www.getthebuzzbgone.com Open in urlscan Pro
2600:9000:2016:6200:2:856a:59c0:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.yourchefhome.com/
Effective URL:
https://www.getthebuzzbgone.com/zap/au/pre-5.html?pcta=index-v3.html&icta=order.html&iep=true&temp=hcvr&loader=0&fomo=1&Affid=61...
Submission: On December 12 via manual (December 12th 2022, 2:33:22 am UTC) from AE — Scanned from DE

Summary HTTP 150 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 60 IPs in 9 countries across 49 domains to perform 150 HTTP transactions. The main IP is 2600:9000:2016:6200:2:856a:59c0:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.getthebuzzbgone.com.
TLS certificate: Issued by Amazon on April 24th 2022. Valid for: a year.

This is the only time www.getthebuzzbgone.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	198.54.125.161 198.54.125.161	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1 10	34.107.179.180 34.107.179.180	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
17	2600:9000:201... 2600:9000:2016:6200:2:856a:59c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
2	2600:9000:21f... 2600:9000:21f3:1000:18:d154:1680:21	16509 (AMAZON-02) (AMAZON-02)
4	34.96.102.137 34.96.102.137	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
2	51.143.102.21 51.143.102.21	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:bdf::45 2620:1ec:bdf::45	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	40.76.174.66 40.76.174.66	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	40.64.128.231 40.64.128.231	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 6	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.225.78.103 13.225.78.103	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:1::d 2a02:2638:1::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	2001:4860:480... 2001:4860:4802:34::178	15169 (GOOGLE) (GOOGLE)
2	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
4 5	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	13.224.189.42 13.224.189.42	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:400c:c09::9a	15169 (GOOGLE) (GOOGLE)
2	52.183.82.125 52.183.82.125	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
11	2a03:2880:f08... 2a03:2880:f080:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	13.224.189.122 13.224.189.122	16509 (AMAZON-02) (AMAZON-02)
1	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	13.225.78.124 13.225.78.124	16509 (AMAZON-02) (AMAZON-02)
1	13.224.189.86 13.224.189.86	16509 (AMAZON-02) (AMAZON-02)
1 3	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
18	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 2	18.158.158.96 18.158.158.96	16509 (AMAZON-02) (AMAZON-02)
1 1	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2 2	37.252.171.21 37.252.171.21	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	104.18.33.19 104.18.33.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	176.34.141.217 176.34.141.217	16509 (AMAZON-02) (AMAZON-02)
1	184.30.20.22 184.30.20.22	16625 (AKAMAI-AS) (AKAMAI-AS)
1	64.202.112.127 64.202.112.127	23352 (SERVERCEN...) (SERVERCENTRAL)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	18.196.238.199 18.196.238.199	16509 (AMAZON-02) (AMAZON-02)
1	185.86.139.114 185.86.139.114	201081 (SMARTADSE...) (SMARTADSERVER)
3	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	104.75.89.75 104.75.89.75	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1	18.156.32.70 18.156.32.70	16509 (AMAZON-02) (AMAZON-02)
1	37.157.2.234 37.157.2.234	198622 (ADFORM) (ADFORM)
1	185.255.84.152 185.255.84.152	200271 (IGUANE-) (IGUANE-)
1 2	52.16.99.144 52.16.99.144	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.117 162.19.138.117	16276 (OVH) (OVH)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.57.144.0 52.57.144.0	16509 (AMAZON-02) (AMAZON-02)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2600:1f18:612... 2600:1f18:612b:4216:f6:411e:ff52:dd4b	14618 (AMAZON-AES) (AMAZON-AES)
1	85.215.5.31 85.215.5.31	6786 (CRONON-BE...) (CRONON-BERLIN-AS)
1	184.31.94.14 184.31.94.14	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.49.74.99 52.49.74.99	16509 (AMAZON-02) (AMAZON-02)
1	52.49.90.126 52.49.90.126	16509 (AMAZON-02) (AMAZON-02)
1	3.143.128.248 3.143.128.248	16509 (AMAZON-02) (AMAZON-02)
2	52.33.148.114 52.33.148.114	16509 (AMAZON-02) (AMAZON-02)
150	60

2 198.54.125.161 (United States) 2 redirects

ASN22612 (NAMECHEAP-NET, US)
PTR: server261-1.web-hosting.com

www.yourchefhome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 34.107.179.180 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 180.179.107.34.bc.googleusercontent.com

www.frscosr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2600:9000:2016:6200:2:856a:59c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.getthebuzzbgone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21f3:1000:18:d154:1680:21 (United States)

