Frame DC32 282 KB
93 KB 18ms
18ms Script
application/javascript 2600:9000:219c:5c00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.9450cde9dd2c9d366781a8fc5ff6e933.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.load.31cd6fbd4797db790bc183cea2909ab5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:219c:5c00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4d9e28bf1814e0986b8e5b001e2c8d55d164f9cf8ee3ddc1ccf5560fe7053b66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=islegitsite&t_i=228750&t_u=https%3A%2F%2Fwww.islegitsite.com%2Fcheck%2Fantivirussales.com%2F&t_d=Is%20Antivirussales.com%20Legit%20or%20Scam%3F%20%7C%20IsLegitSite&t_t=Is%20Antivirussales.com%20Legit%20or%20Scam%3F%20%7C%20IsLegitSite&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 22:16:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2204277
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 94746
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 09 Mar 2022 21:55:40 GMT
server: nginx
etag: "6229225c-1721a"
content-type: application/javascript; charset=utf-8
via: 1.1 c4341fb26af0c8ea61cf721453e6bebc.cloudfront.net (CloudFront)
expires: Thu, 09 Mar 2023 22:16:52 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: CDG3-C2
timing-allow-origin: *
x-amz-cf-id: I_ADNZB2iXKQOa7G4Z4xGcGGtB0Tezl3Stg8XoZLTzf_HcXiGu4GNA==
x-cache-hits: 0

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame 6DDC 2 KB
1 KB 105ms
33ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2303590238526826&output=html&h=280&slotname=1433402308&adk=207406793&adf=3296512626&pi=t.ma~as.1433402308&w=728&fwrn=4&fwrnh=100&lmt=1649068489&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.islegitsite.com%2Fcheck%2Fantivirussales.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649068489568&bpp=4&bdt=388&idt=152&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&correlator=4337501463018&frm=20&pv=2&ga_vid=1338158214.1649068490&ga_sid=1649068490&ga_hid=405430596&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=612&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065972%2C31066017&oid=2&pvsid=2930153952973527&pem=212&tmod=1855725876&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=54nlcBVBSD&p=https%3A//www.islegitsite.com&dtd=170

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 10:31:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 205
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Apr 2022 10:31:25 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6DDC 119 KB
37 KB 141ms
69ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 10:34:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36916
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1648640521462251"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Apr 2022 10:34:50 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame 6DDC 15 KB
7 KB 101ms
30ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 10:32:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 134
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Apr 2022 10:32:36 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6DDC 0
0 69ms
64ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CqtOGyclKYv-XMbH-7_UP0Pa88A_JntKxXKX8k_dwwI23ARABIABg-wGCARdjYS1wdWItMjMwMzU5MDIzODUyNjgyNqAB1bbS6gPIAQmpAqCspPNdhbI-qAMBqgTfAU_QmLRGiIRGlJr-JCpG08OslX97dEkPEZQhjFOrkBD4SY1NAAU__46jDTVSU3410uTdBHxTNUegsrYvFSnww3qYOvsf5BHD4pAwhCzhieXfSBMDf5VurJXbWwBaxfdEL_2OpfcMz5gHa25rMegRIJH34vmdlmw_aHXsdgPsyso24MXBeUKZHd7sIVnq69BYZPege5iqgjrMSJKqhHrrwTCL-wKzuNGZy17q7YbkOxzCSUh0le7vwBt_SyMdSLF94d8ghk4-5RfEwIJzW9sdRP7TqEVwEGDIixxwKQ1YWSeABuzYra7F2fSv7QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgHAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0yMzAzNTkwMjM4NTI2ODI2GAA&sigh=rD4wc3QDt40&uach_m=[UACH]&cid=CAQSGwCNIrLM8iAueGvV1G8UhYh6gsgtqdfWcXRdyhgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2303590238526826&output=html&h=280&slotname=1433402308&adk=207406793&adf=3296512626&pi=t.ma~as.1433402308&w=728&fwrn=4&fwrnh=100&lmt=1649068489&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.islegitsite.com%2Fcheck%2Fantivirussales.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649068489568&bpp=4&bdt=388&idt=152&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&correlator=4337501463018&frm=20&pv=2&ga_vid=1338158214.1649068490&ga_sid=1649068490&ga_hid=405430596&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=612&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065972%2C31066017&oid=2&pvsid=2930153952973527&pem=212&tmod=1855725876&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=54nlcBVBSD&p=https%3A//www.islegitsite.com&dtd=170
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 04 Apr 2022 10:34:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 04 Apr 2022 10:34:50 GMT

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 6DDC 0
0 97ms
23ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=UsvpEsD6RNgFmAKdg2ICAgAAAKzcx4olFU1Y4K2o3xDJyUpiyB5fQ9n_q-ftPx8AEg&wp=YkrJyQAMS_8Iu_8xAA87UJ3vuHLrgedrAknU8g

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 10:34:49 GMT
server: Kestrel
server-processing-duration-in-ticks: 148829
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 94A1 149 KB
47 KB 192ms
132ms Document
text/html 2a02:2638::b
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YkrJyQAMS_8Iu_8xAA87UJ3vuHLrgedrAknU8g&u=%7CnNurWnmJSVR2iVKvIVExOaxlBWQUEmSwYrg52hwESbk%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGephfTH5JL0zydALMisec7v4dU5de-TFyMyKuX9u2jeaiBCM7qKcRGjf6Dp0jYkhy-myq9YqrqMYv77MmyrvonhM3wT-2pUfBFCSCjycRc80c_WdD_HQW4TqU7PlJ_ybTTHrCDN7tVtUr_dtCyNUnUgFL9rY1hW4MJwaX0ff5QV8WOOxNQW1rgSzvlngH_f32y9zIVez_9D8yWAKTaW_O_nH9-kqjV7hUxPh4nm_TcaWoeCtaevq7pZ0MuYe6UuIBMqb_hRMfZ2eQibF2vLI8R6TEwNTtSbOo0IkXMGfJH4uZ35gKfEqKt_mfudlTuLBt3fYIXal_NlagiHUqfR8883RZFW6ylRAwYIgJgScFq7B5cOykj8MzJOgBB5tBe4LX4P4ArsfkR_lkFgEteXRS8IZS2euPR2N4Nb1u8QcA5RPqCN8Cy-RYRYYTybbehL4XbG&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCoarcyclKYv-XMbH-7_UP0Pa88A_JntKxXKX8k_dwwI23ARABIABg-wGCARdjYS1wdWItMjMwMzU5MDIzODUyNjgyNqAB1bbS6gPIAQmpAqCspPNdhbI-qAMBqgTiAU_QmLRGiIRGlJr-JCpG08OslX97dEkPEZQhjFOrkBD4SY1NAAU__46jDTVSU3410uTdBHxTNUegsrYvFSnww3qYOvsf5BHD4pAwhCzhieXfSBMDf5VurJXbWwBaxfdEL_2OpfcMz5gHa25rMegRIJH34vmdlmw_aHXsdgPsyso24MXBeUKZHd7sIVnq69BYZPege5iqgjrMSJKqhHrrwTCL-wKzuNGZy17q7YbkOxzCSUh0le7vwBt_CSE82jbyfcyfGlqdNSpiOItnUW0XauZRHI1NtpJ3lTBorKfcSpiF5eaABuzYra7F2fSv7QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgHAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1rX94OIWHVOy33ACUOUzYs0U7x7Q%26client%3Dca-pub-2303590238526826%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

a329e3aac300f095f55355ea6517be1ca068c463a7da45284dccac9d16ca43b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Mon, 04 Apr 2022 10:34:49 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=CUQhdbtI2hmHAvwVQEVRnRslYonfLIahv8dMDYjzxKXcxfu_O8vXioTFPjQ9AWhBrOruvxuuCJX7tvon82gndHgp_abKcFhUqh8KeOXhrGr_rRJ4Tp1Uv7VNa6LYjl7qpf_e1kaIg-CARXyrTtqxcCeKpFQhTsAIlcvY6tIdu7S8zC0Ok36n9x4gQX8ijETCRoDpiWKCFpwJ3dmcRqjp7FUCSvKG-o4Hsrh_8p1cbfDXOZjqTo5WKbiEfT3S-b-GD4U7eA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 107517577
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 lounge.63860eb743c7d9d2adf0fa435788abe7.css
c.disquscdn.com/next/embed/styles/ Frame DC32 165 KB
26 KB 19ms
18ms Stylesheet
text/css 2600:9000:219c:5c00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.63860eb743c7d9d2adf0fa435788abe7.css

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.9450cde9dd2c9d366781a8fc5ff6e933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:219c:5c00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

8784042e14531617c1aef40d7623d3dd1d0b24730721c779e0c3ae86ed03990e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=islegitsite&t_i=228750&t_u=https%3A%2F%2Fwww.islegitsite.com%2Fcheck%2Fantivirussales.com%2F&t_d=Is%20Antivirussales.com%20Legit%20or%20Scam%3F%20%7C%20IsLegitSite&t_t=Is%20Antivirussales.com%20Legit%20or%20Scam%3F%20%7C%20IsLegitSite&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 19:26:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1177717
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 26078
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 21 Mar 2022 19:03:40 GMT
server: nginx
etag: "6238cc0c-65de"
content-type: text/css; charset=utf-8
via: 1.1 c4341fb26af0c8ea61cf721453e6bebc.cloudfront.net (CloudFront)
expires: Tue, 21 Mar 2023 19:26:13 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: CDG3-C2
timing-allow-origin: *
x-amz-cf-id: 71-0UJh42b7EfLXz7YjyJtX8pXxYwYOMTjbUwo4fTzfXO-Edn2MsIQ==
x-cache-hits: 0

GET
H2 200 lounge.bundle.90614da243fa6052a038b5539f5086e5.js Show response
c.disquscdn.com/next/embed/ Frame DC32 476 KB
121 KB 21ms
21ms Script
application/javascript 2600:9000:219c:5c00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.90614da243fa6052a038b5539f5086e5.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.9450cde9dd2c9d366781a8fc5ff6e933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:219c:5c00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

8771f93d2878d5532147d7d5356893babf64c7097f2cc390e4c0c8a61ac537b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=islegitsite&t_i=228750&t_u=https%3A%2F%2Fwww.islegitsite.com%2Fcheck%2Fantivirussales.com%2F&t_d=Is%20Antivirussales.com%20Legit%20or%20Scam%3F%20%7C%20IsLegitSite&t_t=Is%20Antivirussales.com%20Legit%20or%20Scam%3F%20%7C%20IsLegitSite&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 19:26:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1177717
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 123045
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 21 Mar 2022 19:03:40 GMT
server: nginx
etag: "6238cc0c-1e0a5"
content-type: application/javascript; charset=utf-8
via: 1.1 c4341fb26af0c8ea61cf721453e6bebc.cloudfront.net (CloudFront)
expires: Tue, 21 Mar 2023 19:26:13 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: CDG3-C2
timing-allow-origin: *
x-amz-cf-id: 8Qp4n8MRAxbJesXPd8MB4LhBiePReI6iMEjj5MW5ZtZNpW3zAz_ZaA==
x-cache-hits: 0

GET
H/1.1 200
OK config.js Show response
disqus.com/next/ Frame DC32 14 KB
15 KB 22ms
20ms Script
application/javascript 151.101.64.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.9450cde9dd2c9d366781a8fc5ff6e933.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

b79e342ee881ef2ab38b3f53ff291337ace2c939dd3dc7e44cb08f56e9c1cfb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=islegitsite&t_i=228750&t_u=https%3A%2F%2Fwww.islegitsite.com%2Fcheck%2Fantivirussales.com%2F&t_d=Is%20Antivirussales.com%20Legit%20or%20Scam%3F%20%7C%20IsLegitSite&t_t=Is%20Antivirussales.com%20Legit%20or%20Scam%3F%20%7C%20IsLegitSite&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Mon, 04 Apr 2022 10:34:50 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 39
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 14710
X-XSS-Protection: 1; mode=block

GET
H2 200 recommendations.load.9a1bc22f669e65e0fad921dc193f5254.js Show response
c.disquscdn.com/next/recommendations/ Frame 3EE3 923 B
1 KB 31ms
29ms Script
application/javascript 2600:9000:219c:5c00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/recommendations.load.9a1bc22f669e65e0fad921dc193f5254.js

Requested by

Host: disqus.com
URL: https://disqus.com/recommendations/?base=default&f=islegitsite&t_u=https%3A%2F%2Fwww.islegitsite.com%2Fcheck%2Fantivirussales.com%2F&t_d=Is%20Antivirussales.com%20Legit%20or%20Scam%3F%20%7C%20IsLegitSite&t_t=Is%20Antivirussales.com%20Legit%20or%20Scam%3F%20%7C%20IsLegitSite

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:219c:5c00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

6b4b5cdef6efda6d01f2dc8d1febe3f9339b85c5055a26c6f299284929cda2ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/
Origin: https://disqus.com
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 22:17:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2204257
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 446
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 09 Mar 2022 21:55:40 GMT
server: nginx
etag: "6229225c-1be"
content-type: application/javascript; charset=utf-8
via: 1.1 d30b80e15d08db34625ccde343c59236.cloudfront.net (CloudFront)
expires: Thu, 09 Mar 2023 22:17:13 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: CDG3-C2
timing-allow-origin: *
x-amz-cf-id: vUbuPTxiQSNTE8vn_K6Slh00j698kfOUd_VTmFjtl_imU4O1GMcqsw==
x-cache-hits: 0

GET
H3 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
122 B 70ms
35ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=www.islegitsite.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Apr 2022 10:34:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 71ms
35ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.islegitsite.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Apr 2022 10:34:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 83AA 430 B
227 B 141ms
140ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2303590238526826&output=html&h=280&adk=1816755489&adf=3114342387&pi=t.aa~a.2302073625~i.3~rp.4&w=938&fwrn=4&fwrnh=100&lmt=1649068490&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2834756182&psa=1&ad_type=text_image&format=938x280&url=https%3A%2F%2Fwww.islegitsite.com%2Fcheck%2Fantivirussales.com%2F&fwr=0&pra=3&rh=200&rw=938&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649068490113&bpp=2&bdt=933&idt=-M&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De48b86984b4b0454-22322f066dcd00b2%3AT%3D1649068489%3ART%3D1649068489%3AS%3DALNI_MZBHCC3A8H9mOcqvX3DQ8V-BLsd7w&prev_fmts=728x280%2C728x280%2C728x280%2C0x0&nras=2&correlator=4337501463018&frm=20&pv=1&ga_vid=1338158214.1649068490&ga_sid=1649068490&ga_hid=405430596&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=1441&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065972%2C31066017&oid=2&pvsid=2930153952973527&pem=212&tmod=1855725876&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=FUOUjZdDq6&p=https%3A//www.islegitsite.com&dtd=29

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

56fd4e137e3077a5666e6e782949bcbcb80c60f915e8d2867b55a65c56b41e6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 207
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Apr 2022 10:34:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A821 430 B
227 B 401ms
401ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2303590238526826&output=html&h=280&adk=1816755489&adf=1230875943&pi=t.aa~a.2806030886~i.7~rp.4&w=938&fwrn=4&fwrnh=100&lmt=1649068490&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2834756182&psa=1&ad_type=text_image&format=938x280&url=https%3A%2F%2Fwww.islegitsite.com%2Fcheck%2Fantivirussales.com%2F&fwr=0&pra=3&rh=200&rw=938&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649068490113&bpp=1&bdt=933&idt=-M&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De48b86984b4b0454-22322f066dcd00b2%3AT%3D1649068489%3ART%3D1649068489%3AS%3DALNI_MZBHCC3A8H9mOcqvX3DQ8V-BLsd7w&prev_fmts=728x280%2C728x280%2C728x280%2C0x0%2C938x280&nras=3&correlator=4337501463018&frm=20&pv=1&ga_vid=1338158214.1649068490&ga_sid=1649068490&ga_hid=405430596&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=2684&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065972%2C31066017&oid=2&pvsid=2930153952973527&pem=212&tmod=1855725876&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=Q3cj64jmaN&p=https%3A//www.islegitsite.com&dtd=33

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2383dee5ba4926bc0ad87a329cb8840dcff06c0b935f9a9d2c0f65b0b9d2f724

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 207
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Apr 2022 10:34:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C7DD 430 B
225 B 400ms
400ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2303590238526826&output=html&h=280&adk=1816755489&adf=2939543314&pi=t.aa~a.3921975827~i.9~rp.4&w=938&fwrn=4&fwrnh=100&lmt=1649068490&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2834756182&psa=1&ad_type=text_image&format=938x280&url=https%3A%2F%2Fwww.islegitsite.com%2Fcheck%2Fantivirussales.com%2F&fwr=0&pra=3&rh=200&rw=938&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649068490113&bpp=1&bdt=933&idt=-M&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De48b86984b4b0454-22322f066dcd00b2%3AT%3D1649068489%3ART%3D1649068489%3AS%3DALNI_MZBHCC3A8H9mOcqvX3DQ8V-BLsd7w&prev_fmts=728x280%2C728x280%2C728x280%2C0x0%2C938x280%2C938x280&nras=4&correlator=4337501463018&frm=20&pv=1&ga_vid=1338158214.1649068490&ga_sid=1649068490&ga_hid=405430596&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=3359&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065972%2C31066017&oid=2&pvsid=2930153952973527&pem=212&tmod=1855725876&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=0NDK6Qoivx&p=https%3A//www.islegitsite.com&dtd=38

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a40ebe1c139befce5e31fd5980ff7d8b7be36d916c1b23ecd12a907670aa845d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 205
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Apr 2022 10:34:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F80D 430 B
228 B 400ms
400ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2303590238526826&output=html&h=280&adk=1816755489&adf=2737652629&pi=t.aa~a.3921975827~i.11~rp.4&w=938&fwrn=4&fwrnh=100&lmt=1649068490&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2834756182&psa=1&ad_type=text_image&format=938x280&url=https%3A%2F%2Fwww.islegitsite.com%2Fcheck%2Fantivirussales.com%2F&fwr=0&pra=3&rh=200&rw=938&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649068490113&bpp=1&bdt=933&idt=-M&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De48b86984b4b0454-22322f066dcd00b2%3AT%3D1649068489%3ART%3D1649068489%3AS%3DALNI_MZBHCC3A8H9mOcqvX3DQ8V-BLsd7w&prev_fmts=728x280%2C728x280%2C728x280%2C0x0%2C938x280%2C938x280%2C938x280&nras=5&correlator=4337501463018&frm=20&pv=1&ga_vid=1338158214.1649068490&ga_sid=1649068490&ga_hid=405430596&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=3674&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065972%2C31066017&oid=2&pvsid=2930153952973527&pem=212&tmod=1855725876&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=6&fsb=1&xpc=om9wvPTb6q&p=https%3A//www.islegitsite.com&dtd=41

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26f20bdfc8d519454369f071d7de1ca5289331f5fb7840eed6f34fe3ad819691

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 208
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Apr 2022 10:34:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E77D 430 B
227 B 156ms
156ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2303590238526826&output=html&h=90&adk=3715568144&adf=3449663321&pi=t.aa~a.368216207~rp.1&w=938&fwrn=4&fwrnh=100&lmt=1649068490&rafmt=1&to=qs&pwprc=2834756182&psa=1&format=938x90&url=https%3A%2F%2Fwww.islegitsite.com%2Fcheck%2Fantivirussales.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649068490113&bpp=1&bdt=933&idt=1&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De48b86984b4b0454-22322f066dcd00b2%3AT%3D1649068489%3ART%3D1649068489%3AS%3DALNI_MZBHCC3A8H9mOcqvX3DQ8V-BLsd7w&prev_fmts=728x280%2C728x280%2C728x280%2C0x0%2C938x280%2C938x280%2C938x280%2C938x280&nras=6&correlator=4337501463018&frm=20&pv=1&ga_vid=1338158214.1649068490&ga_sid=1649068490&ga_hid=405430596&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=1757&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065972%2C31066017&oid=2&pvsid=2930153952973527&pem=212&tmod=1855725876&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=7&fsb=1&xpc=BetFwvV6Sj&p=https%3A//www.islegitsite.com&dtd=44

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de1743f71f7f1eaf26cc4e2215caa6dc68528b02198a7175e79aca316dec6058

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 207
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Apr 2022 10:34:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/158685/2513/ Frame 9C77 168 KB
55 KB 36ms
34ms Script
text/javascript 104.102.28.254
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/158685/2513/pwt.js
Requested by: Host: islegitsite.disqus.com
URL: https://islegitsite.disqus.com/recommendations.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.102.28.254 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-102-28-254.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: efc8c4e1d66b3a8230e712a48b2bb1df41e77b00d0c9092b6b3f5b5170cc4581

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 10:34:50 GMT
content-encoding: gzip
last-modified: Thu, 27 Jan 2022 22:46:05 GMT
server: Apache/2.2.15 (CentOS)
etag: "10a14d7-2a1b2-5d69815653e45"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=46348
accept-ranges: bytes
content-type: text/javascript
content-length: 55445
expires: Mon, 04 Apr 2022 23:27:18 GMT

GET
H2 200 ats.js Show response
ats.rlcdn.com/ Frame 9C77 109 KB
36 KB 31ms
30ms Script
application/x-javascript 99.86.7.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ats.rlcdn.com/ats.js
Requested by: Host: islegitsite.disqus.com
URL: https://islegitsite.disqus.com/recommendations.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-31.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 72c5d10e99c6620a2561415895a84064b5b5616c2b1914602263886be4cdc229

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 01:46:46 GMT
content-encoding: br
age: 31685
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:6fbe2bf4-0d3f-4234-a84e-c584de5ecb5e
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-sha256: ae589a6335869a8948d0172dfafea0c42638763d87ea89591504c580a5c4f6c7
x-amz-meta-codebuild-content-md5: 8c7650e47b7f894f6ae5a1fc4919cee6
last-modified: Thu, 16 Dec 2021 12:45:56 GMT
server: AmazonS3
etag: W/"d7dfa2940a5d5ce3beedd8774c961dd7"
vary: Accept-Encoding
x-amz-version-id: 28x_tDvW9kJ.rWgfbdZIcgxbFDdgh9p3
via: 1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=86400
x-amz-cf-pop: FRA6-C1
content-type: application/x-javascript
x-amz-cf-id: kyjVM2rsXckcGOw3PLofCUpbc56tA5RvXJa_Fyh7jTqMIMryfom5uQ==

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 9C77 83 KB
28 KB 78ms
42ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: islegitsite.disqus.com
URL: https://islegitsite.disqus.com/recommendations.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

0e047862ca77c17ae503afa7a789b61d3566420a65d8d92f68f2f57354ec4b63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 10:34:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28206
x-xss-protection: 0
server: sffe
etag: "1177 / 55 of 1000 / last-modified: 1649061980"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 04 Apr 2022 10:34:50 GMT

GET
H2 200 prebid.6.13.1.js Show response
c.disquscdn.com/js/dist/ Frame 9C77 362 KB
104 KB 30ms
29ms Script
application/javascript 2600:9000:219c:5c00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/js/dist/prebid.6.13.1.js

Requested by

Host: islegitsite.disqus.com
URL: https://islegitsite.disqus.com/recommendations.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:219c:5c00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

8f4cd813eb95d02715c30dac1d1bb4b2cb6a1c435383c380578328af3963ccb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 09:03:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2165478
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 105662
x-xss-protection: 1; mode=block
x-served-by: static-web-1
last-modified: Wed, 09 Mar 2022 21:12:16 GMT
server: nginx
etag: "62291830-19cbe"
content-type: application/javascript; charset=utf-8
via: 1.1 c4341fb26af0c8ea61cf721453e6bebc.cloudfront.net (CloudFront)
expires: Sat, 09 Apr 2022 09:03:32 GMT
cache-control: max-age=2592000
x-amz-cf-pop: CDG3-C2
x-amz-cf-id: gSyAERwx8CR1yMa8jFvV6TIdodVni8oLzurPsBylFC6QHG_GOgkW4g==
x-cache-hits: 0

GET
H2 451 711970.gif
id.rlcdn.com/ Frame 9C77 0
0 31ms
31ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/711970.gif
Requested by: Host: islegitsite.disqus.com
URL: https://islegitsite.disqus.com/recommendations.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

GET
H2 200 impl.20220404-2-RELEASE.es5.js Show response
cdn.taboola.com/libtrc/ Frame B3E6 698 KB
134 KB 27ms
19ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20220404-2-RELEASE.es5.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 8db980d4051813f15c254961f906f82c8c6f504a474bb8c1f231699500d8fde5

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id: 4cnS7gR9j02x.bPwbg4qwh30Bc8FxoIz
content-encoding: br
etag: "e5e3632d4c73ed0abb4961cecace58ff"
age: 6464
x-cache: HIT
content-length: 137189
x-amz-id-2: iEoVok+z1Dg7ZRuToEd8Pf4XFylebxf/sTUK9m+DutnkYXAEL26Iy9VgP1BBnkUxOvPt4zCC9p4=
x-served-by: cache-cdg20723-CDG
last-modified: Mon, 04 Apr 2022 08:46:21 GMT
server: AmazonS3-br
x-timer: S1649068490.212956,VS0,VE0
date: Mon, 04 Apr 2022 10:34:50 GMT
vary: Accept-Encoding
x-amz-request-id: E9J6E3HC9182ER9V
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 13
x-cache-hits: 1214

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ Frame B3E6 1 KB
1 KB 90ms
23ms Script
application/javascript 13.225.80.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.80.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-80-105.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 02:43:44 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 29583
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: sLCHpsY5zAtzU3MmienBC0qI1iuuPQJt_3xwZ_eLBTPgQbeo4GAGQQ==

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 63ms
21ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.islegitsite.com%2F&domain=www.islegitsite.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.islegitsite.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.islegitsite.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Mon, 04 Apr 2022 10:34:49 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1191
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame 24E8
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.islegitsite.com%2F&domain=www.islegitsite.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=95RfmXx0clRwLzI4L2VQMEJxUE5QcjkvTVBIT2NrYnVBcUprVDFRRWVJUWtpUTdyY0hCVjFMaU41WWROWWUyNm1NV1ZyczlEWU5QTktkQmdzMDJ5R29RSTg2UjZXTjBIclBBbXBMRmtRYUdYVUNEZDhQV0k1YlI1RXkrRF...