ASN16509 (AMAZON-02, US)

d16hdrba6dusey.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.96.102.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.143.102.21 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

sales-prod.tryemanagecrm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:bdf::45 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 40.76.174.66 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

d.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 40.64.128.231 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

salessupport.tryemanagecrm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.234.93.27 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-103.fra2.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::d (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638::1c (France) 4 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-42.fra2.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c09::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.183.82.125 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

ctrwow-prod-fingerprint-microservice.azurewebsites.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a03:2880:f080:9:face:b00c:0:3 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-122.fra2.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-124.fra2.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-86.fra2.r.cloudfront.net

cdn.getblueshift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.0.163 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.158.158.96 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-158-96.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.171.21 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.33.19 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 176.34.141.217 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-176-34-141-217.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.20.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-22.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.127 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.238.199 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-238-199.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.114 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.75.89.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-89-75.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.156.32.70 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-32-70.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.2.234 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.152 (France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.16.99.144 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-99-144.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.117 (France)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.57.144.0 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-144-0.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4216:f6:411e:ff52:dd4b (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.215.5.31 (Berlin, Germany)

ASN6786 (CRONON-BERLIN-AS, DE)

a.twiago.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.31.94.14 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-94-14.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.49.74.99 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-74-99.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.49.90.126 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-90-126.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.143.128.248 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-143-128-248.us-east-2.compute.amazonaws.com

s.thebrighttag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.33.148.114 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-33-148-114.us-west-2.compute.amazonaws.com

api.getblueshift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	442 B
17	getthebuzzbgone.com www.getthebuzzbgone.com	166 KB
11	facebook.net connect.facebook.net — Cisco Umbrella Rank: 152	805 KB
11	criteo.com 5 redirects dynamic.criteo.com — Cisco Umbrella Rank: 3792 gum.criteo.com — Cisco Umbrella Rank: 399 mug.criteo.com — Cisco Umbrella Rank: 3032 sslwidget.criteo.com — Cisco Umbrella Rank: 1722 widget.us.criteo.com — Cisco Umbrella Rank: 22535 dis.criteo.com — Cisco Umbrella Rank: 700	28 KB
10	frscosr.com 1 redirects www.frscosr.com	55 KB
8	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 stats.g.doubleclick.net — Cisco Umbrella Rank: 81 cm.g.doubleclick.net — Cisco Umbrella Rank: 215	6 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 28	41 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1311 d.clarity.ms — Cisco Umbrella Rank: 9219 c.clarity.ms — Cisco Umbrella Rank: 1818	23 KB
6	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 256 bat.bing.com — Cisco Umbrella Rank: 373	13 KB
5	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1066 trc.taboola.com — Cisco Umbrella Rank: 693 sync-t1.taboola.com — Cisco Umbrella Rank: 1270 trc-events.taboola.com — Cisco Umbrella Rank: 1667	20 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 47	331 KB
4	google.de www.google.de — Cisco Umbrella Rank: 7952	740 B
4	google.com www.google.com — Cisco Umbrella Rank: 2	740 B
4	tryemanagecrm.com sales-prod.tryemanagecrm.com — Cisco Umbrella Rank: 639599 salessupport.tryemanagecrm.com — Cisco Umbrella Rank: 384992	2 KB
4	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 4661	58 KB
3	getblueshift.com cdn.getblueshift.com — Cisco Umbrella Rank: 11934 api.getblueshift.com — Cisco Umbrella Rank: 9343	3 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 652 script.hotjar.com — Cisco Umbrella Rank: 797 vars.hotjar.com — Cisco Umbrella Rank: 929	73 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 206	2 KB
2	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 287	507 B
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 684	853 B
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1317	2 KB
2	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 218	2 KB
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 290	875 B
2	azurewebsites.net ctrwow-prod-fingerprint-microservice.azurewebsites.net — Cisco Umbrella Rank: 263862	718 B
2	cloudfront.net d16hdrba6dusey.cloudfront.net	22 KB
2	yourchefhome.com 2 redirects www.yourchefhome.com	394 B
1	thebrighttag.com s.thebrighttag.com — Cisco Umbrella Rank: 1795	268 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 549	338 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 1924	220 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 5106	525 B
1	twiago.com a.twiago.com — Cisco Umbrella Rank: 41808	153 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2306	183 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 657	577 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1294	882 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 2571	274 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 448	1 KB
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 827	235 B
1	adform.net cm.adform.net — Cisco Umbrella Rank: 1537	162 B
1	emxdgt.com e1.emxdgt.com — Cisco Umbrella Rank: 770	55 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 350	140 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 1872	172 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 563	163 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 506	35 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 321	239 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 737	145 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 553	785 B
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 2259	257 B
1	gstatic.com fonts.gstatic.com	44 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37	1 KB
150	49

	Domain	Requested by
18	www.facebook.com
17	www.getthebuzzbgone.com	www.getthebuzzbgone.com
11	connect.facebook.net	www.googletagmanager.com connect.facebook.net
10	www.frscosr.com	1 redirects www.googletagmanager.com www.frscosr.com
7	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
5	bat.bing.com	www.getthebuzzbgone.com bat.bing.com
5	gum.criteo.com	4 redirects dynamic.criteo.com
5	www.googletagmanager.com	www.getthebuzzbgone.com www.googletagmanager.com
4	www.google.de
4	www.google.com
4	googleads.g.doubleclick.net	www.googletagmanager.com
4	dev.visualwebsiteoptimizer.com	www.getthebuzzbgone.com dev.visualwebsiteoptimizer.com
3	stats.g.doubleclick.net	www.google-analytics.com
3	www.clarity.ms	www.getthebuzzbgone.com www.clarity.ms
2	trc-events.taboola.com	cdn.taboola.com
2	api.getblueshift.com	cdn.getblueshift.com
2	dpm.demdex.net	1 redirects
2	ups.analytics.yahoo.com	1 redirects
2	ad.360yield.com	1 redirects
2	r.casalemedia.com	1 redirects
2	ib.adnxs.com	2 redirects
2	dis.criteo.com
2	x.bidswitch.net	1 redirects
2	ctrwow-prod-fingerprint-microservice.azurewebsites.net	d16hdrba6dusey.cloudfront.net
2	c.clarity.ms	1 redirects
2	salessupport.tryemanagecrm.com	d16hdrba6dusey.cloudfront.net
2	d.clarity.ms	www.clarity.ms
2	sales-prod.tryemanagecrm.com	www.getthebuzzbgone.com
2	d16hdrba6dusey.cloudfront.net	www.getthebuzzbgone.com
2	www.yourchefhome.com	2 redirects
1	s.thebrighttag.com
1	beacon.krxd.net
1	sync-criteo.ads.yieldmo.com
1	ad.yieldlab.net
1	a.twiago.com
1	criteo-partners.tremorhub.com
1	simage2.pubmatic.com
1	exchange.mediavine.com
1	matching.ivitrack.com
1	id5-sync.com
1	visitor.omnitagjs.com
1	cm.adform.net
1	e1.emxdgt.com
1	eb2.3lift.com
1	criteo-sync.teads.tv
1	sync-t1.taboola.com
1	rtb-csync.smartadserver.com
1	match.sharethrough.com
1	pixel.rubiconproject.com
1	sync.outbrain.com
1	contextual.media.net
1	cm.g.doubleclick.net	1 redirects
1	widget.us.criteo.com
1	sslwidget.criteo.com	1 redirects
1	cdn.getblueshift.com	d16hdrba6dusey.cloudfront.net
1	vc.hotjar.io	script.hotjar.com
1	mug.criteo.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	trc.taboola.com	cdn.taboola.com
1	cdn.taboola.com	www.googletagmanager.com
1	dynamic.criteo.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	c.bing.com	1 redirects
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	www.getthebuzzbgone.com
150	66

This site contains links to these domains. Also see Links.

Domain
support.buzzbgone.com
www.dmca.com

Subject Issuer	Validity	Valid
getthebuzzbgone.com Amazon	`2022-04-24` - `2023-05-23`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2022-07-04` - `2023-08-05`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.tryemanagecrm.com Go Daddy Secure Certificate Authority - G2	`2022-12-11` - `2024-01-09`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-12-01` - `2023-12-01`	a year	crt.sh
sdwetrk.com Starfield Secure Certificate Authority - G2	`2022-10-04` - `2023-10-20`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh
salessupport.tryemanagecrm.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2022-10-10` - `2023-04-10`	6 months	crt.sh
*.hotjar.com Amazon	`2022-10-25` - `2023-11-23`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-31` - `2023-01-26`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.azurewebsites.net Microsoft Azure TLS Issuing CA 01	`2022-10-16` - `2023-10-11`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-09-20` - `2022-12-19`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-11-25` - `2023-05-25`	6 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.hotjar.io Amazon	`2022-07-18` - `2023-08-16`	a year	crt.sh
*.getblueshift.com Amazon	`2022-08-09` - `2023-09-07`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2022-11-06` - `2023-11-28`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.sharethrough.com Amazon	`2022-07-14` - `2023-08-12`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
teads.tv R3	`2022-10-27` - `2023-01-25`	3 months	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2022-05-18` - `2023-06-19`	a year	crt.sh
*.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-05-18` - `2023-06-16`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-21` - `2023-07-21`	a year	crt.sh
*.id5-sync.com R3	`2022-11-09` - `2023-02-07`	3 months	crt.sh
itm.ivitrack.com R3	`2022-12-05` - `2023-03-05`	3 months	crt.sh
exchange.mediavine.com Amazon	`2022-07-06` - `2023-08-04`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.tremorhub.com Amazon	`2022-03-24` - `2023-04-22`	a year	crt.sh
*.twiago.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-28` - `2023-12-29`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-15`	a year	crt.sh
*.ads.yieldmo.com Amazon	`2022-06-02` - `2023-07-01`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.getthebuzzbgone.com/zap/au/pre-5.html?pcta=index-v3.html&icta=order.html&iep=true&temp=hcvr&loader=0&fomo=1&Affid=6164&s1=&s2=&s3=&s4=3127&s5=167c1aea656a44e0972c4ffeeeb1df48&domain1=www.frscosr.com&network_id=69
Frame ID: 59E92285B1B941FF6FCA403CBBACAABE
Requests: 121 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.getthebuzzbgone.com&origin=onetag
Frame ID: 71FBB2B8586C61A28429577A7EF62D00
Requests: 2 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
Frame ID: 2E075C98AC1147A38DFD74FEE88D10D6
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-Ho3Emq6Wd1LETA9whU8EIb05hhyrSu1KVU1-CQ&expires=30
Frame ID: E23D01A0FF54D7362B303A4B317C9611
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