352 B
618 B

81ms
29ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=95RfmXx0clRwLzI4L2VQMEJxUE5QcjkvTVBIT2NrYnVBcUprVDFRRWVJUWtpUTdyY0hCVjFMaU41WWROWWUyNm1NV1ZyczlEWU5QTktkQmdzMDJ5R29RSTg2UjZXTjBIclBBbXBMRmtRYUdYVUNEZDhQV0k1YlI1RXkrRFlnRTRjaFdyWmRLckUvUytTZWNoQlhucFVWYWp0ejBTeENtajZUemxtTjkra2pUK01qVjVCWXYwMzNPT2w5Tis4Z3M3OEVHRmlWOXlKbHNvSlJpdnV2RklIa1E5ZjVGVU1lUkRGZnJwbUx1TGhIMVN5REI2ZHFjNkNvQkdTRmlhN3BIWjVqWHpTfA&cppv=2

Requested by

Host: www.islegitsite.com
URL: https://www.islegitsite.com/check/antivirussales.com/

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

40006faf8e6adc344cf3f81ae2ab716d6cf47fce43e1aeae2d61c16a8a2a2d4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 10:34:50 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2437
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 04 Apr 2022 10:34:50 GMT
location: https://mug.criteo.com/sid?cpp=95RfmXx0clRwLzI4L2VQMEJxUE5QcjkvTVBIT2NrYnVBcUprVDFRRWVJUWtpUTdyY0hCVjFMaU41WWROWWUyNm1NV1ZyczlEWU5QTktkQmdzMDJ5R29RSTg2UjZXTjBIclBBbXBMRmtRYUdYVUNEZDhQV0k1YlI1RXkrRFlnRTRjaFdyWmRLckUvUytTZWNoQlhucFVWYWp0ejBTeENtajZUemxtTjkra2pUK01qVjVCWXYwMzNPT2w5Tis4Z3M3OEVHRmlWOXlKbHNvSlJpdnV2RklIa1E5ZjVGVU1lUkRGZnJwbUx1TGhIMVN5REI2ZHFjNkNvQkdTRmlhN3BIWjVqWHpTfA&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.islegitsite.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1732
content-length: 509
expires: 0

GET
H2 200 common.bundle.e74fcfd3f6ed52bbcd40cf72972ae6c3.js Show response
c.disquscdn.com/next/recommendations/ Frame 3EE3 262 KB
87 KB 19ms
18ms Script
application/javascript 2600:9000:219c:5c00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/common.bundle.e74fcfd3f6ed52bbcd40cf72972ae6c3.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/recommendations.load.9a1bc22f669e65e0fad921dc193f5254.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:219c:5c00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

50db7c9c01c13f0814e91704229cc9aeb94294eb85d1b3d126d96a8caab7af08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 22:17:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2204256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 88824
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 09 Mar 2022 21:55:40 GMT
server: nginx
etag: "6229225c-15af8"
content-type: application/javascript; charset=utf-8
via: 1.1 c4341fb26af0c8ea61cf721453e6bebc.cloudfront.net (CloudFront)
expires: Thu, 09 Mar 2023 22:17:13 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: CDG3-C2
timing-allow-origin: *
x-amz-cf-id: Pjg1ZsexuXBcuXeZyDUKyKlvG2sDEMKKxWY8EsUgEz3GdUYACa9mNQ==
x-cache-hits: 0

GET
H3 200 pubads_impl_2022032905.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 24E8 363 KB
123 KB 26ms
25ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032905.js?cb=31066034

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

95d902d6868287832fda3e1b75149c1aefee47db33e70f2eb5663c2621eda5b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 13:59:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74125
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126411
x-xss-protection: 0
last-modified: Tue, 29 Mar 2022 19:27:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 03 Apr 2023 13:59:25 GMT

GET
H/1.1 200
OK details Show response
disqus.com/api/3.0/forums/ Frame DC32 3 KB
3 KB 126ms
126ms XHR
application/json 151.101.64.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/forums/details?forum=islegitsite&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.9450cde9dd2c9d366781a8fc5ff6e933.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

829b94339b38c07294be465ad5e7c23da8f254d2df883d0a0d025e6f61c2138e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://disqus.com/embed/comments/?base=default&f=islegitsite&t_i=228750&t_u=https%3A%2F%2Fwww.islegitsite.com%2Fcheck%2Fantivirussales.com%2F&t_d=Is%20Antivirussales.com%20Legit%20or%20Scam%3F%20%7C%20IsLegitSite&t_t=Is%20Antivirussales.com%20Legit%20or%20Scam%3F%20%7C%20IsLegitSite&s_o=default
X-Requested-With: XMLHttpRequest
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Mon, 04 Apr 2022 10:34:50 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Type: application/json
Vary: Origin, Cookie
Content-Length: 2943
X-XSS-Protection: 1; mode=block

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 22ms
21ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.islegitsite.com%2F&domain=www.islegitsite.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.islegitsite.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.islegitsite.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Mon, 04 Apr 2022 10:34:50 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1906
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame 9C77
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.islegitsite.com%2F&domain=www.islegitsite.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=dlOmxHxsL2VJc2lLMm5ZSzFVWTgwV2Y2d2xrT0pUM0xUY1AvNG1PZ0ZWZHc3UkZMSXU4eGpYenpPcEE3MzM0bUdhcktMeTkvanloZUNlNzdIVCtJSlRiaHo1SUh1WTB0Ni9hRUk0VXk5bjJUSGlzanBna28zSDdiYUl0b3...

334 B
606 B

34ms
25ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=dlOmxHxsL2VJc2lLMm5ZSzFVWTgwV2Y2d2xrT0pUM0xUY1AvNG1PZ0ZWZHc3UkZMSXU4eGpYenpPcEE3MzM0bUdhcktMeTkvanloZUNlNzdIVCtJSlRiaHo1SUh1WTB0Ni9hRUk0VXk5bjJUSGlzanBna28zSDdiYUl0b3NiOHNlNldOc2Z5dFZvYnh0eVRpUWpuMCswU2JiSlprNWQrTDhRMit2YjVMai82dmgxVmNHUUdVRC9HOWVBUnE5TG9pNUpOVUR5SjA2eXg1akdqYXhlVmdKbDdPN1JrWlhZQTR6b3VFUWx3YmQzUmtTNld5RWM1Vm1MclE4T0lIbjlsdk1FU25ufA&cppv=2

Requested by

Host: www.islegitsite.com
URL: https://www.islegitsite.com/check/antivirussales.com/

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

cc86383521e90d5fbed39d7762a4dba99b0d9a69315a54c1140db1a4dd7df712

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 10:34:50 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2210
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 04 Apr 2022 10:34:49 GMT
location: https://mug.criteo.com/sid?cpp=dlOmxHxsL2VJc2lLMm5ZSzFVWTgwV2Y2d2xrT0pUM0xUY1AvNG1PZ0ZWZHc3UkZMSXU4eGpYenpPcEE3MzM0bUdhcktMeTkvanloZUNlNzdIVCtJSlRiaHo1SUh1WTB0Ni9hRUk0VXk5bjJUSGlzanBna28zSDdiYUl0b3NiOHNlNldOc2Z5dFZvYnh0eVRpUWpuMCswU2JiSlprNWQrTDhRMit2YjVMai82dmgxVmNHUUdVRC9HOWVBUnE5TG9pNUpOVUR5SjA2eXg1akdqYXhlVmdKbDdPN1JrWlhZQTR6b3VFUWx3YmQzUmtTNld5RWM1Vm1MclE4T0lIbjlsdk1FU25ufA&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.islegitsite.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1425
content-length: 509
expires: 0

GET
DATA 200
OK truncated
/ Frame 6DDC 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5cbaf366ff2981381752ecf70b260970536bf0bbf7ec8d8e930ee1e77d4d65d8

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 94A1 2 KB
1 KB 65ms
21ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkrJyQAMS_8Iu_8xAA87UJ3vuHLrgedrAknU8g&u=%7CnNurWnmJSVR2iVKvIVExOaxlBWQUEmSwYrg52hwESbk%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGephfTH5JL0zydALMisec7v4dU5de-TFyMyKuX9u2jeaiBCM7qKcRGjf6Dp0jYkhy-myq9YqrqMYv77MmyrvonhM3wT-2pUfBFCSCjycRc80c_WdD_HQW4TqU7PlJ_ybTTHrCDN7tVtUr_dtCyNUnUgFL9rY1hW4MJwaX0ff5QV8WOOxNQW1rgSzvlngH_f32y9zIVez_9D8yWAKTaW_O_nH9-kqjV7hUxPh4nm_TcaWoeCtaevq7pZ0MuYe6UuIBMqb_hRMfZ2eQibF2vLI8R6TEwNTtSbOo0IkXMGfJH4uZ35gKfEqKt_mfudlTuLBt3fYIXal_NlagiHUqfR8883RZFW6ylRAwYIgJgScFq7B5cOykj8MzJOgBB5tBe4LX4P4ArsfkR_lkFgEteXRS8IZS2euPR2N4Nb1u8QcA5RPqCN8Cy-RYRYYTybbehL4XbG&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCoarcyclKYv-XMbH-7_UP0Pa88A_JntKxXKX8k_dwwI23ARABIABg-wGCARdjYS1wdWItMjMwMzU5MDIzODUyNjgyNqAB1bbS6gPIAQmpAqCspPNdhbI-qAMBqgTiAU_QmLRGiIRGlJr-JCpG08OslX97dEkPEZQhjFOrkBD4SY1NAAU__46jDTVSU3410uTdBHxTNUegsrYvFSnww3qYOvsf5BHD4pAwhCzhieXfSBMDf5VurJXbWwBaxfdEL_2OpfcMz5gHa25rMegRIJH34vmdlmw_aHXsdgPsyso24MXBeUKZHd7sIVnq69BYZPege5iqgjrMSJKqhHrrwTCL-wKzuNGZy17q7YbkOxzCSUh0le7vwBt_CSE82jbyfcyfGlqdNSpiOItnUW0XauZRHI1NtpJ3lTBorKfcSpiF5eaABuzYra7F2fSv7QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgHAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1rX94OIWHVOy33ACUOUzYs0U7x7Q%26client%3Dca-pub-2303590238526826%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 10:34:50 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 30 Mar 2023 10:34:50 GMT

GET
H2 200 adchoices_fr.svg
static.criteo.net/flash/icon/ Frame 94A1 2 KB
1 KB 63ms
20ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_fr.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8bc40f263d0a1fbb8421a5fe91ccb4ab7eb23b9b4c12a16e09703cd336d7cbb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 10:34:50 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-75e"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 30 Mar 2023 10:34:50 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 94A1 308 B
636 B 50ms
49ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 10:34:50 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Thu, 30 Mar 2023 10:34:50 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame 94A1 507 B
835 B 21ms
21ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 10:34:50 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Thu, 30 Mar 2023 10:34:50 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/m/delivery/ Frame 94A1 43 B
348 B 96ms
21ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=JFKGDu2AoZ4pWOjebYfrB0vYwubXr-afUqI0QRfp3qqTqdxsDsKZesTsZuPcvbm8-emWFcGX3RBeugah7-DZH4kxCWNIBdDEfDdL27q0LUM1FDkY4B8x6KHgDCUZyY-FDEQTfUYTCT5e77oDXquv3N1D5KPko4h2TdICgzLjo3vGMlJndtGlWqvaAbuWh7-kApS3kBM2ZBR4GbPhHA5bvM4uOl4kCT90QKZG7-IcdTnEomNK_ditUdox6fbMQc28_yt6bsLLDEwt4ZAUbWjxFrYKD91kdn9cbh02EtC83Loq8YCrhqWYBAVuTiWQChMvXvzFVeSLoX0TqFALsvzWGU285ssTL348qTnrUPdHHNajI0frkomTB6lpnjdLuLGeiFPpNfNijH0hMnUZ6AcyHME5zb8rQzRO6aB3xbmRgUfitt5GPaHDVdjskRQzM65e6uABng

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 10:34:50 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2659331
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 127ms
21ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Mon, 04 Apr 2022 10:34:49 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1207
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 json Show response
trc.taboola.com/disqus-islegitsite/trc/3/ Frame B3E6 15 KB
6 KB 157ms
151ms XHR
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/disqus-islegitsite/trc/3/json?tim=10%3A34%3A50.553&lti=deflated&data=%7B%22id%22%3A214%2C%22ii%22%3A%22%2Fcheck%2Fantivirussales.com%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1649063935203%2C%22vi%22%3A1649068490551%2C%22cv%22%3A%2220220404-2-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.islegitsite.com%2Fcheck%2Fantivirussales.com%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fwww.islegitsite.com%2Fcheck%2Fantivirussales.com%2F%22%2C%22vpi%22%3A%22%2Fcheck%2Fantivirussales.com%22%2C%22e%22%3A%22https%3A%2F%2Fwww.islegitsite.com%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A938%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A17%2C%22dw%22%3A938%2C%22dh%22%3A27%2C%22nsid%22%3A%22disqus-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22thumbnails-a%3Apub%3Ddisqus-network%3Aabp%3D0%22%2C%22uip%22%3A%22%7B%5C%22domain%5C%22%3A%20%5C%22https%3A%2F%2Fwww.islegitsite.com%5C%22%2C%20%5C%22experiment%5C%22%3A%20%5C%22network_default%5C%22%2C%20%5C%22position%5C%22%3A%20%5C%22top%5C%22%2C%20%5C%22shortname%5C%22%3A%20%5C%22islegitsite%5C%22%2C%20%5C%22variant%5C%22%3A%20%5C%22fallthrough%5C%22%7D%22%2C%22orig_uip%22%3A%22%7B%5C%22domain%5C%22%3A%20%5C%22https%3A%2F%2Fwww.islegitsite.com%5C%22%2C%20%5C%22experiment%5C%22%3A%20%5C%22network_default%5C%22%2C%20%5C%22position%5C%22%3A%20%5C%22top%5C%22%2C%20%5C%22shortname%5C%22%3A%20%5C%22islegitsite%5C%22%2C%20%5C%22variant%5C%22%3A%20%5C%22fallthrough%5C%22%7D%22%2C%22cd%22%3A27%2C%22mw%22%3A0%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220404-2-RELEASE.es5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b82a7f23f75b356d334dea4b0af4b2236018aeae6ee59cf410e1b0f56393ce39

Request headers

Referer: https://www.islegitsite.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 132
date: Mon, 04 Apr 2022 10:34:50 GMT
content-encoding: gzip
server: nginx
x-timer: S1649068491.570219,VS0,VE132
x-served-by: cache-cdg20723-CDG
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.islegitsite.com
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H3 200 pubads_impl_2022032106.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 9C77 364 KB
124 KB 53ms
53ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

8da979458600536726a4bfca5e105c96a405e0740c16e55a7d6cc59108706417

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 10:16:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1130
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126678
x-xss-protection: 0
last-modified: Thu, 24 Mar 2022 20:13:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 04 Apr 2023 10:16:00 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 40ms
40ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Mon, 04 Apr 2022 10:34:50 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1619
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

204

b2
sb.scorecardresearch.com/ Frame B3E6
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1649068490628&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fwww.islegitsite.com%2Fcheck%2Fantivirussales.com%2F&c9=
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1649068490628&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fwww.islegitsite.com%2Fcheck%2Fantivirussales.com%2F&c9=

0
189 B

24ms
23ms

Image
text/plain

13.225.80.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1649068490628&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fwww.islegitsite.com%2Fcheck%2Fantivirussales.com%2F&c9=
Requested by: Host: www.islegitsite.com
URL: https://www.islegitsite.com/check/antivirussales.com/
Protocol: H2
Server: 13.225.80.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-80-105.fra2.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 10:34:50 GMT
via: 1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: 1zuwmKyRfqQj4iFUSGKW5ITFPnpJB9yXIBwvCxLn9hrsElZZ0u1hAw==
x-cache: Miss from cloudfront

Redirect headers

location: /b2?c1=7&c2=34354936&c3=1&ns__t=1649068490628&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fwww.islegitsite.com%2Fcheck%2Fantivirussales.com%2F&c9=
date: Mon, 04 Apr 2022 10:34:50 GMT
via: 1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
content-length: 0
x-amz-cf-id: FFDwDVUhQDmtROh4i17ArDIeXFSsooIe25oVjgQEuyn3rJ54sImfdQ==
x-cache: Miss from cloudfront

GET
H3 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 94A1 12 KB
5 KB 166ms
28ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 10:34:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 921505
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NNRjBiOUxWWTEc2t3WRIbdsVaalkvvAe%2F18bo4xk0LABMFYdmmSqFjhGeEYcKpvq3kxIfQ8lZpWlXsGxZbvnk1AXRKewxTfATShwbMUyifz6lr0K3YvknkSHmP6XEhnXcsCADZ7vE15C9kgwVoU4%2FNlt"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6f6964d37cdb32c2-CDG
expires: Sat, 25 Mar 2023 10:34:50 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 94A1 12 KB
6 KB 23ms
20ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 10:34:50 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 30 Mar 2023 10:34:50 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 94A1 13 KB
13 KB 141ms
19ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=556&m=0&partner=65124&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F65124%2F210330%2F3b07f27409554000bfca77629d59ba32_logo_vertical_03.png&v=3&w=372&s=ftljCSGZ-xQaVJGKpjGJO5cj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

8b5abf902c157c372285a8277bd336ce30ac5efe1422a610d3b89e8024174e15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 10:34:50 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=28604814
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 13506
expires: Wed, 01 Mar 2023 12:21:45 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 94A1 8 KB
9 KB 159ms
36ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=65124&q=80&r=0&u=https%3A%2F%2Fstatic2-ecemea.acer.com%2Fmedia%2Fcatalog%2Fproduct%2F_%2Fa%2F_acer-chromebox_cxi4_premium_1000main.png&v=3&w=400&s=FAF96URe0aXnbxlQvyPu7D44&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

635fc3642d77c0ffc3368165582c4d03124eff007d5f58f6beca929f7785904a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 10:34:50 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=875506
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 8576
expires: Thu, 14 Apr 2022 13:46:37 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 94A1 31 KB
31 KB 169ms
47ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=65124&q=80&r=0&u=https%3A%2F%2Fstatic2-ecemea.acer.com%2Fmedia%2Fcatalog%2Fproduct%2F_%2Fa%2F_acer-spin-3_sp313-51n_silver_main_pen.png&v=3&w=400&s=SUfBp5zA-G2tfjklSQfMHfXZ&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

fdcf2a3e1121d4b76344ef28dcb12c51d42c5c198129d1f6d6e35a8807c25638

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 10:34:50 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=907183
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 31600
expires: Thu, 14 Apr 2022 22:34:34 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 94A1 10 KB
10 KB 179ms
57ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=65124&q=80&r=0&u=https%3A%2F%2Fstatic2-ecemea.acer.com%2Fmedia%2Fcatalog%2Fproduct%2F_%2Fa%2F_acer-travelmate-p2_tmp215-53-53g_fp-backlit_1000main.png&v=3&w=400&s=H-a2qfKsG7fUNkX4pufrxh6_&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e60b5ae2f507c6b3008250bc07ef6245df6b6bdef292c6097e130d3cd3a8340b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 10:34:50 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=78245
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 9856
expires: Tue, 05 Apr 2022 08:18:56 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 94A1 71 KB
71 KB 180ms
58ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=65124&q=80&r=0&u=https%3A%2F%2Fstatic2-ecemea.acer.com%2Fmedia%2Fcatalog%2Fproduct%2F_%2Fs%2F_sa0_sa220q_sa230_sa240ymain_um.ws0ee.a01.png&v=3&w=400&s=-OWfDJE36gv9TR92q0GB7RY-&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

4e84582f90ba63fe70f7a3274735c375af5874b4573dad7691366e6af2647e93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 10:34:50 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=193410
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 72354
expires: Wed, 06 Apr 2022 16:18:20 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 94A1 9 KB
10 KB 196ms
75ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=65124&q=80&r=0&u=https%3A%2F%2Fstatic2-ecemea.acer.com%2Fmedia%2Fcatalog%2Fproduct%2F_%2Fc%2F_chromebook-314-cb314-1h-1ht-non-sd-ps_1000main_nx.aueef.001.png&v=3&w=400&s=A6PDrsl6_O32pPP546qc7_Jx&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad57f40ddb2701133cc6638fc11e87adcc4b86d774fc85778f1c06c7bc617421