This Genius Device Kills Mosquitoes Dead - Thousands Zapped Every Hour

Page URL History Show full URLs

http://www.yourchefhome.com/ HTTP 301
https://www.yourchefhome.com/ HTTP 301
https://www.frscosr.com/BZSLBPP/6J3FGCJ/?uid=35343 HTTP 302
https://www.getthebuzzbgone.com/zap/au/pre-5.html?pcta=index-v3.html&icta=order.html&iep=true&temp=hcvr&load... Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

150
Requests

92 %
HTTPS

27 %
IPv6

49
Domains

66
Subdomains

60
IPs

9
Countries

1699 kB
Transfer

5497 kB
Size

73
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://support.buzzbgone.com/hc/en-us?pcta=index-v3.html&icta=order.html&iep=true&temp=hcvr&loader=0&fomo=1&Affid=6164&s1=&s2=&s3=&s4=3127&s5=167c1aea656a44e0972c4ffeeeb1df48&domain1=www.frscosr.com&network_id=69&ctr_cssid=9b7910884ef14ee2baf2f1b6259d5694&ctr_io=2&ctr_ppid=6344b2002cd7201b006577c0&ctr_psid=60aca4dc104d5d0ab45c6cf0&ctr_ppu=https%3A%2F%2Fwww.getthebuzzbgone.com%2Fzap%2Fau%2Fpre-5.html
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://support.buzzbgone.com/hc/en-us/sections/360004741939-BuzzBGone-Zap?pcta=index-v3.html&icta=order.html&iep=true&temp=hcvr&loader=0&fomo=1&Affid=6164&s1=&s2=&s3=&s4=3127&s5=167c1aea656a44e0972c4ffeeeb1df48&domain1=www.frscosr.com&network_id=69&ctr_cssid=9b7910884ef14ee2baf2f1b6259d5694&ctr_io=2&ctr_ppid=6344b2002cd7201b006577c0&ctr_psid=60aca4dc104d5d0ab45c6cf0&ctr_ppu=https%3A%2F%2Fwww.getthebuzzbgone.com%2Fzap%2Fau%2Fpre-5.html
Title: FAQ

Search URL Search Domain Scan URL

URL: https://www.dmca.com/Protection/Status.aspx?ID=ef1fadd9-e577-4b7f-ac63-515756019c06&refurl=https://www.getthebuzzbgone.com/zap/au/pre-5.html&ctr_cssid=9b7910884ef14ee2baf2f1b6259d5694&ctr_io=2&ctr_ppid=6344b2002cd7201b006577c0&ctr_psid=60aca4dc104d5d0ab45c6cf0&ctr_ppu=https%3A%2F%2Fwww.getthebuzzbgone.com%2Fzap%2Fau%2Fpre-5.html

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.yourchefhome.com/ HTTP 301
https://www.yourchefhome.com/ HTTP 301
https://www.frscosr.com/BZSLBPP/6J3FGCJ/?uid=35343 HTTP 302
https://www.getthebuzzbgone.com/zap/au/pre-5.html?pcta=index-v3.html&icta=order.html&iep=true&temp=hcvr&loader=0&fomo=1&Affid=6164&s1=&s2=&s3=&s4=3127&s5=167c1aea656a44e0972c4ffeeeb1df48&domain1=www.frscosr.com&network_id=69 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=336E0D2DCAFB475783FC98F143BD29BB&RedC=c.clarity.ms&MXFR=265B6A41665560011F88783962556EF1 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=336E0D2DCAFB475783FC98F143BD29BB&MUID=3459D89C8FAC62A418E6CAE48EAC631D

Request Chain 71

https://gum.criteo.com/sid/json?origin=onetag&domain=getthebuzzbgone.com&sn=ChromeSyncframe&so=0&topUrl=www.getthebuzzbgone.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=m28g4nwwSEFjVmQ1RlBwMnZINnN6Nm0xZk9BbVVxak5renc2QnRkTGpyeDZ6U1FVcjdsVnBGOVF6eW93QnRUL1Zxc211NjZmMk12cmFvTGpUNHl5VE0vSjFObnY4NWV0K3Z3aDJ6dlZmb3BydDMrc2Z4Q3ZhckdFRzhWTVBBdTI0SzhQN2V0cWVCU2t0cGRqTDllV2pueU9XNUhQSzZXVjY5V3p4bWUvVFIwVTU3WjNUMG82ZkRQQmo3ZCtiUm9sTzkxN25qUnBidXJoRXlkbS9ibXRFK1RlUTZzSUhuZGZIeFkwd20vcVI2SWd2QXdFNW83SzRIZ2cvYlQ2bzFVRTlPaUMzNXlWK1haTjRmQnpTVjdPUklKVTFlM3BGOG1Kb092WFJBN2lMQUh6MzZ6TT18&cppv=2

Request Chain 89

https://sslwidget.criteo.com/event?a=97841&v=5.12.3&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=d1vM2F9DMmZYd0ZHR3gwc01QZlBoQ2NZVTVkd20lMkZLMWV4VFF4SkRsQVhmRG5aOUs3bUVCRHRsRXlCdW45aTlrQlpxdXRkUlc1ZVo4VXpwWmZBZ2lseE5KZng1d0dGUHpkdURraldkb3JrMzFXcEpzV0UlMkZ0WHF4UU83Z21SelM1SU9oUTdPdUtPdXZQU0ZVeHg4OHNmSkNkR0hZdWV2cWtJVXFCQWtiN05BdmduVTFnJTNE&tld=getthebuzzbgone.com&dy=1&fu=https%253A%252F%252Fwww.getthebuzzbgone.com%252Fzap%252Fau%252Fpre-5.html%253Fpcta%253Dindex-v3.html%2526icta%253Dorder.html%2526iep%253Dtrue%2526temp%253Dhcvr%2526loader%253D0%2526fomo%253D1%2526Affid%253D6164%2526s1%253D%2526s2%253D%2526s3%253D%2526s4%253D3127%2526s5%253D167c1aea656a44e0972c4ffeeeb1df48%2526domain1%253Dwww.frscosr.com%2526network_id%253D69&dtycbr=45556 HTTP 302
https://widget.us.criteo.com/event?a=97841&v=5.12.3&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=d1vM2F9DMmZYd0ZHR3gwc01QZlBoQ2NZVTVkd20lMkZLMWV4VFF4SkRsQVhmRG5aOUs3bUVCRHRsRXlCdW45aTlrQlpxdXRkUlc1ZVo4VXpwWmZBZ2lseE5KZng1d0dGUHpkdURraldkb3JrMzFXcEpzV0UlMkZ0WHF4UU83Z21SelM1SU9oUTdPdUtPdXZQU0ZVeHg4OHNmSkNkR0hZdWV2cWtJVXFCQWtiN05BdmduVTFnJTNE&tld=getthebuzzbgone.com&dy=1&fu=https%253A%252F%252Fwww.getthebuzzbgone.com%252Fzap%252Fau%252Fpre-5.html%253Fpcta%253Dindex-v3.html%2526icta%253Dorder.html%2526iep%253Dtrue%2526temp%253Dhcvr%2526loader%253D0%2526fomo%253D1%2526Affid%253D6164%2526s1%253D%2526s2%253D%2526s3%253D%2526s4%253D3127%2526s5%253D167c1aea656a44e0972c4ffeeeb1df48%2526domain1%253Dwww.frscosr.com%2526network_id%253D69&dtycbr=45556

Request Chain 96

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-Ho3Emq6Wd1LETA9whU8EIb05hhyrSu1KVU1-CQ&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-Ho3Emq6Wd1LETA9whU8EIb05hhyrSu1KVU1-CQ&expires=30

Request Chain 97

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-hVK74q6Wd1LETA9whU8EIb05hhxkyNIWhj7j4w&google_cm&google_hm=ay1oVks3NHE2V2QxTEVUQTl3aFU4RUliMDVoaHhreU5JV2hqN2o0dw HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-hVK74q6Wd1LETA9whU8EIb05hhxkyNIWhj7j4w&google_gid=CAESECUAZGBo5jTDYXTyO4rBC-k&google_cver=1&google_ula=913071,0