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 10:34:49 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1142243
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 9712
expires: Sun, 17 Apr 2022 15:52:14 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 94A1 0
128 B 119ms
20ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=CUQhdbtI2hmHAvwVQEVRnRslYonfLIahv8dMDYjzxKXcxfu_O8vXioTFPjQ9AWhBrOruvxuuCJX7tvon82gndHgp_abKcFhUqh8KeOXhrGr_rRJ4Tp1Uv7VNa6LYjl7qpf_e1kaIg-CARXyrTtqxcCeKpFQhTsAIlcvY6tIdu7S8zC0Ok36n9x4gQX8ijETCRoDpiWKCFpwJ3dmcRqjp7FUCSvKG-o4Hsrh_8p1cbfDXOZjqTo5WKbiEfT3S-b-GD4U7eA&sds=2&rev=81065&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 04 Apr 2022 10:34:49 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 94A1 2 KB
1 KB 20ms
20ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 10:34:50 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 30 Mar 2023 10:34:50 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 94A1 2 KB
1 KB 24ms
23ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 10:34:50 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 30 Mar 2023 10:34:50 GMT

GET
H2 200 noavatar92.png
a.disquscdn.com/1647409581/images/ Frame DC32 2 KB
2 KB 73ms
20ms Image
image/png 199.232.198.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/1647409581/images/noavatar92.png

Requested by

Host: www.islegitsite.com
URL: https://www.islegitsite.com/check/antivirussales.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.198.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=islegitsite&t_i=228750&t_u=https%3A%2F%2Fwww.islegitsite.com%2Fcheck%2Fantivirussales.com%2F&t_d=Is%20Antivirussales.com%20Legit%20or%20Scam%3F%20%7C%20IsLegitSite&t_t=Is%20Antivirussales.com%20Legit%20or%20Scam%3F%20%7C%20IsLegitSite&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 10:34:50 GMT
x-content-type-options: nosniff
fastly-original-body-size: 1644
age: 483786
cross-origin-resource-policy: cross-origin
content-length: 1644
x-xss-protection: 1; mode=block
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
server: nginx
etag: "60395f01-66c"
strict-transport-security: max-age=300; includeSubdomains
content-type: image/png
cache-control: max-age=2592000
x-amz-cf-pop: CDG3-C2
x-amz-cf-id: T7tEYPwHwKOKfklKNDuo7w1wt-RX8JtgGgSFU5XJKl2ZTZBB4wN3Fg==
expires: Thu, 28 Apr 2022 20:11:44 GMT

GET
DATA 200
OK truncated
/ Frame DC32 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 integrator.js Show response
adservice.google.fr/adsid/ Frame 24E8 107 B
122 B 38ms
37ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=www.islegitsite.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032905.js?cb=31066034

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Apr 2022 10:34:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 24E8 107 B
122 B 37ms
36ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.islegitsite.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032905.js?cb=31066034

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Apr 2022 10:34:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 24E8 0
23 B 44ms
44ms XHR
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1928952237228934&correlator=3142826009163461&eid=31065843%2C31066034%2C31066920%2C31065402&output=ldjh&gdfp_req=1&vrg=2022032905&ptt=17&impl=fifs&gdpr_consent=tcunavailable&tcfe=3&iu_parts=101482493%2Cposition%2Cbottom&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%2C320x50%7C300x250&fluid=height%2Cheight&ifi=1&adks=4279513738%2C4279513739&sfv=1-0-38&ecs=20220404&fsapi=false&eri=5&cust_params=shortname%3Dislegitsite%26experiment%253Avariant%3Dnetwork_default%253Afallthrough&sc=1&cookie=ID%3De48b86984b4b0454-22322f066dcd00b2%3AT%3D1649068489%3ART%3D1649068489%3AS%3DALNI_MZBHCC3A8H9mOcqvX3DQ8V-BLsd7w&abxe=1&dt=1649068490764&dlt=1649068489767&idt=974&biw=1600&bih=1200&isw=938&adxs=498%2C802&adys=5433%2C5433&ucis=loaw0yemuvtp%7Cvqz1fqmhhkny&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nhd=1&url=https%3A%2F%2Fwww.islegitsite.com%2Fcheck%2Fantivirussales.com%2F&top=www.islegitsite.com&frm=23&vis=1&scr_x=0&scr_y=0&psz=608x0%7C608x0&msz=300x0%7C300x0&fws=260%2C260&ohw=938%2C938&ea=0&ga_vid=1338158214.1649068490&ga_sid=1649068491&ga_hid=111690234&ga_fc=true&btvi=1%7C2&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032905.js?cb=31066034

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 10:34:50 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
google-lineitem-id: -2,-2
pragma: no-cache
server: cafe
google-creative-id: -2,-2
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.islegitsite.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
f5679b1ff3988327047363fc4b049008.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1F37 0
0 260ms
39ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f5679b1ff3988327047363fc4b049008.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032905.js?cb=31066034

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Apr 2022 10:34:51 GMT
expires: Tue, 04 Apr 2023 10:34:51 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 recommendations.10022a97346f1c6e3798931bbd8e4bb5.css
c.disquscdn.com/next/recommendations/styles/ Frame 3EE3 14 KB
3 KB 22ms
21ms Stylesheet
text/css 2600:9000:219c:5c00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/styles/recommendations.10022a97346f1c6e3798931bbd8e4bb5.css

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.e74fcfd3f6ed52bbcd40cf72972ae6c3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:219c:5c00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3eee15d11eb29b6f2258cabfeeca39b3b900a7cae96fc7919b27789f3470b9f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 01:57:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12127047
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 2978
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 10 Nov 2021 23:08:20 GMT
server: nginx
etag: "618c50e4-ba2"
content-type: text/css; charset=utf-8
via: 1.1 c4341fb26af0c8ea61cf721453e6bebc.cloudfront.net (CloudFront)
expires: Tue, 15 Nov 2022 01:57:23 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: CDG3-C2
timing-allow-origin: *
x-amz-cf-id: QwYn8NEOxMlWxrY4SSSTe6ylT6x4Rt8ntPSQ_wSeIUoVZvkIuh97Fw==
x-cache-hits: 0

GET
H2 200 svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame DC32 13 KB
13 KB 18ms
18ms Image
image/svg+xml 2600:9000:219c:5c00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.63860eb743c7d9d2adf0fa435788abe7.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:219c:5c00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.63860eb743c7d9d2adf0fa435788abe7.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 07 May 2021 19:15:41 GMT
via: 1.1 c4341fb26af0c8ea61cf721453e6bebc.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 28653549
x-cache: Hit from cloudfront
content-length: 13079
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Wed, 28 Apr 2021 21:48:08 GMT
server: nginx
etag: "6089d818-3317"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
expires: Sat, 07 May 2022 19:15:41 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: CDG3-C2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: zkJ4wdeM_8yZNK0V08hTpIErmvhrMcHkAdyiDdTB12EB1ZWyxIORXg==
x-cache-hits: 0

GET
H2 200 loader.ba7c86e8b4b6135bb668d05223f8f127.gif
c.disquscdn.com/next/embed/assets/img/ Frame DC32 3 KB
3 KB 19ms
18ms Image
image/gif 2600:9000:219c:5c00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/loader.ba7c86e8b4b6135bb668d05223f8f127.gif

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.63860eb743c7d9d2adf0fa435788abe7.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:219c:5c00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.63860eb743c7d9d2adf0fa435788abe7.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 23 May 2021 15:40:35 GMT
via: 1.1 c4341fb26af0c8ea61cf721453e6bebc.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 27284055
x-cache: Hit from cloudfront
content-length: 2971
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Mon, 17 May 2021 18:53:16 GMT
server: nginx
etag: "60a2bb9c-b9b"
content-type: image/gif
access-control-allow-origin: *
expires: Mon, 23 May 2022 15:40:35 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: CDG3-C2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: ex9MX4rAn_YHFK314k_TkqxTzYzn5Tm727GoNBsjJt0IB62VhcK4gw==
x-cache-hits: 0

GET
H2 200 sprite.ad630a07080a45451f139a7487853ff8.png
c.disquscdn.com/next/embed/assets/img/ Frame DC32 2 KB
2 KB 19ms
19ms Image
image/png 2600:9000:219c:5c00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/sprite.ad630a07080a45451f139a7487853ff8.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.63860eb743c7d9d2adf0fa435788abe7.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:219c:5c00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.63860eb743c7d9d2adf0fa435788abe7.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 02:17:43 GMT
via: 1.1 c4341fb26af0c8ea61cf721453e6bebc.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 12125827
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 1763
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Wed, 10 Nov 2021 23:08:20 GMT
server: nginx
etag: "618c50e4-6e3"
content-type: image/png
access-control-allow-origin: *
expires: Tue, 15 Nov 2022 02:17:43 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: CDG3-C2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: SSNLM4pjR7fFN_7_IdfsVxnVs_UPzOpMsqxFwQwMlhCtwONcU-hcmA==
x-cache-hits: 0

GET
H2 200 icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
c.disquscdn.com/next/embed/assets/font/ Frame DC32 8 KB
8 KB 19ms
19ms Font
application/octet-stream 2600:9000:219c:5c00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.63860eb743c7d9d2adf0fa435788abe7.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:219c:5c00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.63860eb743c7d9d2adf0fa435788abe7.css
Origin: https://disqus.com
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 14 May 2021 15:27:23 GMT
via: 1.1 d30b80e15d08db34625ccde343c59236.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 28062447
x-cache: Hit from cloudfront
content-length: 7900
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Wed, 28 Apr 2021 21:48:08 GMT
server: nginx
etag: "6089d818-1edc"
content-type: application/octet-stream
access-control-allow-origin: *
expires: Sat, 14 May 2022 15:27:23 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: CDG3-C2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: OB3hHAJS1iAj2eU8E35RLjUlRa6TQQ3zo_D2eTfFpH6hNhztTOgv4g==
x-cache-hits: 0

GET
H2 200 tb Show response
15.taboola.com/ Frame B3E6 33 KB
10 KB 41ms
40ms XHR
text/html 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://15.taboola.com/tb?oid=15&pubnm=disqus-islegitsite&unitType=226&tbloc=&pageType=text&pstn=%7B%22domain%22%3A%20%22https%3A%2F%2Fwww.islegitsite.com%22%2C%20%22experiment%22%3A%20%22network_default%22%2C%20%22position%22%3A%20%22top%22%2C%20%22shortname%22%3A%20%22islegitsite%22%2C%20%22variant%22%3A%20%22fallthrough%22%7D&uuip=&cisrf=https%3A%2F%2Fwww.islegitsite.com%2F&cirf=https%3A%2F%2Fwww.islegitsite.com%2Fcheck%2Fantivirussales.com%2F&encoded=1&uid=a0c78dc5-e041-49bb-b822-a17b26dbab6f-tuct9444f4a&variant=-100|1&callback=TRC.videoTagCallbacks.videoCallback1&cb=1649068490902&tagid=&cntry=FR&platform=1&sesid=6d97bccd79b22ddd07fd3744ee0a9730&itemid=/check/antivirussales.com&viewid=1649068490551&geolat=&geoing=&deviceifa=&appid=&sd=v2_6d97bccd79b22ddd07fd3744ee0a9730_a0c78dc5-e041-49bb-b822-a17b26dbab6f-tuct9444f4a_1649068490_1649068490_CIi3jgYQtZ1OGLf-kKH_LyABKAEwSjjE1whA6osQSJqJ2gNQy6EPWABgAGi49Ovc17HappABcAA&ri=9f96a53bd9b01aaa7469695d2fd67316&appname=&cdb=&gdprApplies=true&rid=&sii=&oee=true&tpubid=1281717&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=HDF&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1003147&prcnt=&layer=&normp=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220404-2-RELEASE.es5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4212a18713f56f9cf1a89fd549d774d553b3814a041144977bfe40abcb4c1446

Request headers

Referer: https://www.islegitsite.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Apr 2022 10:34:50 GMT
content-encoding: gzip
access-control-allow-origin: https://www.islegitsite.com
machineid: 1484
x-cache: MISS
xvid-debug: mrmr - :
x-served-by: cache-cdg20723-CDG
pragma: no-cache
server: nginx
x-timer: S1649068491.912801,VS0,VE20
vary: Accept-Encoding
content-type: text/html;charset=ISO-8859-1
via: 1.1 varnish
expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
link: <https://am-wf.taboola.com>; rel=preconnect
x-cache-hits: 0

GET
H2 200 userx.20220404-2-RELEASE.es5.js Show response
cdn.taboola.com/libtrc/ Frame B3E6 22 KB
6 KB 19ms
18ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20220404-2-RELEASE.es5.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4de3908746383939025bbea5847e9752c3cfcc44420525a29862361743d9f77a

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id: ul26_yFnComPVWWVeWjjYBbPHcKR1IgT
content-encoding: gzip
etag: "01bbf1ee8fc4bd4efc2eb775d7779841"
age: 5857
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5730
x-amz-id-2: tw88NtlBu89tOw7kawOKvJnDwk75J4fpL9a51FCLJoHIYm7WwABc1Q/2/V6auMkZqTikSmPdNEw=
x-served-by: cache-cdg20723-CDG
last-modified: Mon, 04 Apr 2022 08:56:50 GMT
server: AmazonS3
x-timer: S1649068491.912282,VS0,VE0
date: Mon, 04 Apr 2022 10:34:50 GMT
vary: Accept-Encoding
x-amz-request-id: X5N3JZXMYA706VJT
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 13
x-cache-hits: 719

GET
H2 200 recommendations.bundle.926bc472e4859a48daa346b4ba2ab4f4.js Show response
c.disquscdn.com/next/recommendations/ Frame 3EE3 65 KB
20 KB 18ms
18ms Script
application/javascript 2600:9000:219c:5c00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/recommendations.bundle.926bc472e4859a48daa346b4ba2ab4f4.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.e74fcfd3f6ed52bbcd40cf72972ae6c3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:219c:5c00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dbffe4825c6ba1f19ff48607381ad4384b0609b64998830502c130f00abe887d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 20:25:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15084549
x-cache: Hit from cloudfront
content-length: 20244
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 11 Oct 2021 20:15:56 GMT
server: nginx
etag: "61649b7c-4f14"
content-type: application/javascript; charset=utf-8
via: 1.1 c4341fb26af0c8ea61cf721453e6bebc.cloudfront.net (CloudFront)
expires: Tue, 11 Oct 2022 20:25:41 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: CDG3-C2
timing-allow-origin: *
x-amz-cf-id: Oof27XGTZN0eTzpz8xcuv8-hHMScoP-PQq6uAPJh0tTyfd_a9DahJA==
x-cache-hits: 0

GET
H/1.1 200
OK config.js Show response
disqus.com/next/ Frame 3EE3 14 KB
15 KB 18ms
18ms Script
application/javascript 151.101.64.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.e74fcfd3f6ed52bbcd40cf72972ae6c3.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

b79e342ee881ef2ab38b3f53ff291337ace2c939dd3dc7e44cb08f56e9c1cfb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://disqus.com/recommendations/?base=default&f=islegitsite&t_u=https%3A%2F%2Fwww.islegitsite.com%2Fcheck%2Fantivirussales.com%2F&t_d=Is%20Antivirussales.com%20Legit%20or%20Scam%3F%20%7C%20IsLegitSite&t_t=Is%20Antivirussales.com%20Legit%20or%20Scam%3F%20%7C%20IsLegitSite
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Mon, 04 Apr 2022 10:34:50 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 40
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 14710
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ Frame DC32 43 B
339 B 98ms
97ms Image
image/gif 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&load_time=684&event=init_embed&thread=8998374435&forum=islegitsite&forum_id=4819311&imp=8cse51837nsq3d&thread_slug=is_antivirussalescom_legit_or_scam_islegitsite&user_type=anon&referrer=https%3A%2F%2Fwww.islegitsite.com%2F&theme=next&dnt=0&tracking_enabled=0&experiment=network_default&variant=fallthrough&service=dynamic&promoted_enabled=true&max_enabled=true

Requested by

Host: www.islegitsite.com
URL: https://www.islegitsite.com/check/antivirussales.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=islegitsite&t_i=228750&t_u=https%3A%2F%2Fwww.islegitsite.com%2Fcheck%2Fantivirussales.com%2F&t_d=Is%20Antivirussales.com%20Legit%20or%20Scam%3F%20%7C%20IsLegitSite&t_t=Is%20Antivirussales.com%20Legit%20or%20Scam%3F%20%7C%20IsLegitSite&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Mon, 04 Apr 2022 10:34:51 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H2 200 e07acf4854010ff971c58ba8c3988663.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame B3E6 18 KB
19 KB 33ms
24ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e07acf4854010ff971c58ba8c3988663.jpeg
Requested by: Host: www.islegitsite.com
URL: https://www.islegitsite.com/check/antivirussales.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6885ebc9c66068cb9a9f3b1d29e82b45068bb23e379046eb52e2210fbaf680a3

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 04 Apr 2022 10:34:50 GMT
via: 1.1 varnish, 1.1 varnish
age: 1467482
edge-cache-tag: 501931386708457900801756247680801530781,389360917527735119118571714620039350550,29ecf9b93bbf306179626feeda1fab70
cache-tag: 501931386708457900801756247680801530781,389360917527735119118571714620039350550,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 104
expiration: expiry-date="Sun, 17 Apr 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e07acf4854010ff971c58ba8c3988663.jpeg
content-length: 18140
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified: Thu, 17 Mar 2022 07:30:49 GMT
server: nginx
x-timer: S1649068491.958781,VS0,VE1
etag: "0077c2ca5aeaf4bce7e5fe04a7c820fe"
x-served-by: cache-wdc5533-WDC, cache-iad-kiad7000030-IAD, cache-cdg20723-CDG
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 8743102fb1b61c4fd6b64d7cb43708af.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame B3E6 23 KB
23 KB 30ms
22ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8743102fb1b61c4fd6b64d7cb43708af.png
Requested by: Host: www.islegitsite.com
URL: https://www.islegitsite.com/check/antivirussales.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: fd1daa7f8863fe46eea00a4c227443bb66c2c19688525cd1832686159f4349ab

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 04 Apr 2022 10:34:50 GMT
via: 1.1 varnish, 1.1 varnish
age: 1568990
edge-cache-tag: 559658680092862316125979555054461195744,389360917527735119118571714620039350550,29ecf9b93bbf306179626feeda1fab70
cache-tag: 559658680092862316125979555054461195744,389360917527735119118571714620039350550,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 52
expiration: expiry-date="Wed, 30 Mar 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8743102fb1b61c4fd6b64d7cb43708af.png
content-length: 23196
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified: Sun, 27 Feb 2022 18:30:10 GMT
server: nginx
x-timer: S1649068491.959028,VS0,VE0
etag: "d7ecccbc243edc298c12c505cc2cc14e"
x-served-by: cache-wdc5582-WDC, cache-iad-kcgs7200043-IAD, cache-cdg20723-CDG
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 2

GET
H2 200 6929a494c45d703bf2bcbbe494637ab7.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame B3E6 10 KB
11 KB 30ms
22ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6929a494c45d703bf2bcbbe494637ab7.jpg
Requested by: Host: www.islegitsite.com
URL: https://www.islegitsite.com/check/antivirussales.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 999d42ff64e0f986d6d56cc266f4afb297406862fb75891932d2a1dc190d6a98

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 04 Apr 2022 10:34:50 GMT
via: 1.1 varnish, 1.1 varnish
age: 1728659
edge-cache-tag: 591427646551026695176083933587501208029,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag: 591427646551026695176083933587501208029,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 37
expiration: expiry-date="Sun, 10 Apr 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6929a494c45d703bf2bcbbe494637ab7.jpg
content-length: 10298
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified: Thu, 10 Mar 2022 09:07:43 GMT
server: nginx
x-timer: S1649068491.959031,VS0,VE0
etag: "d5505a88be6a89a42b099bfeca9f0802"
x-served-by: cache-bwi5041-BWI, cache-iad-kcgs7200125-IAD, cache-cdg20723-CDG
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 4

GET
H2 200 de7dc9e16d9b31fde4b481ccfd37a331.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame B3E6 4 KB
5 KB 25ms
21ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/de7dc9e16d9b31fde4b481ccfd37a331.png
Requested by: Host: www.islegitsite.com
URL: https://www.islegitsite.com/check/antivirussales.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: cac02ba17201e69444488f03ac97d22021fd5d8558dc698baa13b9ac682cdb18

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 04 Apr 2022 10:34:50 GMT
via: 1.1 varnish, 1.1 varnish
age: 1642547
edge-cache-tag: 331236530133445464441462309870907226318,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag: 331236530133445464441462309870907226318,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 13
x-cache: HIT, MISS, HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/de7dc9e16d9b31fde4b481ccfd37a331.png
content-length: 4338
x-request-id: abe7dbf811e3ad02877da65f49ed05c7
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified: Wed, 23 Feb 2022 16:59:10 GMT
server: nginx
x-timer: S1649068491.958998,VS0,VE0
etag: "4ff631aed92ed4980d15e6556b840752"
x-served-by: cache-iad-kjyo7100087-IAD, cache-iad-kcgs7200142-IAD, cache-chi-kigq8000028-CHI, cache-iad-kiad7000070-IAD, cache-cdg20723-CDG
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 1, 1, 5

GET
H2 200 73632968-5694-463b-be04-30cd458d2b0d_1000x600.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/images/ Frame B3E6 17 KB
18 KB 21ms
20ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/images/73632968-5694-463b-be04-30cd458d2b0d_1000x600.jpeg
Requested by: Host: www.islegitsite.com
URL: https://www.islegitsite.com/check/antivirussales.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ae56df174857bf3c024a91673ba3641d205d290bcd326efab276a5e8b2513ffb

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 04 Apr 2022 10:34:50 GMT
via: 1.1 varnish, 1.1 varnish
age: 2245890
edge-cache-tag: 308444227239207316941278493900870577836,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag: 308444227239207316941278493900870577836,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 40
expiration: expiry-date="Sat, 12 Mar 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/images/73632968-5694-463b-be04-30cd458d2b0d_1000x600.jpeg
content-length: 17404
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified: Wed, 09 Feb 2022 13:24:55 GMT
server: nginx
x-timer: S1649068491.958126,VS0,VE0
etag: "b11f885207f028e5041e55e6215f5149"
x-served-by: cache-bwi5063-BWI, cache-iad-kiad7000022-IAD, cache-cdg20723-CDG
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 2

GET
H2 200 db2bd83892a951da62dfec496175e88a.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame B3E6 12 KB
12 KB 26ms
26ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/db2bd83892a951da62dfec496175e88a.jpg
Requested by: Host: www.islegitsite.com
URL: https://www.islegitsite.com/check/antivirussales.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 83a8b6170eebc700dd5d59b8f6b1bd525c253bbcd0ca8892db188aad11edfa63