Request Chain 98

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=675375556649057536

Request Chain 99

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-g0TRMa6Wd1LETA9whU8EIb05hhz1xok6hVkQMg HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-g0TRMa6Wd1LETA9whU8EIb05hhz1xok6hVkQMg&C=1

Request Chain 100

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-8afcmK6Wd1LETA9whU8EIb05hhz4wJWBHvlN1A HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-8afcmK6Wd1LETA9whU8EIb05hhz4wJWBHvlN1A

Request Chain 109

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-5cAwga6Wd1LETA9whU8EIb05hhze0hDh9YUXbA HTTP 302
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-5cAwga6Wd1LETA9whU8EIb05hhze0hDh9YUXbA&verify=true

Request Chain 113

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=GY4r5K1bOGThxgeMbKiISFapb_Mg7uP0 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=GY4r5K1bOGThxgeMbKiISFapb_Mg7uP0

Request Chain 122

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=Tz6ft5tsiUYOklvSIFCAYd3x9IwsOGgU

Request Chain 123

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=AQGTKooALb1DuqbXKNSOWwOOLkEiWL08

150 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request pre-5.html Show response
www.getthebuzzbgone.com/zap/au/
Redirect Chain

http://www.yourchefhome.com/
https://www.yourchefhome.com/
https://www.frscosr.com/BZSLBPP/6J3FGCJ/?uid=35343
https://www.getthebuzzbgone.com/zap/au/pre-5.html?pcta=index-v3.html&icta=order.html&iep=true&temp=hcvr&loader=0&fomo=1&Affid=6164&s1=&s2=&s3=&s4=3127&s5=167c1aea656a44e0972c4ffeeeb1df48&domain1=ww...

46 KB
13 KB

333ms
221ms

Document
text/html

2600:9000:2016:6200:2:856a:59c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.getthebuzzbgone.com/zap/au/pre-5.html?pcta=index-v3.html&icta=order.html&iep=true&temp=hcvr&loader=0&fomo=1&Affid=6164&s1=&s2=&s3=&s4=3127&s5=167c1aea656a44e0972c4ffeeeb1df48&domain1=www.frscosr.com&network_id=69
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2016:6200:2:856a:59c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39df89d8660d598dd69b909f2fb68233f57ce85e3fc7227cc3dd07dce5ed5098

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-type: text/html
date: Mon, 12 Dec 2022 02:33:15 GMT
etag: W/"64231197eaf43a041483a99c77367fdf"
last-modified: Wed, 12 Oct 2022 04:26:17 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 b16df885683d0bb71fd074a9a72b1dc8.cloudfront.net (CloudFront)
x-amz-cf-id: -yVqz7WI_khZ0XeBF6nI-xFezXWflJvbEAmGh9KVaJpVsqmC6tLp3A==
x-amz-cf-pop: HAM50-C2
x-cache: Miss from cloudfront

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 299
content-type: text/html; charset=utf-8
date: Mon, 12 Dec 2022 02:33:13 GMT
location: https://www.getthebuzzbgone.com/zap/au/pre-5.html?pcta=index-v3.html&icta=order.html&iep=true&temp=hcvr&loader=0&fomo=1&Affid=6164&s1=&s2=&s3=&s4=3127&s5=167c1aea656a44e0972c4ffeeeb1df48&domain1=www.frscosr.com&network_id=69
server: nginx
vary: Origin
via: 1.1 google
x-eflow-request-id: f598417d-115d-42d1-bf6f-4073af4609d3

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 40ms
16ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&display=swap

Requested by

Host: www.getthebuzzbgone.com
URL: https://www.getthebuzzbgone.com/zap/au/pre-5.html?pcta=index-v3.html&icta=order.html&iep=true&temp=hcvr&loader=0&fomo=1&Affid=6164&s1=&s2=&s3=&s4=3127&s5=167c1aea656a44e0972c4ffeeeb1df48&domain1=www.frscosr.com&network_id=69

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a5d800754ca9a9ece3b760b994c8335b336f1539771f2a4f3877ea250117bf26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 12 Dec 2022 02:33:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 12 Dec 2022 01:35:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 12 Dec 2022 02:33:14 GMT

GET
H2 200 modernizr-custom.js Show response
www.getthebuzzbgone.com/zap/au/assets/js/ 4 KB
2 KB 40ms
40ms Script
text/javascript 2600:9000:2016:6200:2:856a:59c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.getthebuzzbgone.com/zap/au/assets/js/modernizr-custom.js?v=1665548764653
Requested by: Host: www.getthebuzzbgone.com
URL: https://www.getthebuzzbgone.com/zap/au/pre-5.html?pcta=index-v3.html&icta=order.html&iep=true&temp=hcvr&loader=0&fomo=1&Affid=6164&s1=&s2=&s3=&s4=3127&s5=167c1aea656a44e0972c4ffeeeb1df48&domain1=www.frscosr.com&network_id=69
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2016:6200:2:856a:59c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8a34fefeaacfe1f612d64877d8b9cf5298c1096f90e25d3641ee99eb774200ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/zap/au/pre-5.html?pcta=index-v3.html&icta=order.html&iep=true&temp=hcvr&loader=0&fomo=1&Affid=6164&s1=&s2=&s3=&s4=3127&s5=167c1aea656a44e0972c4ffeeeb1df48&domain1=www.frscosr.com&network_id=69
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 02:32:41 GMT
content-encoding: gzip
via: 1.1 b16df885683d0bb71fd074a9a72b1dc8.cloudfront.net (CloudFront)
last-modified: Tue, 08 Nov 2022 03:48:13 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-C2
age: 777634
etag: W/"9af8c98ebd169ab4f380b48646ded3ed"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=31536000
x-amz-cf-id: l64a_VpRZomsn70hO-CT8PspageXWArWBkTcCjraHtCKwv57qnKdqw==

GET
H2 200 jquery-3.4.1.min.js Show response
www.getthebuzzbgone.com/zap/au/assets/js/ 86 KB
30 KB 28ms
26ms Script
text/javascript 2600:9000:2016:6200:2:856a:59c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.getthebuzzbgone.com/zap/au/assets/js/jquery-3.4.1.min.js?v=1665548764653
Requested by: Host: www.getthebuzzbgone.com
URL: https://www.getthebuzzbgone.com/zap/au/pre-5.html?pcta=index-v3.html&icta=order.html&iep=true&temp=hcvr&loader=0&fomo=1&Affid=6164&s1=&s2=&s3=&s4=3127&s5=167c1aea656a44e0972c4ffeeeb1df48&domain1=www.frscosr.com&network_id=69
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2016:6200:2:856a:59c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/zap/au/pre-5.html?pcta=index-v3.html&icta=order.html&iep=true&temp=hcvr&loader=0&fomo=1&Affid=6164&s1=&s2=&s3=&s4=3127&s5=167c1aea656a44e0972c4ffeeeb1df48&domain1=www.frscosr.com&network_id=69
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:52:09 GMT
content-encoding: gzip
via: 1.1 b16df885683d0bb71fd074a9a72b1dc8.cloudfront.net (CloudFront)
last-modified: Tue, 08 Nov 2022 03:48:14 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-C2
age: 1114866
etag: W/"220afd743d9e9643852e31a135a9f3ae"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=31536000
x-amz-cf-id: QDLel5fIMv91UNIO26QdNqD6egTcqduYWrUglRPDs77K1itCR4lBYg==

GET
H2 200 blazy.min.js Show response
www.getthebuzzbgone.com/zap/au/assets/js/ 5 KB
2 KB 402ms
400ms Script
text/javascript 2600:9000:2016:6200:2:856a:59c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.getthebuzzbgone.com/zap/au/assets/js/blazy.min.js?v=1665548764653
Requested by: Host: www.getthebuzzbgone.com
URL: https://www.getthebuzzbgone.com/zap/au/pre-5.html?pcta=index-v3.html&icta=order.html&iep=true&temp=hcvr&loader=0&fomo=1&Affid=6164&s1=&s2=&s3=&s4=3127&s5=167c1aea656a44e0972c4ffeeeb1df48&domain1=www.frscosr.com&network_id=69
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2016:6200:2:856a:59c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0f427d0f88a0698c955ff63bf13af4ca80c9b32f218b5e210847450da901a74f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/zap/au/pre-5.html?pcta=index-v3.html&icta=order.html&iep=true&temp=hcvr&loader=0&fomo=1&Affid=6164&s1=&s2=&s3=&s4=3127&s5=167c1aea656a44e0972c4ffeeeb1df48&domain1=www.frscosr.com&network_id=69
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 02:33:15 GMT
content-encoding: gzip
via: 1.1 b16df885683d0bb71fd074a9a72b1dc8.cloudfront.net (CloudFront)
last-modified: Tue, 08 Nov 2022 03:48:14 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-C2
etag: W/"44701cfb0078345ec1d432f661e33709"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript
cache-control: max-age=31536000
x-amz-cf-id: IThNVIjjh9hJlrTqj4kPzQblq4LtUGsHVW74xQNEH5GVg6m5KuB4eA==