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 04 Apr 2022 10:34:50 GMT
via: 1.1 varnish, 1.1 varnish
age: 1562644
edge-cache-tag: 315059553153631122518954551318692001740,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag: 315059553153631122518954551318692001740,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 98
x-envoy-upstream-service-time: 354
expiration: expiry-date="Wed, 30 Mar 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/db2bd83892a951da62dfec496175e88a.jpg
content-length: 12128
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified: Sun, 27 Feb 2022 20:11:40 GMT
server: nginx
x-timer: S1649068491.958763,VS0,VE1
etag: "7136e39c0b1d51d709b7aab44b3f8b48"
x-served-by: cache-bwi5066-BWI, cache-iad-kiad7000158-IAD, cache-cdg20723-CDG
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H3 200 integrator.js Show response
adservice.google.fr/adsid/ Frame 9C77 107 B
122 B 39ms
39ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=www.islegitsite.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Apr 2022 10:34:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 9C77 107 B
122 B 37ms
37ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.islegitsite.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Apr 2022 10:34:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 9C77 0
23 B 52ms
52ms XHR
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2363002888246402&correlator=2349888674818265&eid=31065842%2C21068766%2C31065402&output=ldjh&gdfp_req=1&vrg=2022032106&ptt=17&impl=fifs&gdpr_consent=tcunavailable&tcfe=3&iu_parts=101482493%2Cposition%2Crecommendations&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=1&adks=3213429204&sfv=1-0-38&ecs=20220404&fsapi=false&eri=5&cust_params=shortname%3Dislegitsite%26experiment%253Avariant%3Dnetwork_default%253Afallthrough&sc=1&cookie=ID%3De48b86984b4b0454-22322f066dcd00b2%3AT%3D1649068489%3ART%3D1649068489%3AS%3DALNI_MZBHCC3A8H9mOcqvX3DQ8V-BLsd7w&abxe=1&dt=1649068490987&dlt=1649068489916&idt=1044&biw=1600&bih=1200&isw=300&adxs=333&adys=4136&ucis=iuyelvhaovqa&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nhd=1&url=https%3A%2F%2Fwww.islegitsite.com%2Fcheck%2Fantivirussales.com%2F&top=www.islegitsite.com&frm=23&vis=1&scr_x=0&scr_y=0&psz=304x0&msz=300x0&fws=260&ohw=300&ea=0&ga_vid=1338158214.1649068490&ga_sid=1649068491&ga_hid=1740033630&ga_fc=true&btvi=1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 10:34:51 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-creative-id: -2
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.islegitsite.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
8d1c9081a8e39addda0248d786881ed6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F9BF 6 KB
3 KB 75ms
39ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8d1c9081a8e39addda0248d786881ed6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Apr 2022 10:34:51 GMT
expires: Tue, 04 Apr 2023 10:34:51 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame DC32 13 KB
13 KB 18ms
18ms Image
image/svg+xml 2600:9000:219c:5c00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.63860eb743c7d9d2adf0fa435788abe7.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:219c:5c00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.63860eb743c7d9d2adf0fa435788abe7.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 07 May 2021 19:15:41 GMT
via: 1.1 c4341fb26af0c8ea61cf721453e6bebc.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 28653550
x-cache: Hit from cloudfront
content-length: 13079
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Wed, 28 Apr 2021 21:48:08 GMT
server: nginx
etag: "6089d818-3317"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
expires: Sat, 07 May 2022 19:15:41 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: CDG3-C2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 0dJkSAoqIppQj_9HugGJ6HA2rLhp5nSEomzKzOjuFmRLJ9kifchn9g==
x-cache-hits: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 94A1 2 KB
435 B 80ms
41ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Muli:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c3d628f4e66cecd08fd6e79132a41585dfd209b14bd6e0695af0842025ee2768

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 08:45:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 04 Apr 2022 10:34:51 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Apr 2022 10:34:51 GMT

GET
H/1.1 200
OK / Show response
tempest.services.disqus.com/ads-iframe/taboola/ 28 KB
10 KB 123ms
122ms XHR
text/html 199.232.192.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://tempest.services.disqus.com/ads-iframe/taboola/?position=bottom&shortname=islegitsite&sourceUrl=https%3A%2F%2Fwww.islegitsite.com%2Fcheck%2Fantivirussales.com%2F&colorScheme=light
Requested by: Host: islegitsite.disqus.com
URL: https://islegitsite.disqus.com/embed.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.192.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty /
Resource Hash: 21cbbedba666505731daae6e35283021ec82e38319a459a3bf7dd1050133218e

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Mon, 04 Apr 2022 10:34:51 GMT
Content-Encoding: gzip
Server: openresty
Age: 0
Vary: Accept-Encoding,
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=300
X-Service: router
Connection: keep-alive
Content-Length: 9432
Cross-Origin-Resource-Policy: cross-origin

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ 43 B
339 B 100ms
100ms Image
image/gif 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?imp=8cse51837nsq3d&experiment=network_default&variant=fallthrough&service=dynamic&area=bottom&product=embed&forum=islegitsite&zone=thread&version=31cd6fbd4797db790bc183cea2909ab5&page_url=https%3A%2F%2Fwww.islegitsite.com%2Fcheck%2Fantivirussales.com%2F&page_referrer=&object_type=advertisement&provider=google&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&object_id=%5B160465%5D&section=default&verb=load&extra_data=%7B%22time_to_load%22%3A784%7D&advertisement_id=160465&forum_id=4819311

Requested by

Host: www.islegitsite.com
URL: https://www.islegitsite.com/check/antivirussales.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Mon, 04 Apr 2022 10:34:51 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H2 200 UnitWidgetItemDesktop.min.js Show response
vidstat.taboola.com/lite-unit/3.6.9/ Frame B3E6 99 KB
29 KB 33ms
27ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/3.6.9/UnitWidgetItemDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220404-2-RELEASE.es5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5b4dd08942d096c41c42aeb1f36db7261f30841da30fedbfd19e77e87a0cfe55

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 10:34:51 GMT
via: 1.1 8c91fcc64b7a86489661ea1249599ca2.cloudfront.net (CloudFront), 1.1 varnish
age: 2353220
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 28832
x-served-by: cache-cdg20723-CDG
last-modified: Wed, 02 Mar 2022 12:50:08 GMT
server: AmazonS3
x-timer: S1649068491.053713,VS0,VE0
etag: "21fe8bfcdadd2e040a7cfd343b7e50c0"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: CDG52-P2
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: J8OiF6SfVZfBo_aEZmT6JylyB9Ck85ZqAdkLVFd3fyNxnD_RTBi5JQ==
x-cache-hits: 18105

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ 43 B
339 B 103ms
102ms Image
image/gif 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?imp=8cse51837nsq3d&experiment=network_default&variant=fallthrough&service=dynamic&area=top&product=embed&forum=islegitsite&zone=thread&version=31cd6fbd4797db790bc183cea2909ab5&page_url=https%3A%2F%2Fwww.islegitsite.com%2Fcheck%2Fantivirussales.com%2F&page_referrer=&object_type=advertisement&provider=taboola&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&object_id=%5B184193%5D&section=default&verb=load&advertisement_id=184193&forum_id=4819311

Requested by

Host: www.islegitsite.com
URL: https://www.islegitsite.com/check/antivirussales.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Mon, 04 Apr 2022 10:34:51 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK details Show response
disqus.com/api/3.0/forums/ Frame 3EE3 3 KB
3 KB 18ms
18ms XHR
application/json 151.101.64.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/forums/details?forum=islegitsite&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.e74fcfd3f6ed52bbcd40cf72972ae6c3.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

829b94339b38c07294be465ad5e7c23da8f254d2df883d0a0d025e6f61c2138e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://disqus.com/recommendations/?base=default&f=islegitsite&t_u=https%3A%2F%2Fwww.islegitsite.com%2Fcheck%2Fantivirussales.com%2F&t_d=Is%20Antivirussales.com%20Legit%20or%20Scam%3F%20%7C%20IsLegitSite&t_t=Is%20Antivirussales.com%20Legit%20or%20Scam%3F%20%7C%20IsLegitSite
X-Requested-With: XMLHttpRequest
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Mon, 04 Apr 2022 10:34:51 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 1
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Type: application/json
Vary: Origin, Cookie
Content-Length: 2943
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ 43 B
339 B 140ms
111ms Image
image/gif 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?imp=8cse56a1j6a0he&experiment=network_default&variant=fallthrough&service=dynamic&area=recommendations&product=recommendations&forum=islegitsite&zone=thread&version=9a1bc22f669e65e0fad921dc193f5254&page_url=https%3A%2F%2Fwww.islegitsite.com%2Fcheck%2Fantivirussales.com%2F&page_referrer=&object_type=advertisement&provider=google&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&object_id=%5B160465%5D&section=default&verb=load&extra_data=%7B%22time_to_load%22%3A700%7D&advertisement_id=160465&forum_id=4819311

Requested by

Host: www.islegitsite.com
URL: https://www.islegitsite.com/check/antivirussales.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Mon, 04 Apr 2022 10:34:51 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK listRecommendations.json Show response
disqus.com/api/3.0/discovery/ Frame 3EE3 5 KB
6 KB 196ms
196ms XHR
application/json 151.101.64.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/discovery/listRecommendations.json?forum=islegitsite&thread=url%3Ahttps%3A%2F%2Fwww.islegitsite.com%2Fcheck%2Fantivirussales.com%2F&limit=8&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.e74fcfd3f6ed52bbcd40cf72972ae6c3.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e1ed89b6738eb9a701eded7038ea55187794e4c18773d36a734ad50242a0c1e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://disqus.com/recommendations/?base=default&f=islegitsite&t_u=https%3A%2F%2Fwww.islegitsite.com%2Fcheck%2Fantivirussales.com%2F&t_d=Is%20Antivirussales.com%20Legit%20or%20Scam%3F%20%7C%20IsLegitSite&t_t=Is%20Antivirussales.com%20Legit%20or%20Scam%3F%20%7C%20IsLegitSite
X-Requested-With: XMLHttpRequest
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Mon, 04 Apr 2022 10:34:51 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
Connection: keep-alive
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Cache-Control: stale-while-revalidate=450, public, max-age=1800
Cross-Origin-Resource-Policy: cross-origin
Fastly-Original-Body-Size: 5346
Content-Type: application/json
Vary: Origin
Content-Length: 5346
X-XSS-Protection: 1; mode=block

GET
H3 200 7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v26/ Frame 94A1 31 KB
31 KB 65ms
27ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/muli/v26/7Auwp_0qiz-afTLGLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e14a625deb5e7cb388813d12ff906c39d7140ead453b49a22cc7d11497035790

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 15:20:52 GMT
x-content-type-options: nosniff
age: 414839
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31248
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:37:29 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 30 Mar 2023 15:20:52 GMT

GET taboola
reporting.services.disqus.com/_log/ Frame 24E8 0
0

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/disqus-network/ Frame 24E8 651 KB
148 KB 19ms
19ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/disqus-network/loader.js
Requested by: Host: www.islegitsite.com
URL: https://www.islegitsite.com/check/antivirussales.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bcad1b0a71b616ecaee72f4eac6cd781d24ee330b025211feb02418609793adb

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id: 1Qr3TuBCoKVDQuRGXGfm__P0.dwk0rHp
content-encoding: gzip
etag: "982febb127c87558cbfe0ce7de95b3c9"
age: 4478
x-cache: HIT
content-length: 150785
x-amz-id-2: 4uHR2O/YmBn8Cewce6SPcyNVRwhgmKv2KQT2PKrKUA6mU2hL4tM6bmTz1ZKF6Ejd0KhvTtmqWvU=
x-served-by: cache-cdg20723-CDG
last-modified: Mon, 04 Apr 2022 09:19:06 GMT
server: AmazonS3
x-timer: S1649068491.161972,VS0,VE0
date: Mon, 04 Apr 2022 10:34:51 GMT
vary: Accept-Encoding
x-amz-request-id: 71JF6VGP7JYBE338
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 37
x-cache-hits: 2

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6DDC 42 B
64 B 99ms
62ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss_XZ9pVNBwHp_hCoFSfkkchDvSkJznh3FEEyzj3vhMRxQQOcuNy1btLWmzawvjNQD3fgR9q7yl13f61t4Hk54Q&sig=Cg0ArKJSzMb93Nz-RvdyEAE&id=lidar2&mcvt=1000&p=0,0,280,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220330&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=207406793&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1649068489741&rpt=515&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 10:34:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 st Show response
imprammp.taboola.com/ Frame C65B 1 KB
578 B 31ms
30ms Document
text/html 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8061395&crid=4826575&dast=V7HDgCFgOnZMTWIYfa2ASnZMTWIYfa2AUAAAAGBuIHHMObTWYbymJCWW4Gg-FotlyMVsPdYrIYDYawMbzZZLahLCaU5WYwGI5mw81oMlltJrvNFAIn9yLyux1Ou0U6kAhNp8Pnutfrfr-70nN2-Zymz9P0smv8botYIFEZDy_L0-2ymy7SgUTuMv3-lq-_5LI5XGfTRSyQCP6ep-npt1ukA4nob7iIBRLN0W853R1ul0U6kCg9Z5fPafo8TS-LWCCRPSxPh910kQ4kMofZbDpa_q6f0aJ-Qw2aTofPda_X_X53pefs8jlNn6fpZdf43X6N0eXx-hV209P2tLw-n4fZ5blr_G6_HAAAAAAeAJJKnyF-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAAKUo80AJI4DuTvujicxn8AADw8gAAACGCQAAy4NZUAlHAtnAAAAAAAAAAAsPz____HAOwFTMsAXACO9QA8-AA8EBUwFzECAAAAKNkhPTua1AmVRRUAAEG6FcAVAEDAHz0J0GkYAACAgJgWktJu49vq99gCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTUhJ-TANSCkdS-wUEAFj7BQQAYFM3AIC3ALiQ40DT6fC57vW63--u9JxdPqfp8zS97Bq_2y86glYMBqsLiNkBAAAA3P3____jaSEp7Ta-rX7rgdjIuZt4PCbfcmKZjEwmw25m8uxGo5XLsHDuNoPtbY6OqMroNVv0BU7uReR3O5x2i3QgEZpOh891r9f9fnel5-zyOU2fp-ll1_jdFrFAojIeXpan22U3XaQDidxl-v0tX3_JZXO4zqaLWCAR_D1P09Nvt0gHEtHfcBELJJqj33K6O9wui3QgUXrOLp_T9HmaXhaxQCJ7WJ4Ou-kiHUhkDrPZdLT8XT-jRX2_CVuMVpPJZjmcLReTwXA0HI32NxCDwQAnYrBcTiaLyW41Wo02w91oNligQAwmSNGiwWQ1Gk0Wk-FqNFnNlovdboMUrVrNRpvBcDWbzHa71XAwXI5GOGGL0Woy2SyHs-ViMhiOhqPREGHCsPENRx7XWmUYLdai5cTilhgnk7XCsZtYZiOLw2KbuUWvj-k5Go1mpoUXBQNa9iK4SCcip-fx-ryVnrPL5zR9nqaXRSzRnCzSieyyr42cu4nHY_ItJ5bJyGQy7GYmz240WrkMC-duM9g3DBvfcORxrVWG0WItWk4sbolxMlkrHLuJZTayOCy2mVv0-pieo9FoZlr4G7PRcjAbjpaDfWM2Wg5mw9FysO8wmZ6pz9koXRt7Hpnm1nqJ_DLzQeEyWLxP1epi7I4O2t7z6FQZV8rOzmjeVoReg8Jz8Jim5Z72ceyGDMPhQeE4GBSxRHC6SCeil_F0EUskT4t0opw5ZwvXZmJyTgyLhcPhG82Ws-VqZJmZbLvNYjYRS5Smi3Si1xhdHq9fYTc9bU_L6_N5mF2eu8bvtqj_2DC7uWo5V8xGc8Vgs0oAAAAAAAAAAEuYM28CAAAAcBrIZDQcrZYLMOFYqwsMAgAAAAAAUNz4sQQ5PY_X5630nF0-p-nzNL2sDPDgtMi82TNBrNVqWQMAAAhgAwAABHDr5j2AJBrJAQ!&cmcv=&pix=undefined&cb=1649068491369&uv=3154&tms=1649068491369&abt=adh5c-1_vA!adh5c_vA!iiqd1_vB!iiqd2_vB!iiqd5_vB!lvlstst-in1_vC!lvlstst_vC!pblc_vE!rv2r_vB!spa2_vB!t45!t45!t45!t45!u2822_vA!ufm!ul108542-557_vB&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=C7626C21B2930084691458712140&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.6.9/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 82deb488ed90a4434ca3c944a199af3d557338dbdd3862bf4b2fa7e304f13656

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Mon, 04 Apr 2022 10:34:51 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-cdg20723-CDG
x-timer: S1649068491.400043,VS0,VE12

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 7C73 1 KB
1 KB 74ms
21ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V7HDgCFgOnZMTWIYfa2ASnZMTWIYfa2AUAAAAGBuIHHMObTWYbymJCWW4Gg-FotlyMVsPdYrIYDYawMbzZZLahLCaU5WYwGI5mw81oMlltJrvNFAIn9yLyux1Ou0U6kAhNp8Pnutfrfr-70nN2-Zymz9P0smv8botYIFEZDy_L0-2ymy7SgUTuMv3-lq-_5LI5XGfTRSyQCP6ep-npt1ukA4nob7iIBRLN0W853R1ul0U6kCg9Z5fPafo8TS-LWCCRPSxPh910kQ4kMofZbDpa_q6f0aJ-Qw2aTofPda_X_X53pefs8jlNn6fpZdf43X6N0eXx-hV209P2tLw-n4fZ5blr_G6_HAAAAAAeAJJKnyF-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAAKUo80AJI4DuTvujicxn8AADw8gAAACGCQAAy4NZUAlHAtnAAAAAAAAAAAsPz____HAOwFTMsAXACO9QA8-AA8EBUwFzECAAAAKNkhPTua1AmVRRUAAEG6FcAVAEDAHz0J0GkYAACAgJgWktJu49vq99gCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTUhJ-TANSCkdS-wUEAFj7BQQAYFM3AIC3ALiQ40DT6fC57vW63--u9JxdPqfp8zS97Bq_2y86glYMBqsLiNkBAAAA3P3____jaSEp7Ta-rX7rgdjIuZt4PCbfcmKZjEwmw25m8uxGo5XLsHDuNoPtbY6OqMroNVv0BU7uReR3O5x2i3QgEZpOh891r9f9fnel5-zyOU2fp-ll1_jdFrFAojIeXpan22U3XaQDidxl-v0tX3_JZXO4zqaLWCAR_D1P09Nvt0gHEtHfcBELJJqj33K6O9wui3QgUXrOLp_T9HmaXhaxQCJ7WJ4Ou-kiHUhkDrPZdLT8XT-jRX2_CVuMVpPJZjmcLReTwXA0HI32NxCDwQAnYrBcTiaLyW41Wo02w91oNligQAwmSNGiwWQ1Gk0Wk-FqNFnNlovdboMUrVrNRpvBcDWbzHa71XAwXI5GOGGL0Woy2SyHs-ViMhiOhqPREGHCsPENRx7XWmUYLdai5cTilhgnk7XCsZtYZiOLw2KbuUWvj-k5Go1mpoUXBQNa9iK4SCcip-fx-ryVnrPL5zR9nqaXRSzRnCzSieyyr42cu4nHY_ItJ5bJyGQy7GYmz240WrkMC-duM9g3DBvfcORxrVWG0WItWk4sbolxMlkrHLuJZTayOCy2mVv0-pieo9FoZlr4G7PRcjAbjpaDfWM2Wg5mw9FysO8wmZ6pz9koXRt7Hpnm1nqJ_DLzQeEyWLxP1epi7I4O2t7z6FQZV8rOzmjeVoReg8Jz8Jim5Z72ceyGDMPhQeE4GBSxRHC6SCeil_F0EUskT4t0opw5ZwvXZmJyTgyLhcPhG82Ws-VqZJmZbLvNYjYRS5Smi3Si1xhdHq9fYTc9bU_L6_N5mF2eu8bvtqj_2DC7uWo5V8xGc8Vgs0oAAAAAAAAAAEuYM28CAAAAcBrIZDQcrZYLMOFYqwsMAgAAAAAAUNz4sQQ5PY_X5630nF0-p-nzNL2sDPDgtMi82TNBrNVqWQMAAAhgAwAABHDr5j2AJBrJAQ!&excid=22&docw=0&cijs=1&nlb=true
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.6.9/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 86d0b0c5c5ac215d1bccc0057a9e5aeaf96554438e7eacc1c8d53f9f3f827b26

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-type: text/html;charset=ISO-8859-1
date: Mon, 04 Apr 2022 10:34:51 GMT
machineid: 3407
server: nginx

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ Frame B3E6 1 KB
788 B 84ms
68ms XHR
application/json 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=4826575&noaop=3&sortOrderType=0&cb=1649068491374&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1381&pt=-842323003&tz=0&viewable=true&ddast=V7HDgCFgOnZMTWIYfa2ASnZMTWIYfa2AUAAAAGBuIHHMObTWYbymJCWW4Gg-FotlyMVsPdYrIYDYawMbzZZLahLCaU5WYwGI5mw81oMlltJrvNFAIn9yLyux1Ou0U6kAhNp8Pnutfrfr-70nN2-Zymz9P0smv8botYIFEZDy_L0-2ymy7SgUTuMv3-lq-_5LI5XGfTRSyQCP6ep-npt1ukA4nob7iIBRLN0W853R1ul0U6kCg9Z5fPafo8TS-LWCCRPSxPh910kQ4kMofZbDpa_q6f0aJ-Qw2aTofPda_X_X53pefs8jlNn6fpZdf43X6N0eXx-hV209P2tLw-n4fZ5blr_G6_HAAAAAAeAJJKnyF-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAAKUo80AJI4DuTvujicxn8AADw8gAAACGCQAAy4NZUAlHAtnAAAAAAAAAAAsPz____HAOwFTMsAXACO9QA8-AA8EBUwFzECAAAAKNkhPTua1AmVRRUAAEG6FcAVAEDAHz0J0GkYAACAgJgWktJu49vq99gCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTUhJ-TANSCkdS-wUEAFj7BQQAYFM3AIC3ALiQ40DT6fC57vW63--u9JxdPqfp8zS97Bq_2y86glYMBqsLiNkBAAAA3P3____jaSEp7Ta-rX7rgdjIuZt4PCbfcmKZjEwmw25m8uxGo5XLsHDuNoPtbY6OqMroNVv0BU7uReR3O5x2i3QgEZpOh891r9f9fnel5-zyOU2fp-ll1_jdFrFAojIeXpan22U3XaQDidxl-v0tX3_JZXO4zqaLWCAR_D1P09Nvt0gHEtHfcBELJJqj33K6O9wui3QgUXrOLp_T9HmaXhaxQCJ7WJ4Ou-kiHUhkDrPZdLT8XT-jRX2_CVuMVpPJZjmcLReTwXA0HI32NxCDwQAnYrBcTiaLyW41Wo02w91oNligQAwmSNGiwWQ1Gk0Wk-FqNFnNlovdboMUrVrNRpvBcDWbzHa71XAwXI5GOGGL0Woy2SyHs-ViMhiOhqPREGHCsPENRx7XWmUYLdai5cTilhgnk7XCsZtYZiOLw2KbuUWvj-k5Go1mpoUXBQNa9iK4SCcip-fx-ryVnrPL5zR9nqaXRSzRnCzSieyyr42cu4nHY_ItJ5bJyGQy7GYmz240WrkMC-duM9g3DBvfcORxrVWG0WItWk4sbolxMlkrHLuJZTayOCy2mVv0-pieo9FoZlr4G7PRcjAbjpaDfWM2Wg5mw9FysO8wmZ6pz9koXRt7Hpnm1nqJ_DLzQeEyWLxP1epi7I4O2t7z6FQZV8rOzmjeVoReg8Jz8Jim5Z72ceyGDMPhQeE4GBSxRHC6SCeil_F0EUskT4t0opw5ZwvXZmJyTgyLhcPhG82Ws-VqZJmZbLvNYjYRS5Smi3Si1xhdHq9fYTc9bU_L6_N5mF2eu8bvtqj_2DC7uWo5V8xGc8Vgs0oAAAAAAAAAAEuYM28CAAAAcBrIZDQcrZYLMOFYqwsMAgAAAAAAUNz4sQQ5PY_X5630nF0-p-nzNL2sDPDgtMi82TNBrNVqWQMAAAhgAwAABHDr5j2AJBrJAQ!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=1&pb=0&pagg=3&sd=undefined&ctsldr=0&dtagid=2448395&dpubid=224845&abtst=adh5c-1_vA!adh5c_vA!iiqd1_vB!iiqd2_vB!iiqd5_vB!lvlstst-in1_vC!lvlstst_vC!pblc_vE!rv2r_vB!spa2_vB!t45!t45!t45!t45!u2822_vA!ufm!ul108542-557_vB&mPre=0.033&cirf=https%3A%2F%2Fwww.islegitsite.com&en=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.6.9/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4d328f64c58c1c9932023173632012e052ce498e3abe872e594e52921e68dc91

Request headers

Referer: https://www.islegitsite.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-type: text/plain

Response headers

date: Mon, 04 Apr 2022 10:34:51 GMT
content-encoding: gzip
access-control-allow-origin: https://www.islegitsite.com
machineid: 1438
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-cdg20723-CDG
pragma: no-cache
server: nginx
x-timer: S1649068491.400047,VS0,VE50
vary: Accept-Encoding
content-type: application/json;charset=utf-8
via: 1.1 varnish
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 st
am-vid-events.taboola.com/ Frame B3E6 0
44 B 89ms
21ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=8061395&crid=4826575&dast=V7HDgCFgOnZMTWIYfa2ASnZMTWIYfa2AUAAAAGBuIHHMObTWYbymJCWW4Gg-FotlyMVsPdYrIYDYawMbzZZLahLCaU5WYwGI5mw81oMlltJrvNFAIn9yLyux1Ou0U6kAhNp8Pnutfrfr-70nN2-Zymz9P0smv8botYIFEZDy_L0-2ymy7SgUTuMv3-lq-_5LI5XGfTRSyQCP6ep-npt1ukA4nob7iIBRLN0W853R1ul0U6kCg9Z5fPafo8TS-LWCCRPSxPh910kQ4kMofZbDpa_q6f0aJ-Qw2aTofPda_X_X53pefs8jlNn6fpZdf43X6N0eXx-hV209P2tLw-n4fZ5blr_G6_HAAAAAAeAJJKnyF-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAAKUo80AJI4DuTvujicxn8AADw8gAAACGCQAAy4NZUAlHAtnAAAAAAAAAAAsPz____HAOwFTMsAXACO9QA8-AA8EBUwFzECAAAAKNkhPTua1AmVRRUAAEG6FcAVAEDAHz0J0GkYAACAgJgWktJu49vq99gCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTUhJ-TANSCkdS-wUEAFj7BQQAYFM3AIC3ALiQ40DT6fC57vW63--u9JxdPqfp8zS97Bq_2y86glYMBqsLiNkBAAAA3P3____jaSEp7Ta-rX7rgdjIuZt4PCbfcmKZjEwmw25m8uxGo5XLsHDuNoPtbY6OqMroNVv0BU7uReR3O5x2i3QgEZpOh891r9f9fnel5-zyOU2fp-ll1_jdFrFAojIeXpan22U3XaQDidxl-v0tX3_JZXO4zqaLWCAR_D1P09Nvt0gHEtHfcBELJJqj33K6O9wui3QgUXrOLp_T9HmaXhaxQCJ7WJ4Ou-kiHUhkDrPZdLT8XT-jRX2_CVuMVpPJZjmcLReTwXA0HI32NxCDwQAnYrBcTiaLyW41Wo02w91oNligQAwmSNGiwWQ1Gk0Wk-FqNFnNlovdboMUrVrNRpvBcDWbzHa71XAwXI5GOGGL0Woy2SyHs-ViMhiOhqPREGHCsPENRx7XWmUYLdai5cTilhgnk7XCsZtYZiOLw2KbuUWvj-k5Go1mpoUXBQNa9iK4SCcip-fx-ryVnrPL5zR9nqaXRSzRnCzSieyyr42cu4nHY_ItJ5bJyGQy7GYmz240WrkMC-duM9g3DBvfcORxrVWG0WItWk4sbolxMlkrHLuJZTayOCy2mVv0-pieo9FoZlr4G7PRcjAbjpaDfWM2Wg5mw9FysO8wmZ6pz9koXRt7Hpnm1nqJ_DLzQeEyWLxP1epi7I4O2t7z6FQZV8rOzmjeVoReg8Jz8Jim5Z72ceyGDMPhQeE4GBSxRHC6SCeil_F0EUskT4t0opw5ZwvXZmJyTgyLhcPhG82Ws-VqZJmZbLvNYjYRS5Smi3Si1xhdHq9fYTc9bU_L6_N5mF2eu8bvtqj_2DC7uWo5V8xGc8Vgs0oAAAAAAAAAAEuYM28CAAAAcBrIZDQcrZYLMOFYqwsMAgAAAAAAUNz4sQQ5PY_X5630nF0-p-nzNL2sDPDgtMi82TNBrNVqWQMAAAhgAwAABHDr5j2AJBrJAQ!&cmcv=&pix=31589837&cb=1649068491369&uv=3154&tms=1649068491369&abt=adh5c-1_vA!adh5c_vA!iiqd1_vB!iiqd2_vB!iiqd5_vB!lvlstst-in1_vC!lvlstst_vC!pblc_vE!rv2r_vB!spa2_vB!t45!t45!t45!t45!u2822_vA!ufm!ul108542-557_vB&ft=1&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1649068489759.9!ts:1649068491369&mntl=3
Requested by: Host: www.islegitsite.com
URL: https://www.islegitsite.com/check/antivirussales.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 10:34:51 GMT
content-length: 0
server: nginx

GET
H2 200 get
c.disquscdn.com/ Frame 3EE3 11 KB
11 KB 20ms
20ms Image
image/png 2600:9000:219c:5c00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2Fwww.islegitsite.com%2Fimages%2Ffb-image.png&key=XQmk68GxqA1c55D-H8zI5g&h=200

Requested by

Host: www.islegitsite.com
URL: https://www.islegitsite.com/check/antivirussales.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:219c:5c00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

19d89209f90bf824e45972791010e9a91f8f09c40843dea13f2297718b8be4bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:38:12 GMT
via: 1.1 c4341fb26af0c8ea61cf721453e6bebc.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 640599
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
content-length: 11187
x-xss-protection: 1; mode=block
x-served-by: static-web-1
server: nginx
x-cache-hits: 0
content-type: image/png
cache-control: max-age=2592000
x-amz-cf-pop: CDG3-C2
accept-ranges: bytes
x-amz-cf-id: Lj0KFRoGJOqTfOqmZodscwF_EVMaH4Hh6CRuTP9xpfRdijhMxw_RkA==
expires: Wed, 27 Apr 2022 00:38:12 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 9C77 14 KB
10 KB 39ms
39ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022032106&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4ea92471e7acc488d03e7195a90e1e32ca070f8ccf8ef3aaa8333494b0140060

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Apr 2022 10:34:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10693
x-xss-protection: 0

GET
H2 200 impl.20220404-2-RELEASE.es5.js Show response
cdn.taboola.com/libtrc/ Frame 24E8 698 KB
134 KB 21ms
19ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20220404-2-RELEASE.es5.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 8db980d4051813f15c254961f906f82c8c6f504a474bb8c1f231699500d8fde5

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id: 4cnS7gR9j02x.bPwbg4qwh30Bc8FxoIz
content-encoding: br
etag: "e5e3632d4c73ed0abb4961cecace58ff"
age: 6465
x-cache: HIT
content-length: 137189
x-amz-id-2: iEoVok+z1Dg7ZRuToEd8Pf4XFylebxf/sTUK9m+DutnkYXAEL26Iy9VgP1BBnkUxOvPt4zCC9p4=
x-served-by: cache-cdg20723-CDG
last-modified: Mon, 04 Apr 2022 08:46:21 GMT
server: AmazonS3-br
x-timer: S1649068491.468570,VS0,VE0
date: Mon, 04 Apr 2022 10:34:51 GMT
vary: Accept-Encoding
x-amz-request-id: E9J6E3HC9182ER9V
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 13
x-cache-hits: 1215

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ Frame 24E8 1 KB
1 KB 26ms
24ms Script
application/javascript 13.225.80.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.80.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-80-105.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 02:43:44 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 29584
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: i2KRqlsoHBUrCDmct-Cl55oJrgI9QJ5DALK6sMHZydONDOTBGnI08g==

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame C65B 70 B
264 B 460ms
34ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8061395&crid=4826575&dast=V7HDgCFgOnZMTWIYfa2ASnZMTWIYfa2AUAAAAGBuIHHMObTWYbymJCWW4Gg-FotlyMVsPdYrIYDYawMbzZZLahLCaU5WYwGI5mw81oMlltJrvNFAIn9yLyux1Ou0U6kAhNp8Pnutfrfr-70nN2-Zymz9P0smv8botYIFEZDy_L0-2ymy7SgUTuMv3-lq-_5LI5XGfTRSyQCP6ep-npt1ukA4nob7iIBRLN0W853R1ul0U6kCg9Z5fPafo8TS-LWCCRPSxPh910kQ4kMofZbDpa_q6f0aJ-Qw2aTofPda_X_X53pefs8jlNn6fpZdf43X6N0eXx-hV209P2tLw-n4fZ5blr_G6_HAAAAAAeAJJKnyF-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAAKUo80AJI4DuTvujicxn8AADw8gAAACGCQAAy4NZUAlHAtnAAAAAAAAAAAsPz____HAOwFTMsAXACO9QA8-AA8EBUwFzECAAAAKNkhPTua1AmVRRUAAEG6FcAVAEDAHz0J0GkYAACAgJgWktJu49vq99gCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTUhJ-TANSCkdS-wUEAFj7BQQAYFM3AIC3ALiQ40DT6fC57vW63--u9JxdPqfp8zS97Bq_2y86glYMBqsLiNkBAAAA3P3____jaSEp7Ta-rX7rgdjIuZt4PCbfcmKZjEwmw25m8uxGo5XLsHDuNoPtbY6OqMroNVv0BU7uReR3O5x2i3QgEZpOh891r9f9fnel5-zyOU2fp-ll1_jdFrFAojIeXpan22U3XaQDidxl-v0tX3_JZXO4zqaLWCAR_D1P09Nvt0gHEtHfcBELJJqj33K6O9wui3QgUXrOLp_T9HmaXhaxQCJ7WJ4Ou-kiHUhkDrPZdLT8XT-jRX2_CVuMVpPJZjmcLReTwXA0HI32NxCDwQAnYrBcTiaLyW41Wo02w91oNligQAwmSNGiwWQ1Gk0Wk-FqNFnNlovdboMUrVrNRpvBcDWbzHa71XAwXI5GOGGL0Woy2SyHs-ViMhiOhqPREGHCsPENRx7XWmUYLdai5cTilhgnk7XCsZtYZiOLw2KbuUWvj-k5Go1mpoUXBQNa9iK4SCcip-fx-ryVnrPL5zR9nqaXRSzRnCzSieyyr42cu4nHY_ItJ5bJyGQy7GYmz240WrkMC-duM9g3DBvfcORxrVWG0WItWk4sbolxMlkrHLuJZTayOCy2mVv0-pieo9FoZlr4G7PRcjAbjpaDfWM2Wg5mw9FysO8wmZ6pz9koXRt7Hpnm1nqJ_DLzQeEyWLxP1epi7I4O2t7z6FQZV8rOzmjeVoReg8Jz8Jim5Z72ceyGDMPhQeE4GBSxRHC6SCeil_F0EUskT4t0opw5ZwvXZmJyTgyLhcPhG82Ws-VqZJmZbLvNYjYRS5Smi3Si1xhdHq9fYTc9bU_L6_N5mF2eu8bvtqj_2DC7uWo5V8xGc8Vgs0oAAAAAAAAAAEuYM28CAAAAcBrIZDQcrZYLMOFYqwsMAgAAAAAAUNz4sQQ5PY_X5630nF0-p-nzNL2sDPDgtMi82TNBrNVqWQMAAAhgAwAABHDr5j2AJBrJAQ!&cmcv=&pix=undefined&cb=1649068491369&uv=3154&tms=1649068491369&abt=adh5c-1_vA!adh5c_vA!iiqd1_vB!iiqd2_vB!iiqd5_vB!lvlstst-in1_vC!lvlstst_vC!pblc_vE!rv2r_vB!spa2_vB!t45!t45!t45!t45!u2822_vA!ufm!ul108542-557_vB&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=C7626C21B2930084691458712140&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 10:34:51 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame C65B 43 B
182 B 521ms
95ms Image
image/gif 2600:1f18:612b:4216:1045:b1b6:a84f:9c3b
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8061395&crid=4826575&dast=V7HDgCFgOnZMTWIYfa2ASnZMTWIYfa2AUAAAAGBuIHHMObTWYbymJCWW4Gg-FotlyMVsPdYrIYDYawMbzZZLahLCaU5WYwGI5mw81oMlltJrvNFAIn9yLyux1Ou0U6kAhNp8Pnutfrfr-70nN2-Zymz9P0smv8botYIFEZDy_L0-2ymy7SgUTuMv3-lq-_5LI5XGfTRSyQCP6ep-npt1ukA4nob7iIBRLN0W853R1ul0U6kCg9Z5fPafo8TS-LWCCRPSxPh910kQ4kMofZbDpa_q6f0aJ-Qw2aTofPda_X_X53pefs8jlNn6fpZdf43X6N0eXx-hV209P2tLw-n4fZ5blr_G6_HAAAAAAeAJJKnyF-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAAKUo80AJI4DuTvujicxn8AADw8gAAACGCQAAy4NZUAlHAtnAAAAAAAAAAAsPz____HAOwFTMsAXACO9QA8-AA8EBUwFzECAAAAKNkhPTua1AmVRRUAAEG6FcAVAEDAHz0J0GkYAACAgJgWktJu49vq99gCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTUhJ-TANSCkdS-wUEAFj7BQQAYFM3AIC3ALiQ40DT6fC57vW63--u9JxdPqfp8zS97Bq_2y86glYMBqsLiNkBAAAA3P3____jaSEp7Ta-rX7rgdjIuZt4PCbfcmKZjEwmw25m8uxGo5XLsHDuNoPtbY6OqMroNVv0BU7uReR3O5x2i3QgEZpOh891r9f9fnel5-zyOU2fp-ll1_jdFrFAojIeXpan22U3XaQDidxl-v0tX3_JZXO4zqaLWCAR_D1P09Nvt0gHEtHfcBELJJqj33K6O9wui3QgUXrOLp_T9HmaXhaxQCJ7WJ4Ou-kiHUhkDrPZdLT8XT-jRX2_CVuMVpPJZjmcLReTwXA0HI32NxCDwQAnYrBcTiaLyW41Wo02w91oNligQAwmSNGiwWQ1Gk0Wk-FqNFnNlovdboMUrVrNRpvBcDWbzHa71XAwXI5GOGGL0Woy2SyHs-ViMhiOhqPREGHCsPENRx7XWmUYLdai5cTilhgnk7XCsZtYZiOLw2KbuUWvj-k5Go1mpoUXBQNa9iK4SCcip-fx-ryVnrPL5zR9nqaXRSzRnCzSieyyr42cu4nHY_ItJ5bJyGQy7GYmz240WrkMC-duM9g3DBvfcORxrVWG0WItWk4sbolxMlkrHLuJZTayOCy2mVv0-pieo9FoZlr4G7PRcjAbjpaDfWM2Wg5mw9FysO8wmZ6pz9koXRt7Hpnm1nqJ_DLzQeEyWLxP1epi7I4O2t7z6FQZV8rOzmjeVoReg8Jz8Jim5Z72ceyGDMPhQeE4GBSxRHC6SCeil_F0EUskT4t0opw5ZwvXZmJyTgyLhcPhG82Ws-VqZJmZbLvNYjYRS5Smi3Si1xhdHq9fYTc9bU_L6_N5mF2eu8bvtqj_2DC7uWo5V8xGc8Vgs0oAAAAAAAAAAEuYM28CAAAAcBrIZDQcrZYLMOFYqwsMAgAAAAAAUNz4sQQ5PY_X5630nF0-p-nzNL2sDPDgtMi82TNBrNVqWQMAAAhgAwAABHDr5j2AJBrJAQ!&cmcv=&pix=undefined&cb=1649068491369&uv=3154&tms=1649068491369&abt=adh5c-1_vA!adh5c_vA!iiqd1_vB!iiqd2_vB!iiqd5_vB!lvlstst-in1_vC!lvlstst_vC!pblc_vE!rv2r_vB!spa2_vB!t45!t45!t45!t45!u2822_vA!ufm!ul108542-557_vB&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=C7626C21B2930084691458712140&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:1045:b1b6:a84f:9c3b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 10:34:51 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2

200

rtb-h Show response
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame C65B
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=dc3796b5-b402-11ec-820d-1fe3cd8f0406&orig=video&us_privacy=1---gdpr=1&

0
98 B

21ms
20ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=dc3796b5-b402-11ec-820d-1fe3cd8f0406&orig=video&us_privacy=1---gdpr=1&
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8061395&crid=4826575&dast=V7HDgCFgOnZMTWIYfa2ASnZMTWIYfa2AUAAAAGBuIHHMObTWYbymJCWW4Gg-FotlyMVsPdYrIYDYawMbzZZLahLCaU5WYwGI5mw81oMlltJrvNFAIn9yLyux1Ou0U6kAhNp8Pnutfrfr-70nN2-Zymz9P0smv8botYIFEZDy_L0-2ymy7SgUTuMv3-lq-_5LI5XGfTRSyQCP6ep-npt1ukA4nob7iIBRLN0W853R1ul0U6kCg9Z5fPafo8TS-LWCCRPSxPh910kQ4kMofZbDpa_q6f0aJ-Qw2aTofPda_X_X53pefs8jlNn6fpZdf43X6N0eXx-hV209P2tLw-n4fZ5blr_G6_HAAAAAAeAJJKnyF-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAAKUo80AJI4DuTvujicxn8AADw8gAAACGCQAAy4NZUAlHAtnAAAAAAAAAAAsPz____HAOwFTMsAXACO9QA8-AA8EBUwFzECAAAAKNkhPTua1AmVRRUAAEG6FcAVAEDAHz0J0GkYAACAgJgWktJu49vq99gCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTUhJ-TANSCkdS-wUEAFj7BQQAYFM3AIC3ALiQ40DT6fC57vW63--u9JxdPqfp8zS97Bq_2y86glYMBqsLiNkBAAAA3P3____jaSEp7Ta-rX7rgdjIuZt4PCbfcmKZjEwmw25m8uxGo5XLsHDuNoPtbY6OqMroNVv0BU7uReR3O5x2i3QgEZpOh891r9f9fnel5-zyOU2fp-ll1_jdFrFAojIeXpan22U3XaQDidxl-v0tX3_JZXO4zqaLWCAR_D1P09Nvt0gHEtHfcBELJJqj33K6O9wui3QgUXrOLp_T9HmaXhaxQCJ7WJ4Ou-kiHUhkDrPZdLT8XT-jRX2_CVuMVpPJZjmcLReTwXA0HI32NxCDwQAnYrBcTiaLyW41Wo02w91oNligQAwmSNGiwWQ1Gk0Wk-FqNFnNlovdboMUrVrNRpvBcDWbzHa71XAwXI5GOGGL0Woy2SyHs-ViMhiOhqPREGHCsPENRx7XWmUYLdai5cTilhgnk7XCsZtYZiOLw2KbuUWvj-k5Go1mpoUXBQNa9iK4SCcip-fx-ryVnrPL5zR9nqaXRSzRnCzSieyyr42cu4nHY_ItJ5bJyGQy7GYmz240WrkMC-duM9g3DBvfcORxrVWG0WItWk4sbolxMlkrHLuJZTayOCy2mVv0-pieo9FoZlr4G7PRcjAbjpaDfWM2Wg5mw9FysO8wmZ6pz9koXRt7Hpnm1nqJ_DLzQeEyWLxP1epi7I4O2t7z6FQZV8rOzmjeVoReg8Jz8Jim5Z72ceyGDMPhQeE4GBSxRHC6SCeil_F0EUskT4t0opw5ZwvXZmJyTgyLhcPhG82Ws-VqZJmZbLvNYjYRS5Smi3Si1xhdHq9fYTc9bU_L6_N5mF2eu8bvtqj_2DC7uWo5V8xGc8Vgs0oAAAAAAAAAAEuYM28CAAAAcBrIZDQcrZYLMOFYqwsMAgAAAAAAUNz4sQQ5PY_X5630nF0-p-nzNL2sDPDgtMi82TNBrNVqWQMAAAhgAwAABHDr5j2AJBrJAQ!&cmcv=&pix=undefined&cb=1649068491369&uv=3154&tms=1649068491369&abt=adh5c-1_vA!adh5c_vA!iiqd1_vB!iiqd2_vB!iiqd5_vB!lvlstst-in1_vC!lvlstst_vC!pblc_vE!rv2r_vB!spa2_vB!t45!t45!t45!t45!u2822_vA!ufm!ul108542-557_vB&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=C7626C21B2930084691458712140&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 10:34:51 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 18990

Redirect headers

Date: Mon, 04 Apr 2022 10:34:51 GMT
Server: nginx
Location: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=dc3796b5-b402-11ec-820d-1fe3cd8f0406&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 92
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame C65B 43 B
220 B 466ms
23ms Image
image/gif 18.195.192.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8061395&crid=4826575&dast=V7HDgCFgOnZMTWIYfa2ASnZMTWIYfa2AUAAAAGBuIHHMObTWYbymJCWW4Gg-FotlyMVsPdYrIYDYawMbzZZLahLCaU5WYwGI5mw81oMlltJrvNFAIn9yLyux1Ou0U6kAhNp8Pnutfrfr-70nN2-Zymz9P0smv8botYIFEZDy_L0-2ymy7SgUTuMv3-lq-_5LI5XGfTRSyQCP6ep-npt1ukA4nob7iIBRLN0W853R1ul0U6kCg9Z5fPafo8TS-LWCCRPSxPh910kQ4kMofZbDpa_q6f0aJ-Qw2aTofPda_X_X53pefs8jlNn6fpZdf43X6N0eXx-hV209P2tLw-n4fZ5blr_G6_HAAAAAAeAJJKnyF-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAAKUo80AJI4DuTvujicxn8AADw8gAAACGCQAAy4NZUAlHAtnAAAAAAAAAAAsPz____HAOwFTMsAXACO9QA8-AA8EBUwFzECAAAAKNkhPTua1AmVRRUAAEG6FcAVAEDAHz0J0GkYAACAgJgWktJu49vq99gCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTUhJ-TANSCkdS-wUEAFj7BQQAYFM3AIC3ALiQ40DT6fC57vW63--u9JxdPqfp8zS97Bq_2y86glYMBqsLiNkBAAAA3P3____jaSEp7Ta-rX7rgdjIuZt4PCbfcmKZjEwmw25m8uxGo5XLsHDuNoPtbY6OqMroNVv0BU7uReR3O5x2i3QgEZpOh891r9f9fnel5-zyOU2fp-ll1_jdFrFAojIeXpan22U3XaQDidxl-v0tX3_JZXO4zqaLWCAR_D1P09Nvt0gHEtHfcBELJJqj33K6O9wui3QgUXrOLp_T9HmaXhaxQCJ7WJ4Ou-kiHUhkDrPZdLT8XT-jRX2_CVuMVpPJZjmcLReTwXA0HI32NxCDwQAnYrBcTiaLyW41Wo02w91oNligQAwmSNGiwWQ1Gk0Wk-FqNFnNlovdboMUrVrNRpvBcDWbzHa71XAwXI5GOGGL0Woy2SyHs-ViMhiOhqPREGHCsPENRx7XWmUYLdai5cTilhgnk7XCsZtYZiOLw2KbuUWvj-k5Go1mpoUXBQNa9iK4SCcip-fx-ryVnrPL5zR9nqaXRSzRnCzSieyyr42cu4nHY_ItJ5bJyGQy7GYmz240WrkMC-duM9g3DBvfcORxrVWG0WItWk4sbolxMlkrHLuJZTayOCy2mVv0-pieo9FoZlr4G7PRcjAbjpaDfWM2Wg5mw9FysO8wmZ6pz9koXRt7Hpnm1nqJ_DLzQeEyWLxP1epi7I4O2t7z6FQZV8rOzmjeVoReg8Jz8Jim5Z72ceyGDMPhQeE4GBSxRHC6SCeil_F0EUskT4t0opw5ZwvXZmJyTgyLhcPhG82Ws-VqZJmZbLvNYjYRS5Smi3Si1xhdHq9fYTc9bU_L6_N5mF2eu8bvtqj_2DC7uWo5V8xGc8Vgs0oAAAAAAAAAAEuYM28CAAAAcBrIZDQcrZYLMOFYqwsMAgAAAAAAUNz4sQQ5PY_X5630nF0-p-nzNL2sDPDgtMi82TNBrNVqWQMAAAhgAwAABHDr5j2AJBrJAQ!&cmcv=&pix=undefined&cb=1649068491369&uv=3154&tms=1649068491369&abt=adh5c-1_vA!adh5c_vA!iiqd1_vB!iiqd2_vB!iiqd5_vB!lvlstst-in1_vC!lvlstst_vC!pblc_vE!rv2r_vB!spa2_vB!t45!t45!t45!t45!u2822_vA!ufm!ul108542-557_vB&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=C7626C21B2930084691458712140&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.192.101 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-192-101.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Mon, 04 Apr 2022 10:34:51 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

/
sync.taboola.com/sg/quantcastrtb-network/1/rtb-h/ Frame C65B
Redirect Chain

https://cms.quantserve.com/pixel/p-FyWrHAMskJyru.gif?idmatch=0&us_privacy=1---&gdpr=1&&redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fquantcastrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24UID%26orig%3...
https://sync.taboola.com/sg/quantcastrtb-network/1/rtb-h/?&taboola_hm=59ympbLX8ab8ivCm44u_8eaIo_f836Cm4o3WO53M

0
98 B

56ms
20ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/quantcastrtb-network/1/rtb-h/?&taboola_hm=59ympbLX8ab8ivCm44u_8eaIo_f836Cm4o3WO53M
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8061395&crid=4826575&dast=V7HDgCFgOnZMTWIYfa2ASnZMTWIYfa2AUAAAAGBuIHHMObTWYbymJCWW4Gg-FotlyMVsPdYrIYDYawMbzZZLahLCaU5WYwGI5mw81oMlltJrvNFAIn9yLyux1Ou0U6kAhNp8Pnutfrfr-70nN2-Zymz9P0smv8botYIFEZDy_L0-2ymy7SgUTuMv3-lq-_5LI5XGfTRSyQCP6ep-npt1ukA4nob7iIBRLN0W853R1ul0U6kCg9Z5fPafo8TS-LWCCRPSxPh910kQ4kMofZbDpa_q6f0aJ-Qw2aTofPda_X_X53pefs8jlNn6fpZdf43X6N0eXx-hV209P2tLw-n4fZ5blr_G6_HAAAAAAeAJJKnyF-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAAKUo80AJI4DuTvujicxn8AADw8gAAACGCQAAy4NZUAlHAtnAAAAAAAAAAAsPz____HAOwFTMsAXACO9QA8-AA8EBUwFzECAAAAKNkhPTua1AmVRRUAAEG6FcAVAEDAHz0J0GkYAACAgJgWktJu49vq99gCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTUhJ-TANSCkdS-wUEAFj7BQQAYFM3AIC3ALiQ40DT6fC57vW63--u9JxdPqfp8zS97Bq_2y86glYMBqsLiNkBAAAA3P3____jaSEp7Ta-rX7rgdjIuZt4PCbfcmKZjEwmw25m8uxGo5XLsHDuNoPtbY6OqMroNVv0BU7uReR3O5x2i3QgEZpOh891r9f9fnel5-zyOU2fp-ll1_jdFrFAojIeXpan22U3XaQDidxl-v0tX3_JZXO4zqaLWCAR_D1P09Nvt0gHEtHfcBELJJqj33K6O9wui3QgUXrOLp_T9HmaXhaxQCJ7WJ4Ou-kiHUhkDrPZdLT8XT-jRX2_CVuMVpPJZjmcLReTwXA0HI32NxCDwQAnYrBcTiaLyW41Wo02w91oNligQAwmSNGiwWQ1Gk0Wk-FqNFnNlovdboMUrVrNRpvBcDWbzHa71XAwXI5GOGGL0Woy2SyHs-ViMhiOhqPREGHCsPENRx7XWmUYLdai5cTilhgnk7XCsZtYZiOLw2KbuUWvj-k5Go1mpoUXBQNa9iK4SCcip-fx-ryVnrPL5zR9nqaXRSzRnCzSieyyr42cu4nHY_ItJ5bJyGQy7GYmz240WrkMC-duM9g3DBvfcORxrVWG0WItWk4sbolxMlkrHLuJZTayOCy2mVv0-pieo9FoZlr4G7PRcjAbjpaDfWM2Wg5mw9FysO8wmZ6pz9koXRt7Hpnm1nqJ_DLzQeEyWLxP1epi7I4O2t7z6FQZV8rOzmjeVoReg8Jz8Jim5Z72ceyGDMPhQeE4GBSxRHC6SCeil_F0EUskT4t0opw5ZwvXZmJyTgyLhcPhG82Ws-VqZJmZbLvNYjYRS5Smi3Si1xhdHq9fYTc9bU_L6_N5mF2eu8bvtqj_2DC7uWo5V8xGc8Vgs0oAAAAAAAAAAEuYM28CAAAAcBrIZDQcrZYLMOFYqwsMAgAAAAAAUNz4sQQ5PY_X5630nF0-p-nzNL2sDPDgtMi82TNBrNVqWQMAAAhgAwAABHDr5j2AJBrJAQ!&cmcv=&pix=undefined&cb=1649068491369&uv=3154&tms=1649068491369&abt=adh5c-1_vA!adh5c_vA!iiqd1_vB!iiqd2_vB!iiqd5_vB!lvlstst-in1_vC!lvlstst_vC!pblc_vE!rv2r_vB!spa2_vB!t45!t45!t45!t45!u2822_vA!ufm!ul108542-557_vB&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=C7626C21B2930084691458712140&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 10:34:51 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 18990

Redirect headers

pragma: no-cache
date: Mon, 04 Apr 2022 10:34:51 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://sync.taboola.com/sg/quantcastrtb-network/1/rtb-h/?&taboola_hm=59ympbLX8ab8ivCm44u_8eaIo_f836Cm4o3WO53M
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 7C73 70 B
265 B 442ms
34ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7HDgCFgOnZMTWIYfa2ASnZMTWIYfa2AUAAAAGBuIHHMObTWYbymJCWW4Gg-FotlyMVsPdYrIYDYawMbzZZLahLCaU5WYwGI5mw81oMlltJrvNFAIn9yLyux1Ou0U6kAhNp8Pnutfrfr-70nN2-Zymz9P0smv8botYIFEZDy_L0-2ymy7SgUTuMv3-lq-_5LI5XGfTRSyQCP6ep-npt1ukA4nob7iIBRLN0W853R1ul0U6kCg9Z5fPafo8TS-LWCCRPSxPh910kQ4kMofZbDpa_q6f0aJ-Qw2aTofPda_X_X53pefs8jlNn6fpZdf43X6N0eXx-hV209P2tLw-n4fZ5blr_G6_HAAAAAAeAJJKnyF-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAAKUo80AJI4DuTvujicxn8AADw8gAAACGCQAAy4NZUAlHAtnAAAAAAAAAAAsPz____HAOwFTMsAXACO9QA8-AA8EBUwFzECAAAAKNkhPTua1AmVRRUAAEG6FcAVAEDAHz0J0GkYAACAgJgWktJu49vq99gCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTUhJ-TANSCkdS-wUEAFj7BQQAYFM3AIC3ALiQ40DT6fC57vW63--u9JxdPqfp8zS97Bq_2y86glYMBqsLiNkBAAAA3P3____jaSEp7Ta-rX7rgdjIuZt4PCbfcmKZjEwmw25m8uxGo5XLsHDuNoPtbY6OqMroNVv0BU7uReR3O5x2i3QgEZpOh891r9f9fnel5-zyOU2fp-ll1_jdFrFAojIeXpan22U3XaQDidxl-v0tX3_JZXO4zqaLWCAR_D1P09Nvt0gHEtHfcBELJJqj33K6O9wui3QgUXrOLp_T9HmaXhaxQCJ7WJ4Ou-kiHUhkDrPZdLT8XT-jRX2_CVuMVpPJZjmcLReTwXA0HI32NxCDwQAnYrBcTiaLyW41Wo02w91oNligQAwmSNGiwWQ1Gk0Wk-FqNFnNlovdboMUrVrNRpvBcDWbzHa71XAwXI5GOGGL0Woy2SyHs-ViMhiOhqPREGHCsPENRx7XWmUYLdai5cTilhgnk7XCsZtYZiOLw2KbuUWvj-k5Go1mpoUXBQNa9iK4SCcip-fx-ryVnrPL5zR9nqaXRSzRnCzSieyyr42cu4nHY_ItJ5bJyGQy7GYmz240WrkMC-duM9g3DBvfcORxrVWG0WItWk4sbolxMlkrHLuJZTayOCy2mVv0-pieo9FoZlr4G7PRcjAbjpaDfWM2Wg5mw9FysO8wmZ6pz9koXRt7Hpnm1nqJ_DLzQeEyWLxP1epi7I4O2t7z6FQZV8rOzmjeVoReg8Jz8Jim5Z72ceyGDMPhQeE4GBSxRHC6SCeil_F0EUskT4t0opw5ZwvXZmJyTgyLhcPhG82Ws-VqZJmZbLvNYjYRS5Smi3Si1xhdHq9fYTc9bU_L6_N5mF2eu8bvtqj_2DC7uWo5V8xGc8Vgs0oAAAAAAAAAAEuYM28CAAAAcBrIZDQcrZYLMOFYqwsMAgAAAAAAUNz4sQQ5PY_X5630nF0-p-nzNL2sDPDgtMi82TNBrNVqWQMAAAhgAwAABHDr5j2AJBrJAQ!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 10:34:51 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame 7C73 43 B
183 B 503ms
95ms Image
image/gif 2600:1f18:612b:4216:1045:b1b6:a84f:9c3b
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7HDgCFgOnZMTWIYfa2ASnZMTWIYfa2AUAAAAGBuIHHMObTWYbymJCWW4Gg-FotlyMVsPdYrIYDYawMbzZZLahLCaU5WYwGI5mw81oMlltJrvNFAIn9yLyux1Ou0U6kAhNp8Pnutfrfr-70nN2-Zymz9P0smv8botYIFEZDy_L0-2ymy7SgUTuMv3-lq-_5LI5XGfTRSyQCP6ep-npt1ukA4nob7iIBRLN0W853R1ul0U6kCg9Z5fPafo8TS-LWCCRPSxPh910kQ4kMofZbDpa_q6f0aJ-Qw2aTofPda_X_X53pefs8jlNn6fpZdf43X6N0eXx-hV209P2tLw-n4fZ5blr_G6_HAAAAAAeAJJKnyF-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAAKUo80AJI4DuTvujicxn8AADw8gAAACGCQAAy4NZUAlHAtnAAAAAAAAAAAsPz____HAOwFTMsAXACO9QA8-AA8EBUwFzECAAAAKNkhPTua1AmVRRUAAEG6FcAVAEDAHz0J0GkYAACAgJgWktJu49vq99gCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTUhJ-TANSCkdS-wUEAFj7BQQAYFM3AIC3ALiQ40DT6fC57vW63--u9JxdPqfp8zS97Bq_2y86glYMBqsLiNkBAAAA3P3____jaSEp7Ta-rX7rgdjIuZt4PCbfcmKZjEwmw25m8uxGo5XLsHDuNoPtbY6OqMroNVv0BU7uReR3O5x2i3QgEZpOh891r9f9fnel5-zyOU2fp-ll1_jdFrFAojIeXpan22U3XaQDidxl-v0tX3_JZXO4zqaLWCAR_D1P09Nvt0gHEtHfcBELJJqj33K6O9wui3QgUXrOLp_T9HmaXhaxQCJ7WJ4Ou-kiHUhkDrPZdLT8XT-jRX2_CVuMVpPJZjmcLReTwXA0HI32NxCDwQAnYrBcTiaLyW41Wo02w91oNligQAwmSNGiwWQ1Gk0Wk-FqNFnNlovdboMUrVrNRpvBcDWbzHa71XAwXI5GOGGL0Woy2SyHs-ViMhiOhqPREGHCsPENRx7XWmUYLdai5cTilhgnk7XCsZtYZiOLw2KbuUWvj-k5Go1mpoUXBQNa9iK4SCcip-fx-ryVnrPL5zR9nqaXRSzRnCzSieyyr42cu4nHY_ItJ5bJyGQy7GYmz240WrkMC-duM9g3DBvfcORxrVWG0WItWk4sbolxMlkrHLuJZTayOCy2mVv0-pieo9FoZlr4G7PRcjAbjpaDfWM2Wg5mw9FysO8wmZ6pz9koXRt7Hpnm1nqJ_DLzQeEyWLxP1epi7I4O2t7z6FQZV8rOzmjeVoReg8Jz8Jim5Z72ceyGDMPhQeE4GBSxRHC6SCeil_F0EUskT4t0opw5ZwvXZmJyTgyLhcPhG82Ws-VqZJmZbLvNYjYRS5Smi3Si1xhdHq9fYTc9bU_L6_N5mF2eu8bvtqj_2DC7uWo5V8xGc8Vgs0oAAAAAAAAAAEuYM28CAAAAcBrIZDQcrZYLMOFYqwsMAgAAAAAAUNz4sQQ5PY_X5630nF0-p-nzNL2sDPDgtMi82TNBrNVqWQMAAAhgAwAABHDr5j2AJBrJAQ!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:1045:b1b6:a84f:9c3b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 10:34:51 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2

200

rtb-h Show response
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 7C73
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=dc37dafd-b402-11ec-9989-1891fad20406&orig=video&us_privacy=1---gdpr=1&

0
98 B

20ms
20ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=dc37dafd-b402-11ec-9989-1891fad20406&orig=video&us_privacy=1---gdpr=1&
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7HDgCFgOnZMTWIYfa2ASnZMTWIYfa2AUAAAAGBuIHHMObTWYbymJCWW4Gg-FotlyMVsPdYrIYDYawMbzZZLahLCaU5WYwGI5mw81oMlltJrvNFAIn9yLyux1Ou0U6kAhNp8Pnutfrfr-70nN2-Zymz9P0smv8botYIFEZDy_L0-2ymy7SgUTuMv3-lq-_5LI5XGfTRSyQCP6ep-npt1ukA4nob7iIBRLN0W853R1ul0U6kCg9Z5fPafo8TS-LWCCRPSxPh910kQ4kMofZbDpa_q6f0aJ-Qw2aTofPda_X_X53pefs8jlNn6fpZdf43X6N0eXx-hV209P2tLw-n4fZ5blr_G6_HAAAAAAeAJJKnyF-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAAKUo80AJI4DuTvujicxn8AADw8gAAACGCQAAy4NZUAlHAtnAAAAAAAAAAAsPz____HAOwFTMsAXACO9QA8-AA8EBUwFzECAAAAKNkhPTua1AmVRRUAAEG6FcAVAEDAHz0J0GkYAACAgJgWktJu49vq99gCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTUhJ-TANSCkdS-wUEAFj7BQQAYFM3AIC3ALiQ40DT6fC57vW63--u9JxdPqfp8zS97Bq_2y86glYMBqsLiNkBAAAA3P3____jaSEp7Ta-rX7rgdjIuZt4PCbfcmKZjEwmw25m8uxGo5XLsHDuNoPtbY6OqMroNVv0BU7uReR3O5x2i3QgEZpOh891r9f9fnel5-zyOU2fp-ll1_jdFrFAojIeXpan22U3XaQDidxl-v0tX3_JZXO4zqaLWCAR_D1P09Nvt0gHEtHfcBELJJqj33K6O9wui3QgUXrOLp_T9HmaXhaxQCJ7WJ4Ou-kiHUhkDrPZdLT8XT-jRX2_CVuMVpPJZjmcLReTwXA0HI32NxCDwQAnYrBcTiaLyW41Wo02w91oNligQAwmSNGiwWQ1Gk0Wk-FqNFnNlovdboMUrVrNRpvBcDWbzHa71XAwXI5GOGGL0Woy2SyHs-ViMhiOhqPREGHCsPENRx7XWmUYLdai5cTilhgnk7XCsZtYZiOLw2KbuUWvj-k5Go1mpoUXBQNa9iK4SCcip-fx-ryVnrPL5zR9nqaXRSzRnCzSieyyr42cu4nHY_ItJ5bJyGQy7GYmz240WrkMC-duM9g3DBvfcORxrVWG0WItWk4sbolxMlkrHLuJZTayOCy2mVv0-pieo9FoZlr4G7PRcjAbjpaDfWM2Wg5mw9FysO8wmZ6pz9koXRt7Hpnm1nqJ_DLzQeEyWLxP1epi7I4O2t7z6FQZV8rOzmjeVoReg8Jz8Jim5Z72ceyGDMPhQeE4GBSxRHC6SCeil_F0EUskT4t0opw5ZwvXZmJyTgyLhcPhG82Ws-VqZJmZbLvNYjYRS5Smi3Si1xhdHq9fYTc9bU_L6_N5mF2eu8bvtqj_2DC7uWo5V8xGc8Vgs0oAAAAAAAAAAEuYM28CAAAAcBrIZDQcrZYLMOFYqwsMAgAAAAAAUNz4sQQ5PY_X5630nF0-p-nzNL2sDPDgtMi82TNBrNVqWQMAAAhgAwAABHDr5j2AJBrJAQ!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 10:34:51 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 18990

Redirect headers

Date: Mon, 04 Apr 2022 10:34:51 GMT
Server: nginx
Location: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=dc37dafd-b402-11ec-9989-1891fad20406&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 57
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 7C73 43 B
220 B 448ms
22ms Image
image/gif 18.195.192.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7HDgCFgOnZMTWIYfa2ASnZMTWIYfa2AUAAAAGBuIHHMObTWYbymJCWW4Gg-FotlyMVsPdYrIYDYawMbzZZLahLCaU5WYwGI5mw81oMlltJrvNFAIn9yLyux1Ou0U6kAhNp8Pnutfrfr-70nN2-Zymz9P0smv8botYIFEZDy_L0-2ymy7SgUTuMv3-lq-_5LI5XGfTRSyQCP6ep-npt1ukA4nob7iIBRLN0W853R1ul0U6kCg9Z5fPafo8TS-LWCCRPSxPh910kQ4kMofZbDpa_q6f0aJ-Qw2aTofPda_X_X53pefs8jlNn6fpZdf43X6N0eXx-hV209P2tLw-n4fZ5blr_G6_HAAAAAAeAJJKnyF-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAAKUo80AJI4DuTvujicxn8AADw8gAAACGCQAAy4NZUAlHAtnAAAAAAAAAAAsPz____HAOwFTMsAXACO9QA8-AA8EBUwFzECAAAAKNkhPTua1AmVRRUAAEG6FcAVAEDAHz0J0GkYAACAgJgWktJu49vq99gCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTUhJ-TANSCkdS-wUEAFj7BQQAYFM3AIC3ALiQ40DT6fC57vW63--u9JxdPqfp8zS97Bq_2y86glYMBqsLiNkBAAAA3P3____jaSEp7Ta-rX7rgdjIuZt4PCbfcmKZjEwmw25m8uxGo5XLsHDuNoPtbY6OqMroNVv0BU7uReR3O5x2i3QgEZpOh891r9f9fnel5-zyOU2fp-ll1_jdFrFAojIeXpan22U3XaQDidxl-v0tX3_JZXO4zqaLWCAR_D1P09Nvt0gHEtHfcBELJJqj33K6O9wui3QgUXrOLp_T9HmaXhaxQCJ7WJ4Ou-kiHUhkDrPZdLT8XT-jRX2_CVuMVpPJZjmcLReTwXA0HI32NxCDwQAnYrBcTiaLyW41Wo02w91oNligQAwmSNGiwWQ1Gk0Wk-FqNFnNlovdboMUrVrNRpvBcDWbzHa71XAwXI5GOGGL0Woy2SyHs-ViMhiOhqPREGHCsPENRx7XWmUYLdai5cTilhgnk7XCsZtYZiOLw2KbuUWvj-k5Go1mpoUXBQNa9iK4SCcip-fx-ryVnrPL5zR9nqaXRSzRnCzSieyyr42cu4nHY_ItJ5bJyGQy7GYmz240WrkMC-duM9g3DBvfcORxrVWG0WItWk4sbolxMlkrHLuJZTayOCy2mVv0-pieo9FoZlr4G7PRcjAbjpaDfWM2Wg5mw9FysO8wmZ6pz9koXRt7Hpnm1nqJ_DLzQeEyWLxP1epi7I4O2t7z6FQZV8rOzmjeVoReg8Jz8Jim5Z72ceyGDMPhQeE4GBSxRHC6SCeil_F0EUskT4t0opw5ZwvXZmJyTgyLhcPhG82Ws-VqZJmZbLvNYjYRS5Smi3Si1xhdHq9fYTc9bU_L6_N5mF2eu8bvtqj_2DC7uWo5V8xGc8Vgs0oAAAAAAAAAAEuYM28CAAAAcBrIZDQcrZYLMOFYqwsMAgAAAAAAUNz4sQQ5PY_X5630nF0-p-nzNL2sDPDgtMi82TNBrNVqWQMAAAhgAwAABHDr5j2AJBrJAQ!&excid=22&docw=0&cijs=1&nlb=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.192.101 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-192-101.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Mon, 04 Apr 2022 10:34:51 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 9C77 17 KB
7 KB 361ms
59ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 10:34:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Apr 2022 10:34:51 GMT

GET
H2 204 b
sb.scorecardresearch.com/ Frame 24E8 0
283 B 23ms
23ms Image
text/plain 13.225.80.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1649068491489&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fwww.islegitsite.com%2Fcheck%2Fantivirussales.com%2F&c9=
Requested by: Host: www.islegitsite.com
URL: https://www.islegitsite.com/check/antivirussales.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.80.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-80-105.fra2.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 10:34:51 GMT
via: 1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: -6flA0-5myoJFIcxkb5OiGxy73eDIWPdpBb-sNLFPxhvlJvDeCZM1Q==
x-cache: Miss from cloudfront

GET
H2 204 debug
trc-events.taboola.com/disqus-islegitsite/log/2/ Frame 24E8 0
89 B 35ms
20ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/disqus-islegitsite/log/2/debug?tim=10%3A34%3A51.612&type=info&msg=https%3A%2F%2Fwww.islegitsite.com%2Fcheck%2Fantivirussales.com%2F&llvl=2&id=2156&cv=20220404-2-RELEASE&lt=deflated&pct=1
Requested by: Host: www.islegitsite.com
URL: https://www.islegitsite.com/check/antivirussales.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 10:34:51 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 18933

GET
H2 204 debug
trc-events.taboola.com/disqus-islegitsite/log/2/ Frame 24E8 0
89 B 34ms
19ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/disqus-islegitsite/log/2/debug?tim=10%3A34%3A51.612&type=info&msg=%7B%22mode%22%3A%22thumbnails-b%22%2C%22container%22%3A%22taboola%22%2C%22target_type%22%3A%22mix%22%2C%22placement%22%3A%22%7B%5C%22domain%5C%22%3A%20%5C%22https%3A%2F%2Fwww.islegitsite.com%5C%22%2C%20%5C%22experiment%5C%22%3A%20%5C%22network_default%5C%22%2C%20%5C%22position%5C%22%3A%20%5C%22bottom%5C%22%2C%20%5C%22shortname%5C%22%3A%20%5C%22islegitsite%5C%22%2C%20%5C%22variant%5C%22%3A%20%5C%22fallthrough%5C%22%7D%22%7D&llvl=2&id=6541&cv=20220404-2-RELEASE&lt=deflated&pct=1
Requested by: Host: www.islegitsite.com
URL: https://www.islegitsite.com/check/antivirussales.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 10:34:51 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 18933

POST
H2 200 all
csm.eu.criteo.net/ Frame 94A1 0
127 B 20ms
20ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 04 Apr 2022 10:34:51 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3D9C 13 KB
5 KB 27ms
25ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
age: 1160
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Apr 2022 10:15:31 GMT
expires: Tue, 04 Apr 2023 10:15:31 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7571 783 B
533 B 39ms
38ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b7bd314d93d630b87e83789f36d636f2fcd3180e6d81b9eda2d910e048d953f8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NoogbNrwibpCvkzj388s1g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-NoogbNrwibpCvkzj388s1g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 04 Apr 2022 10:34:51 GMT
expires: Mon, 04 Apr 2022 10:34:51 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 3b8ZtKHcFUSYKihZpywKVICyDtFsaoLwoCuDyEZifyk.js Show response
pagead2.googlesyndication.com/bg/ Frame 3D9C 35 KB
13 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3b8ZtKHcFUSYKihZpywKVICyDtFsaoLwoCuDyEZifyk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddbf19b4a1dc1544982a2859a72c0a5480b20ed16c6a82f0a02b83c846627f29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 12:43:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 165080
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13770
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 02 Apr 2023 12:43:31 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7571 0
0 78ms
77ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022032106&jk=2363002888246402&rc=
Requested by: Host: www.islegitsite.com
URL: https://www.islegitsite.com/check/antivirussales.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

POST
H2 204 bulk Show response
trc.taboola.com/disqus-islegitsite/log/3/ Frame B3E6 0
215 B 33ms
32ms XHR
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/disqus-islegitsite/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220404-2-RELEASE.es5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.islegitsite.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 15
pragma: no-cache
date: Mon, 04 Apr 2022 10:34:51 GMT
via: 1.1 varnish
server: nginx
x-timer: S1649068492.947408,VS0,VE15
x-served-by: cache-cdg20723-CDG
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.islegitsite.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 936F
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

281 B
554 B

121ms
24ms

Document
text/html

23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7HDgCFgOnZMTWIYfa2ASnZMTWIYfa2AUAAAAGBuIHHMObTWYbymJCWW4Gg-FotlyMVsPdYrIYDYawMbzZZLahLCaU5WYwGI5mw81oMlltJrvNFAIn9yLyux1Ou0U6kAhNp8Pnutfrfr-70nN2-Zymz9P0smv8botYIFEZDy_L0-2ymy7SgUTuMv3-lq-_5LI5XGfTRSyQCP6ep-npt1ukA4nob7iIBRLN0W853R1ul0U6kCg9Z5fPafo8TS-LWCCRPSxPh910kQ4kMofZbDpa_q6f0aJ-Qw2aTofPda_X_X53pefs8jlNn6fpZdf43X6N0eXx-hV209P2tLw-n4fZ5blr_G6_HAAAAAAeAJJKnyF-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAAKUo80AJI4DuTvujicxn8AADw8gAAACGCQAAy4NZUAlHAtnAAAAAAAAAAAsPz____HAOwFTMsAXACO9QA8-AA8EBUwFzECAAAAKNkhPTua1AmVRRUAAEG6FcAVAEDAHz0J0GkYAACAgJgWktJu49vq99gCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTUhJ-TANSCkdS-wUEAFj7BQQAYFM3AIC3ALiQ40DT6fC57vW63--u9JxdPqfp8zS97Bq_2y86glYMBqsLiNkBAAAA3P3____jaSEp7Ta-rX7rgdjIuZt4PCbfcmKZjEwmw25m8uxGo5XLsHDuNoPtbY6OqMroNVv0BU7uReR3O5x2i3QgEZpOh891r9f9fnel5-zyOU2fp-ll1_jdFrFAojIeXpan22U3XaQDidxl-v0tX3_JZXO4zqaLWCAR_D1P09Nvt0gHEtHfcBELJJqj33K6O9wui3QgUXrOLp_T9HmaXhaxQCJ7WJ4Ou-kiHUhkDrPZdLT8XT-jRX2_CVuMVpPJZjmcLReTwXA0HI32NxCDwQAnYrBcTiaLyW41Wo02w91oNligQAwmSNGiwWQ1Gk0Wk-FqNFnNlovdboMUrVrNRpvBcDWbzHa71XAwXI5GOGGL0Woy2SyHs-ViMhiOhqPREGHCsPENRx7XWmUYLdai5cTilhgnk7XCsZtYZiOLw2KbuUWvj-k5Go1mpoUXBQNa9iK4SCcip-fx-ryVnrPL5zR9nqaXRSzRnCzSieyyr42cu4nHY_ItJ5bJyGQy7GYmz240WrkMC-duM9g3DBvfcORxrVWG0WItWk4sbolxMlkrHLuJZTayOCy2mVv0-pieo9FoZlr4G7PRcjAbjpaDfWM2Wg5mw9FysO8wmZ6pz9koXRt7Hpnm1nqJ_DLzQeEyWLxP1epi7I4O2t7z6FQZV8rOzmjeVoReg8Jz8Jim5Z72ceyGDMPhQeE4GBSxRHC6SCeil_F0EUskT4t0opw5ZwvXZmJyTgyLhcPhG82Ws-VqZJmZbLvNYjYRS5Smi3Si1xhdHq9fYTc9bU_L6_N5mF2eu8bvtqj_2DC7uWo5V8xGc8Vgs0oAAAAAAAAAAEuYM28CAAAAcBrIZDQcrZYLMOFYqwsMAgAAAAAAUNz4sQQ5PY_X5630nF0-p-nzNL2sDPDgtMi82TNBrNVqWQMAAAhgAwAABHDr5j2AJBrJAQ!&excid=22&docw=0&cijs=1&nlb=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://am-match.taboola.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 04 Apr 2022 10:34:52 GMT
ETag: "402b2-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Mon, 04 Apr 2022 10:34:52 GMT
location: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
server: AkamaiGHost

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3D9C 0
9 B 24ms
23ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?oO-sqQ
Requested by: Host: www.islegitsite.com
URL: https://www.islegitsite.com/check/antivirussales.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 10:34:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame B3E6 254 B
718 B 18ms
18ms Image
image/png 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: www.islegitsite.com
URL: https://www.islegitsite.com/check/antivirussales.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via: 1.1 varnish
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
age: 5142
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: zDuIcdt6S3stmzYEfDXrVDdNiMz2/9b67ArEVSE+q2VR4x9Mp+wDNkBA2o6YRkq7ELRmLKpGRJk=
x-served-by: cache-cdg20723-CDG
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1649068492.082531,VS0,VE0
date: Mon, 04 Apr 2022 10:34:52 GMT
x-amz-request-id: YPR93VMR3A8JGEX4
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/png
abp: 13
x-cache-hits: 2037

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 936F 32 KB
10 KB 31ms
31ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b7781f6fa62c80c336671d895754a77ce8d0f5e9fe30e0b1f40d08c66261408b

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Mon, 04 Apr 2022 10:34:52 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Mar 2022 16:28:01 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=18793
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9541
Expires: Mon, 04 Apr 2022 15:48:05 GMT

POST
H/1.1 200 538.json Show response
id5-sync.com/g/v2/ Frame 24E8 213 B
537 B 100ms
23ms XHR
application/json 51.195.5.234
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/538.json

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158685/2513/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.195.5.234 , France, ASN16276 (OVH, FR),

Reverse DNS

p36.id5-sync.com

Software

Resource Hash

ae40282c5f773da1194112a95bb8dc6598ca13d6595375979b1f6bae17e91176

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.islegitsite.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.islegitsite.com
Date: Mon, 04 Apr 2022 10:34:51 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

GET
H2 200 id Show response
id.crwdcntrl.net/ Frame 24E8 63 B
339 B 115ms
39ms XHR
application/json 63.32.97.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158685/2513/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.97.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-97-205.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 1450d0d5a043ddfb85f0b63473c5869ede6d21d865dd5a66d1487ab6903968d2

Request headers

Referer: https://www.islegitsite.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 10:34:52 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.islegitsite.com
cache-control: no-cache
x-server: 10.45.1.128
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 63
expires: 0

GET
H2 204 id Show response
id.sharedid.org/ Frame 24E8 0
215 B 544ms
165ms XHR
text/plain 52.10.138.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.sharedid.org/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158685/2513/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.10.138.188 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-10-138-188.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.islegitsite.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.islegitsite.com
pragma: no-cache
date: Mon, 04 Apr 2022 10:34:52 GMT
cache-control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame 24E8 109 B
545 B 35ms
34ms XHR
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158685/2513/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: d39317f3b271c9d4578cfa5277f68b09c405a46464ebc92e2740354535d895ac

Request headers

Referer: https://www.islegitsite.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Apr 2022 10:34:52 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.islegitsite.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Wed, 04 May 2022 10:34:52 GMT

GET
H2 451 envelope Show response
api.rlcdn.com/api/identity/ Frame 24E8 44 B
330 B 81ms
30ms XHR
text/plain 34.120.133.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity/envelope?pid=1258

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158685/2513/pwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.islegitsite.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Apr 2022 10:34:52 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.islegitsite.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 44

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 936F 284 B
536 B 115ms
25ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/jpg

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 936F 0
239 B 96ms
24ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=15414&gdpr=1&us_privacy=1---&gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/gif

POST
H/1.1 200 538.json Show response
id5-sync.com/g/v2/ Frame 9C77 212 B
536 B 24ms
24ms XHR
application/json 51.195.5.234
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/538.json

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158685/2513/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.195.5.234 , France, ASN16276 (OVH, FR),

Reverse DNS

p36.id5-sync.com

Software

Resource Hash

148a447ab223bf877426efcd990d81885006b3eb5e71f0ef1cc09ccf243b55a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.islegitsite.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.islegitsite.com
Date: Mon, 04 Apr 2022 10:34:51 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

GET
H2 200 id Show response
id.crwdcntrl.net/ Frame 9C77 63 B
339 B 42ms
42ms XHR
application/json 63.32.97.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158685/2513/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.97.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-97-205.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 52f4734559e82974a0ce7f7a69709d4a6e2231651d1a798e40131facd73fb972

Request headers

Referer: https://www.islegitsite.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 10:34:52 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.islegitsite.com
cache-control: no-cache
x-server: 10.45.29.241
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 63
expires: 0

GET
H2 204 id Show response
id.sharedid.org/ Frame 9C77 0
216 B 391ms
164ms XHR
text/plain 52.10.138.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.sharedid.org/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158685/2513/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.10.138.188 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-10-138-188.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.islegitsite.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.islegitsite.com
pragma: no-cache
date: Mon, 04 Apr 2022 10:34:52 GMT
cache-control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame 9C77 108 B
544 B 34ms
34ms XHR
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158685/2513/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 803fe9d277fb3b09299e76aab9b6a243d745f1d0d7e81f89283706cf8c811d05

Request headers

Referer: https://www.islegitsite.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Apr 2022 10:34:52 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.islegitsite.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 108
expires: Wed, 04 May 2022 10:34:52 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 38ms
38ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220330&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac8a36a20746166c403d3bbe6e18a2f5f02a7d2b4a15ccf1c4b45017af869127

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Apr 2022 10:34:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10460
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 10:34:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Apr 2022 10:34:52 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A5C8 13 KB
5 KB 25ms
24ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
age: 1161
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Apr 2022 10:15:31 GMT
expires: Tue, 04 Apr 2023 10:15:31 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame BB8C 783 B
533 B 38ms
38ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c92beefaaae2367089d0025f47c82df96a6e45cbe4b522f6d1aaa8a70ad2efcd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GPmj77caDCtCnrvALb+TKw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-GPmj77caDCtCnrvALb+TKw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 04 Apr 2022 10:34:52 GMT
expires: Mon, 04 Apr 2022 10:34:52 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9C77 0
20 B 61ms
60ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022032106&jk=2363002888246402&bg=!TE-lTwvNAAZku-1yRLs7ACkAdvg8Wjjqc9RRWbTdna10ErDCLMmm9Jb6ckwKiYytc1tfR2CE7t_90AIAAABnUgAAAANoAQeZAwEK5d5nYyuftSkN-SbRgBAGcrpRmdFbCKvbqMRW3uZVvluy3X2WBJXblR1JTVXzG5lcHv5cDfnX3IkUOr9YqSt-0p3c5ajOg2vxIbgnEH1R8qfSqY6J_fNSkez1398IXN7-onIa1Js90QrQFRfa1TEhH_g2AFL_N-AdDR6uJlXIGTdneplbCkxF5u__jAcmrTAa1ZAqXy_2_O6DLDNiDHr3K9ZdiHKj0jx5F7Z3soD506SajpwkVtnnfnPx1AkyopcFb2OnwUu4yoKWgo95VajwP0joPE-dYt7cUnPvdNyDpB0WatB2Xew-gDevV2VHcqpOofbHzQTkFXAjU-CBLJ-3dnI9jK9QH_-ohlx96yw63Sc9uGU55qfMiL9RBok-r18MG_UEAwoGfKNioMU6NAMeOYUPz15XmhOg_gXxEL5WrHCupcHv1GUEdkQ3q7Rg-Q4iHwnyihsdO4uwipyuQBlbmK23k6fmkKM3iQVfyBiWhU9lTMAhYd4h1uQfbom-0TXExml13szuTiJzhP-WLyp7Z1KwnUYt4km0cB2QxYx04f2BHHkE6tSlE-xHq6pfFYioeQQaqrto3BcQ_tkNYrIJ5fKy2MrV0I4XTWluypiuiqCGvtjz63NbNAd6BoMz4axFWB7P-FPnZBNsI0SfOi3g-951UxFziR7VSAiDG7Q_71GHC1muvIYuFy6NcNtoLys-Q8t02u0zk_cKyyq2P1vGSk5Q9pL26de_Za0z_UKuaUg7coAIhfX3Z6Yb0IPwwvH3k9SY3w_xN1Pl7OHHVuTb-Ie6NMmA4ifV8YW_bHvzQVEhPioF-Hoz1ACRu2HZLa2k9vxchYLPzopF5a5x1IpYYZZVaBI84OyrijYEv1TXqQn80FZAsxwv9Wi-1bjL8-nIknob5JJktjMppjxDwBMHHVTlVgPWWyiqZX01Vma_JAwa0scuwPcFDTNIni4MX1v6tLpYYvrnJy_-I6V6mdVb78NUyTdg4Y2poWwRQABBGSrFVzES1lpiJqHt8RZpahfd

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 10:34:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 3b8ZtKHcFUSYKihZpywKVICyDtFsaoLwoCuDyEZifyk.js Show response
pagead2.googlesyndication.com/bg/ Frame A5C8 35 KB
13 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3b8ZtKHcFUSYKihZpywKVICyDtFsaoLwoCuDyEZifyk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddbf19b4a1dc1544982a2859a72c0a5480b20ed16c6a82f0a02b83c846627f29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 12:43:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 165081
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13770
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 02 Apr 2023 12:43:31 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame BB8C 0
0 73ms
73ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220330&jk=2930153952973527&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A5C8 0
9 B 24ms
24ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?WgwQig
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 10:34:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ Frame B3E6 2 KB
1 KB 31ms
31ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220404-2-RELEASE.es5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id: iYtYacMlAb7PnD4NbVgysKvLj2fov4iK
content-encoding: gzip
etag: "3aa74dbf5cd656dbb65deda2d238ddbd"
age: 3021
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 911
x-amz-id-2: sQ9PuvlVUvfy9VOyw9RVmhr0NxsCxRNxyTnHGvn1Bujq+mqmAdXteoWphMaAB6kNSTGwBOWFpJo=
x-served-by: cache-cdg20723-CDG
last-modified: Wed, 14 Jul 2021 05:06:01 GMT
server: AmazonS3
x-timer: S1649068493.893130,VS0,VE0
date: Mon, 04 Apr 2022 10:34:52 GMT
vary: Accept-Encoding
x-amz-request-id: BCR2NYNR9ZK77EEK
via: 1.1 varnish
cache-control: private, max-age=3600
accept-ranges: bytes
content-type: application/javascript
abp: 13
x-cache-hits: 3785

GET
H2 200 eid.js Show response
cdn.taboola.com/scripts/ Frame B3E6 14 KB
5 KB 31ms
30ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/eid.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220404-2-RELEASE.es5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 82f3e86bf88366e93c62eb14a8a7aa06afb75aa135c27988f3ccb946875d2f33

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id: Rgk6TX83.a2Xbi9.mRUycMEPnxVzEJhe
content-encoding: gzip
etag: "f7917ed1eb799a729725a7db50d1f828"
age: 16754
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 5258
x-amz-id-2: qRyOxMGO1GxSoz8cX0+waTEazQJLkFEJdsI76e9hEm/DvWEjmlXxIr52QDxhsjwmhw0uYhKdF9M=
x-served-by: cache-cdg20723-CDG
last-modified: Tue, 28 Dec 2021 08:10:40 GMT
server: AmazonS3
x-timer: S1649068493.893189,VS0,VE0
date: Mon, 04 Apr 2022 10:34:52 GMT
vary: Accept-Encoding
x-amz-request-id: DV202RRYM45Y3QNW
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 13
x-cache-hits: 21425

GET
H2 200 / Show response
pips.taboola.com/ Frame B3E6 64 B
242 B 61ms
17ms XHR
text/plain 2a04:4e42:200::300
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: 7e60bf1f5f962915313c42c1ff9629c035d93aef5b3360ade5c2b3d7fff7882f

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 10:34:52 GMT
via: 1.1 varnish
server: Varnish
x-served-by: cache-cdg20737-CDG
access-control-allow-methods: GET
access-control-allow-origin: https://www.islegitsite.com
cache-control: no-store
x-cache: HIT
accept-ranges: bytes
content-length: 64
retry-after: 0
x-cache-hits: 0

GET
H/1.1 204
No Content / Show response
cds.taboola.com/ Frame B3E6 0
155 B 291ms
91ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=a0c78dc5-e041-49bb-b822-a17b26dbab6f-tuct9444f4a&uad=a23a16d21e2df730a5633a11d580c8d6a03b9b161f03c8c89b9092c6e0762127
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 04 Apr 2022 10:34:53 GMT
Cache-Control: no-store
Server: nginx
Connection: close

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 61ms
61ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220330&jk=2930153952973527&bg=!jo2ljcnNAAZku-1yRLs7ACkAdvg8WmiSeYYVQaETXd_4vgAN8sDvaGC1eHZ96yI4dWCdMM5_ZUljtgIAAABXUgAAAAJoAQeZAu7nIi4s4ohusgGLgEty9xvX_GA2hyDEsYyOusir1QUE4dCjkMyIZkc1oM37fxARlcXm77Uwjbzq8wkFC68FZeqr9GnDa0bWYdf1NCE9-8zS2rNLD_B-DsB4KQJsRpo55_Nyt5TWgKyKgOh9dWfENqKmW7cgXFv-zmqpM2Znq5z02o8Qk2p1nhHHiz4KTdihDK6zEv--taLhzuCUcdGEJ7Nuyzmrz882bDe5QylY1-bMkiZg-8IYJ6mSFaT-pr6xMjZ0wO6C8auGV6YqKbRqQkBpxpCiwtFXVYmbDxvzI77SRNESUC0kPeYJWep55vauZ_XeJfizKGdy6KYaw1Kfmy7Ez4bK9IBtXJvX4OLqFrI624iVovJjbp0bbAh7QUsqcU98BTorNu5K4axvylNbPiN0P59VR9M3WagQxhEUtyzq9JG7BGt8-uMALr1XaNlWWp2unVdSxT1hBHfxflEz3LKWIxvZJn6sTmbrSthLl36HCFDLzrjjLd0RSepnmld9PNTROrx41GuWJZqSA3nmqArSLZz-AfNg3zJmVlzkpi-MFqJEaNwryqEMDTn8Y6xpO9EsYAKy7BLJlwYoQuMaFE_mXXn2P9HV3au1IYSEsDt1j0GvduAACPeWyN5ZeazoDESwbZRxoVgehUpKa5iPq6RgC790DuwYaIzhpq7ATJiSxjVi6yqRBJ2gk9-1etV_pp9wdvqos9-P3f9gGPydZAibptZH9yXBeVBDMRiouSITB0SpdEAjzcW98Gvo43AqJnyRIW7ULwHbHuwoWo9aGiVE28PtFaf3g-PhkKGLpyyHVhJLSSFWG4cnXBBI0xIGj87I2hWUZkhrM0i1G1AWGu5zddY7G1NcOUbCsXI3hMrHcsUXb_ESKtOUSxeY4Ym_6gzqbfqY0yNDb1OYCofVAFJfw5d1Z_-dxNE7flmAddcX4OHxojnKsCTnufLOmjJjy2Pln_Zt5ZMCg7jBio48ZHAGGXMwGHUuYfaknQY0L9U

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.islegitsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 10:34:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: traffic.alexa.com
URL: https://traffic.alexa.com/graph?&w=580&h=300&o=f&c=1&y=t&b=FFFFE5&n=666666&r=6m&u=antivirussales.com&

Domain: reporting.services.disqus.com
URL: https://reporting.services.disqus.com/_log/taboola?placement=%7B%22domain%22%3A%20%22https%3A%2F%2Fwww.islegitsite.com%22%2C%20%22experiment%22%3A%20%22network_default%22%2C%20%22position%22%3A%20%22top%22%2C%20%22shortname%22%3A%20%22islegitsite%22%2C%20%22variant%22%3A%20%22fallthrough%22%7D&is_taboola_named=true&language=en&colorscheme=light&typeface=sans-serif&variant=fallthrough&forum_id=4819311&source_url=https%3A%2F%2Fwww.islegitsite.com%2Fcheck%2Fantivirussales.com%2F&organization_id=2371240&taboola_publisher_name=disqus-network&experiment=network_default&mode=thumbnails-a&position=top&shortname=islegitsite&referrer_url=https%3A%2F%2Fwww.islegitsite.com%2F&canonical_url&1649068489941

Domain: reporting.services.disqus.com
URL: https://reporting.services.disqus.com/_log/taboola?placement=%7B%22domain%22%3A%20%22https%3A%2F%2Fwww.islegitsite.com%22%2C%20%22experiment%22%3A%20%22network_default%22%2C%20%22position%22%3A%20%22bottom%22%2C%20%22shortname%22%3A%20%22islegitsite%22%2C%20%22variant%22%3A%20%22fallthrough%22%7D&is_taboola_named=true&language=en&colorscheme=light&typeface=sans-serif&variant=fallthrough&forum_id=4819311&source_url=https%3A%2F%2Fwww.islegitsite.com%2Fcheck%2Fantivirussales.com%2F&organization_id=2371240&taboola_publisher_name=disqus-network&experiment=network_default&mode=thumbnails-b&position=bottom&shortname=islegitsite&referrer_url=https%3A%2F%2Fwww.islegitsite.com%2F&canonical_url&1649068491152

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.islegitsite.com/	1970-01-20 19:35:40	Name: _ga Value: GA1.2.1338158214.1649068490
.islegitsite.com/	1970-01-20 02:05:54	Name: _gid Value: GA1.2.1982979222.1649068490
.islegitsite.com/	1970-01-20 02:04:28	Name: _gat_gtag_UA_7525666_93 Value: 1
.islegitsite.com/	1970-01-20 11:26:04	Name: __gads Value: ID=e48b86984b4b0454-22322f066dcd00b2:T=1649068489:RT=1649068489:S=ALNI_MZBHCC3A8H9mOcqvX3DQ8V-BLsd7w
.doubleclick.net/	1970-01-20 11:26:04	Name: IDE Value: AHWqTUnM66NKiKk7iu7TNXutDjP7AdqjAsbFOQcqvx19jvMy1_9B4PsFeja_Fc41R18
www.islegitsite.com/	1970-01-20 02:47:40	Name: _pbjs_userid_consent_data Value: 3524755945110770
.scorecardresearch.com/	1970-01-20 11:26:04	Name: UID Value: 186ffd4dfe5ada1b854617a1649068490
www.islegitsite.com/	1970-01-20 11:26:04	Name: cto_bidid Value: sfXxDF8ydTJmUmRDNFhmRFV2bFFMcEtBZGxoclVuZHRXZjdpYk90T1RTdzljQWVaMllNTFdudEYxOUdvV2NPdzd4Q3k0WXNMOVVyOUlra1M0RSUyQlJRUFNkNHFRJTNEJTNE
www.islegitsite.com/	1970-01-20 11:26:04	Name: cto_bundle Value: YJX0-19wWFV4aUxxNFg1ZktKMTMwVlE3TkJmdVZiRDMwMDlmYm5rbnhuYnVIeFM0b2FVREJqc3o0SUdSbFVneTF1QnNuYnd0dVBMUXdVSk1GZWprdUFRd01ReHJvTFd0RWJzQ09GMG42ZnprZWV4SnJhaFhoMDFXSWRRSk9McFhrdVdERw
www.islegitsite.com/	1970-01-20 10:50:04	Name: trc_cookie_storage Value: taboola%2520global%253Auser-id%3Da0c78dc5-e041-49bb-b822-a17b26dbab6f-tuct9444f4a
.disqus.com/	1970-01-20 10:50:04	Name: disqus_unique Value: 8cqjit4q0qr67
disqus.com/	1970-01-20 02:04:30	Name: __jid Value: 8cse56a1j6a0he
.quantserve.com/	1970-01-20 04:14:04	Name: d Value: EAcBDQHpJbn8kwA
.quantserve.com/	1970-01-20 11:34:42	Name: mc Value: 624ac9cb-dbb2e-57f13-12b3c
.spotxchange.com/	1970-01-20 10:50:08	Name: audience Value: dc37dafd-b402-11ec-9989-1891fad20406
www.islegitsite.com/	1970-01-20 02:04:32	Name: _lr_retry_request Value: true
www.islegitsite.com/	1970-01-20 02:47:40	Name: _lr_env_src_ats Value: false
.adsrvr.org/	1970-01-20 10:50:04	Name: TDID Value: a9e167a9-6b5b-4fa0-9f6f-3ee57947d529
.islegitsite.com/	1969-12-31 23:59:59	Name: panoramaId_expiry Value: 1649154892394
www.islegitsite.com/	1970-01-20 06:23:40	Name: _pubcid Value: %7B%7D

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://traffic.alexa.com/graph?&w=580&h=300&o=f&c=1&y=t&b=FFFFE5&n=666666&r=6m&u=antivirussales.com& Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://urlvir.com&size=16 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://www.surbl.org&size=16 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://id.rlcdn.com/711970.gif Message: Failed to load resource: the server responded with a status of 451 ()
javascript	error	URL: https://www.islegitsite.com/check/antivirussales.com/ Message: Access to XMLHttpRequest at 'https://reporting.services.disqus.com/_log/taboola?placement=%7B%22domain%22%3A%20%22https%3A%2F%2Fwww.islegitsite.com%22%2C%20%22experiment%22%3A%20%22network_default%22%2C%20%22position%22%3A%20%22top%22%2C%20%22shortname%22%3A%20%22islegitsite%22%2C%20%22variant%22%3A%20%22fallthrough%22%7D&is_taboola_named=true&language=en&colorscheme=light&typeface=sans-serif&variant=fallthrough&forum_id=4819311&source_url=https%3A%2F%2Fwww.islegitsite.com%2Fcheck%2Fantivirussales.com%2F&organization_id=2371240&taboola_publisher_name=disqus-network&experiment=network_default&mode=thumbnails-a&position=top&shortname=islegitsite&referrer_url=https%3A%2F%2Fwww.islegitsite.com%2F&canonical_url&1649068489941' from origin 'https://www.islegitsite.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://reporting.services.disqus.com/_log/taboola?placement=%7B%22domain%22%3A%20%22https%3A%2F%2Fwww.islegitsite.com%22%2C%20%22experiment%22%3A%20%22network_default%22%2C%20%22position%22%3A%20%22top%22%2C%20%22shortname%22%3A%20%22islegitsite%22%2C%20%22variant%22%3A%20%22fallthrough%22%7D&is_taboola_named=true&language=en&colorscheme=light&typeface=sans-serif&variant=fallthrough&forum_id=4819311&source_url=https%3A%2F%2Fwww.islegitsite.com%2Fcheck%2Fantivirussales.com%2F&organization_id=2371240&taboola_publisher_name=disqus-network&experiment=network_default&mode=thumbnails-a&position=top&shortname=islegitsite&referrer_url=https%3A%2F%2Fwww.islegitsite.com%2F&canonical_url&1649068489941 Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://id.rlcdn.com/711970.gif Message: Failed to load resource: the server responded with a status of 451 ()
javascript	error	URL: https://www.islegitsite.com/check/antivirussales.com/ Message: Access to XMLHttpRequest at 'https://reporting.services.disqus.com/_log/taboola?placement=%7B%22domain%22%3A%20%22https%3A%2F%2Fwww.islegitsite.com%22%2C%20%22experiment%22%3A%20%22network_default%22%2C%20%22position%22%3A%20%22bottom%22%2C%20%22shortname%22%3A%20%22islegitsite%22%2C%20%22variant%22%3A%20%22fallthrough%22%7D&is_taboola_named=true&language=en&colorscheme=light&typeface=sans-serif&variant=fallthrough&forum_id=4819311&source_url=https%3A%2F%2Fwww.islegitsite.com%2Fcheck%2Fantivirussales.com%2F&organization_id=2371240&taboola_publisher_name=disqus-network&experiment=network_default&mode=thumbnails-b&position=bottom&shortname=islegitsite&referrer_url=https%3A%2F%2Fwww.islegitsite.com%2F&canonical_url&1649068491152' from origin 'https://www.islegitsite.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://reporting.services.disqus.com/_log/taboola?placement=%7B%22domain%22%3A%20%22https%3A%2F%2Fwww.islegitsite.com%22%2C%20%22experiment%22%3A%20%22network_default%22%2C%20%22position%22%3A%20%22bottom%22%2C%20%22shortname%22%3A%20%22islegitsite%22%2C%20%22variant%22%3A%20%22fallthrough%22%7D&is_taboola_named=true&language=en&colorscheme=light&typeface=sans-serif&variant=fallthrough&forum_id=4819311&source_url=https%3A%2F%2Fwww.islegitsite.com%2Fcheck%2Fantivirussales.com%2F&organization_id=2371240&taboola_publisher_name=disqus-network&experiment=network_default&mode=thumbnails-b&position=bottom&shortname=islegitsite&referrer_url=https%3A%2F%2Fwww.islegitsite.com%2F&canonical_url&1649068491152 Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=1258 Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
8d1c9081a8e39addda0248d786881ed6.safeframe.googlesyndication.com
a.disquscdn.com
ads.eu.criteo.com
ads.pubmatic.com
adservice.google.com
adservice.google.fr
am-match.taboola.com
am-vid-events.taboola.com
api.rlcdn.com
ats.rlcdn.com
c.disquscdn.com
cat.fr.eu.criteo.com
cdn.taboola.com
cdnjs.cloudflare.com
cds.taboola.com
cms.quantserve.com
code.jquery.com
csm.eu.criteo.net
disqus.com
eus.rubiconproject.com
f5679b1ff3988327047363fc4b049008.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
id.crwdcntrl.net
id.rlcdn.com
id.sharedid.org
id5-sync.com
images.taboola.com
imprammp.taboola.com
islegitsite.disqus.com
match.adsrvr.org
maxcdn.bootstrapcdn.com
mug.criteo.com
pagead2.googlesyndication.com
partner.googleadservices.com
pips.taboola.com
pix.eu.criteo.net
pixel.rubiconproject.com
referrer.disqus.com
reporting.services.disqus.com
rtb.nl.eu.criteo.com
sb.scorecardresearch.com
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
static.criteo.net
sync-t1.taboola.com
sync.search.spotxchange.com
sync.taboola.com
t0.gstatic.com
t2.gstatic.com
t3.gstatic.com
taboola-supply-partners.tremorhub.com
tempest.services.disqus.com
token.rubiconproject.com
tpc.googlesyndication.com
traffic.alexa.com
trc-events.taboola.com
trc.taboola.com
vidstat.taboola.com
wf.taboola.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.islegitsite.com
x.bidswitch.net
reporting.services.disqus.com
traffic.alexa.com
104.102.28.254
104.92.74.8
13.225.80.105
141.226.224.32
141.226.228.48
142.250.185.194
151.101.64.134
151.101.65.44
178.250.0.139
178.250.0.160
178.250.2.146
178.250.2.150
18.195.192.101
185.94.180.126
195.154.106.41
199.232.192.134
199.232.192.64
199.232.196.134
199.232.198.49
2001:4de0:ac18::1:a:3a
23.205.235.133
2600:1f18:612b:4216:1045:b1b6:a84f:9c3b
2600:9000:219c:5c00:6:8656:f5c0:93a1
2606:4700::6811:190e
2606:4700::6812:acf
2620:116:800d:21:36a9:ecb:e518:b308
2a00:1450:4001:800::2002
2a00:1450:4001:801::2001
2a00:1450:4001:803::2003
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:812::2003
2a00:1450:4001:812::2004
2a00:1450:4001:827::2004
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2004
2a00:1450:4001:830::2008
2a00:1450:4001:830::200a
2a00:1450:4001:830::200e
2a02:2638:1::13
2a02:2638:1::2
2a02:2638:1::3
2a02:2638::b
2a04:4e42:200::300
34.120.133.55
35.244.174.68
35.71.131.137
51.195.5.234
52.10.138.188
63.32.97.205
69.173.144.138
69.173.144.165
99.86.7.31
004ccedd2a53b06ba64606e5caf40030e51894c69e870897dc6898a6bf49c7dc
04015d09b0e4d5446692458e86ef150aa9c4a082595c426fc75aa84a44d137bc
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
0e047862ca77c17ae503afa7a789b61d3566420a65d8d92f68f2f57354ec4b63
1450d0d5a043ddfb85f0b63473c5869ede6d21d865dd5a66d1487ab6903968d2
148a447ab223bf877426efcd990d81885006b3eb5e71f0ef1cc09ccf243b55a3
14fa5c43301ed98f0ef1f603cd818ad1d81a18f5988e26d4883a42663efc5826
19d89209f90bf824e45972791010e9a91f8f09c40843dea13f2297718b8be4bb
1da88b92dba24e5bf090d31e5b66e0a0958cb60e0f582f78eb41cb4dbaf0628f
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
21cbbedba666505731daae6e35283021ec82e38319a459a3bf7dd1050133218e
2383dee5ba4926bc0ad87a329cb8840dcff06c0b935f9a9d2c0f65b0b9d2f724
26f20bdfc8d519454369f071d7de1ca5289331f5fb7840eed6f34fe3ad819691
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4
36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444
38d9fc643e046c182c6719aa7896d6ed3cf37dd25c22d0c8274891586af251ac
3eee15d11eb29b6f2258cabfeeca39b3b900a7cae96fc7919b27789f3470b9f9
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40006faf8e6adc344cf3f81ae2ab716d6cf47fce43e1aeae2d61c16a8a2a2d4f
4212a18713f56f9cf1a89fd549d774d553b3814a041144977bfe40abcb4c1446
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c
4d328f64c58c1c9932023173632012e052ce498e3abe872e594e52921e68dc91
4d9e28bf1814e0986b8e5b001e2c8d55d164f9cf8ee3ddc1ccf5560fe7053b66
4de3908746383939025bbea5847e9752c3cfcc44420525a29862361743d9f77a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e84582f90ba63fe70f7a3274735c375af5874b4573dad7691366e6af2647e93
4ea92471e7acc488d03e7195a90e1e32ca070f8ccf8ef3aaa8333494b0140060
50db7c9c01c13f0814e91704229cc9aeb94294eb85d1b3d126d96a8caab7af08
52a034771e615f209e16877f12a0d203a643b125de783f95342efaa9ffb80737
52f4734559e82974a0ce7f7a69709d4a6e2231651d1a798e40131facd73fb972
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56fd4e137e3077a5666e6e782949bcbcb80c60f915e8d2867b55a65c56b41e6f
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
5b4dd08942d096c41c42aeb1f36db7261f30841da30fedbfd19e77e87a0cfe55
5cbaf366ff2981381752ecf70b260970536bf0bbf7ec8d8e930ee1e77d4d65d8
5d7b380a8622800488ca14eb8369126d66401b5fc0c4b3de5947aadfb0c79f6d
5e7569adc42cb5a187dc0c9d075f40e6673d522111d300d76da5ad242b4b189e
60aea1e86c2da2b0a77f8dd41b079c32a3a53a0a7cbb1df1ca71a1adafd40e7a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
635fc3642d77c0ffc3368165582c4d03124eff007d5f58f6beca929f7785904a
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
6885ebc9c66068cb9a9f3b1d29e82b45068bb23e379046eb52e2210fbaf680a3
6b4b5cdef6efda6d01f2dc8d1febe3f9339b85c5055a26c6f299284929cda2ac
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
72c5d10e99c6620a2561415895a84064b5b5616c2b1914602263886be4cdc229
73b9cf8758e9da116026fe6569b10db01fbf000eec46be37192b97260bcc9ac1
77ca43cbba178e7cc9d69e2b4aa3462d6e69501f22ae8fd46bca5fc00af8ae65
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7e60bf1f5f962915313c42c1ff9629c035d93aef5b3360ade5c2b3d7fff7882f
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3
803fe9d277fb3b09299e76aab9b6a243d745f1d0d7e81f89283706cf8c811d05
829b94339b38c07294be465ad5e7c23da8f254d2df883d0a0d025e6f61c2138e
82deb488ed90a4434ca3c944a199af3d557338dbdd3862bf4b2fa7e304f13656
82f3e86bf88366e93c62eb14a8a7aa06afb75aa135c27988f3ccb946875d2f33
83a8b6170eebc700dd5d59b8f6b1bd525c253bbcd0ca8892db188aad11edfa63
86d0b0c5c5ac215d1bccc0057a9e5aeaf96554438e7eacc1c8d53f9f3f827b26
8771f93d2878d5532147d7d5356893babf64c7097f2cc390e4c0c8a61ac537b3
8784042e14531617c1aef40d7623d3dd1d0b24730721c779e0c3ae86ed03990e
8b5abf902c157c372285a8277bd336ce30ac5efe1422a610d3b89e8024174e15
8bc40f263d0a1fbb8421a5fe91ccb4ab7eb23b9b4c12a16e09703cd336d7cbb5
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8da979458600536726a4bfca5e105c96a405e0740c16e55a7d6cc59108706417
8db980d4051813f15c254961f906f82c8c6f504a474bb8c1f231699500d8fde5
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f4cd813eb95d02715c30dac1d1bb4b2cb6a1c435383c380578328af3963ccb7
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
91d6c3d7a6a44528c21b0b1348c2866d960d28e1281963c7a954c07419efee9f
93f2072c521fbd53054fe2a73577cff9b62b94dac4573502aacd93625d9d52fd
9417d165564f14fc7d223274850a19cc0be3e6dbae3f1f4ad2271a8ec11a9425
94f0ba828c6a9863bd0f4ba7d7f9c24c20ae64c4bb4f40895221a4af539a72b8
95d902d6868287832fda3e1b75149c1aefee47db33e70f2eb5663c2621eda5b8
9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3
999d42ff64e0f986d6d56cc266f4afb297406862fb75891932d2a1dc190d6a98
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a329e3aac300f095f55355ea6517be1ca068c463a7da45284dccac9d16ca43b4
a40ebe1c139befce5e31fd5980ff7d8b7be36d916c1b23ecd12a907670aa845d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6a9f968f2660d826f86e39e5e2dd4eebc1d8c62ac3fb05551308362a26ea84a
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ac8a36a20746166c403d3bbe6e18a2f5f02a7d2b4a15ccf1c4b45017af869127
acd36ce98f5ad63215cef51493e69fb0ef3e1bc9b4ecccddd11ed4c4a529e490
ad57f40ddb2701133cc6638fc11e87adcc4b86d774fc85778f1c06c7bc617421
ae40282c5f773da1194112a95bb8dc6598ca13d6595375979b1f6bae17e91176
ae56df174857bf3c024a91673ba3641d205d290bcd326efab276a5e8b2513ffb
af55a28d6fd234c80ec24e4b0e4ed0447afaa156186d858cc3fd643977d825f8
b4ab19488b0742634780edaa7caf0a4fd4923af2936f182c90de5d7e1ae9512f
b7781f6fa62c80c336671d895754a77ce8d0f5e9fe30e0b1f40d08c66261408b
b79e342ee881ef2ab38b3f53ff291337ace2c939dd3dc7e44cb08f56e9c1cfb4
b7bd314d93d630b87e83789f36d636f2fcd3180e6d81b9eda2d910e048d953f8
b82a7f23f75b356d334dea4b0af4b2236018aeae6ee59cf410e1b0f56393ce39
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc8eae918596f55f432ab6e1e7ff48834f5177646e0bf18c21f9d189b9c3458d
bcad1b0a71b616ecaee72f4eac6cd781d24ee330b025211feb02418609793adb
c0fba64fac60642502e35ea201de849e61a37a5da4c2f17afee6073703bee659
c3d628f4e66cecd08fd6e79132a41585dfd209b14bd6e0695af0842025ee2768
c70dfdb6d1ec988a3ac72b75796fc160cf9cf002ad256da1c606aa88e314008f
c92beefaaae2367089d0025f47c82df96a6e45cbe4b522f6d1aaa8a70ad2efcd
cac02ba17201e69444488f03ac97d22021fd5d8558dc698baa13b9ac682cdb18
cbda9b9eeb5e949b05af1e4752614a50050aa2b64a945548f48143f4a19cea87
cc86383521e90d5fbed39d7762a4dba99b0d9a69315a54c1140db1a4dd7df712
cea5d46ac598196db57d44d8fb8aad9b5134b318e6cf8c2cb5917dd60dabe7b1
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d39317f3b271c9d4578cfa5277f68b09c405a46464ebc92e2740354535d895ac
d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
dbffe4825c6ba1f19ff48607381ad4384b0609b64998830502c130f00abe887d
ddbf19b4a1dc1544982a2859a72c0a5480b20ed16c6a82f0a02b83c846627f29
de1743f71f7f1eaf26cc4e2215caa6dc68528b02198a7175e79aca316dec6058
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e14a625deb5e7cb388813d12ff906c39d7140ead453b49a22cc7d11497035790
e1cc490dae0d994fb66e4f3e2daae176e6e53c11d2971ba036bee794fc053ea7
e1ed89b6738eb9a701eded7038ea55187794e4c18773d36a734ad50242a0c1e1
e3456dcf2c28fa394f88d1b63e0e305f82e6400474148883fa7b70e202676d35
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4c10838e4d0597a5588959765e0cf065ce9e991fea6b3ee50f23b9d7eb2269b
e60b5ae2f507c6b3008250bc07ef6245df6b6bdef292c6097e130d3cd3a8340b
ec4b11d2ac706b0b369c3e944952897f92e8b857edb5bb74f68579d02c359f07
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc8c4e1d66b3a8230e712a48b2bb1df41e77b00d0c9092b6b3f5b5170cc4581
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f70db3c1558f5fae86f87d324a7d80de86d92e68b9bb93f5a86b94d7af84beee
f74b6b819a1fa1fc9be61d5ecf07d103b85ab9eb4f6e42b5b6ebd86fe88529be
f81c71f304845e845fc404a661d994ce414493f7d16ad6d297c7efc3f37fd16a
f82864929e0a4c30a4256c5b500e6aaed92699b6686fc84f1f3eecb15eb82256
fd1daa7f8863fe46eea00a4c227443bb66c2c19688525cd1832686159f4349ab
fdcf2a3e1121d4b76344ef28dcb12c51d42c5c198129d1f6d6e35a8807c25638

www.islegitsite.com Open in urlscan Pro 195.154.106.41 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

209 Requests

92 %HTTPS

48 %IPv6

32 Domains

70 Subdomains

54 IPs

6 Countries

3319 kBTransfer

8950 kBSize

20 Cookies

16 Outgoing links

Redirected requests

209 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.islegitsite.com Open in urlscan Pro
195.154.106.41 Public Scan

Screenshot
Live screenshot

Full Image

209
Requests

92 %
HTTPS

48 %
IPv6

32
Domains

70
Subdomains

54
IPs

6
Countries

3319 kB
Transfer

8950 kB
Size

20
Cookies

209 HTTP transactions
2 data transactions