GET
H2 200 ctrwowUtils-v2.10.0.min.js Show response
www.getthebuzzbgone.com/zap/au/assets/js/ 34 KB
11 KB 24ms
23ms Script
text/javascript 2600:9000:2016:6200:2:856a:59c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.getthebuzzbgone.com/zap/au/assets/js/ctrwowUtils-v2.10.0.min.js?v=1665548764653
Requested by: Host: www.getthebuzzbgone.com
URL: https://www.getthebuzzbgone.com/zap/au/pre-5.html?pcta=index-v3.html&icta=order.html&iep=true&temp=hcvr&loader=0&fomo=1&Affid=6164&s1=&s2=&s3=&s4=3127&s5=167c1aea656a44e0972c4ffeeeb1df48&domain1=www.frscosr.com&network_id=69
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2016:6200:2:856a:59c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d52a0a6f743cfad5d974390f0abcdb261ad4b56ed69eac5e71d580b857a888a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/zap/au/pre-5.html?pcta=index-v3.html&icta=order.html&iep=true&temp=hcvr&loader=0&fomo=1&Affid=6164&s1=&s2=&s3=&s4=3127&s5=167c1aea656a44e0972c4ffeeeb1df48&domain1=www.frscosr.com&network_id=69
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:52:09 GMT
content-encoding: gzip
via: 1.1 b16df885683d0bb71fd074a9a72b1dc8.cloudfront.net (CloudFront)
last-modified: Tue, 08 Nov 2022 03:48:14 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-C2
age: 1114866
etag: W/"c9567d961ce631c24f6b5a9c462b27eb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=31536000
x-amz-cf-id: YiQZ2yGlzxrl41ZNN3rFJRea4K94IgySYtFAr8wrXDy40sa6RtwU3Q==

GET
H2 200 pre-5.css
www.getthebuzzbgone.com/zap/au/assets/css/ 25 KB
5 KB 30ms
30ms Stylesheet
text/css 2600:9000:2016:6200:2:856a:59c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.getthebuzzbgone.com/zap/au/assets/css/pre-5.css?v=1665548764653
Requested by: Host: www.getthebuzzbgone.com
URL: https://www.getthebuzzbgone.com/zap/au/pre-5.html?pcta=index-v3.html&icta=order.html&iep=true&temp=hcvr&loader=0&fomo=1&Affid=6164&s1=&s2=&s3=&s4=3127&s5=167c1aea656a44e0972c4ffeeeb1df48&domain1=www.frscosr.com&network_id=69
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2016:6200:2:856a:59c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4f9f134f5f92de093c76df41c0130b5bb991ab8dbb90325a394f5e74ed3d7029

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/zap/au/pre-5.html?pcta=index-v3.html&icta=order.html&iep=true&temp=hcvr&loader=0&fomo=1&Affid=6164&s1=&s2=&s3=&s4=3127&s5=167c1aea656a44e0972c4ffeeeb1df48&domain1=www.frscosr.com&network_id=69
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 05:25:37 GMT
content-encoding: gzip
via: 1.1 b16df885683d0bb71fd074a9a72b1dc8.cloudfront.net (CloudFront)
last-modified: Wed, 12 Oct 2022 04:26:15 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-C2
age: 335258
etag: W/"6fa115c3e9addf86c5ec4ae92dd5cfe5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000
x-amz-cf-id: Nlzgk87iuf24ifQBJ9KsdP2C-a_WsxtJnucM_jqnoJuq5dALZTBEZQ==

GET
H2 200 CTR_FP_TRACKING-v2.7.0.min.js Show response
www.getthebuzzbgone.com/zap/au/assets/js/ 48 KB
14 KB 43ms
42ms Script
text/javascript 2600:9000:2016:6200:2:856a:59c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.getthebuzzbgone.com/zap/au/assets/js/CTR_FP_TRACKING-v2.7.0.min.js?v=1665548764653
Requested by: Host: www.getthebuzzbgone.com
URL: https://www.getthebuzzbgone.com/zap/au/pre-5.html?pcta=index-v3.html&icta=order.html&iep=true&temp=hcvr&loader=0&fomo=1&Affid=6164&s1=&s2=&s3=&s4=3127&s5=167c1aea656a44e0972c4ffeeeb1df48&domain1=www.frscosr.com&network_id=69
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2016:6200:2:856a:59c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 90f899910a7b57c79c6170bdd001b95c2852cbbc0b00301a3d7dee18e632d9be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/zap/au/pre-5.html?pcta=index-v3.html&icta=order.html&iep=true&temp=hcvr&loader=0&fomo=1&Affid=6164&s1=&s2=&s3=&s4=3127&s5=167c1aea656a44e0972c4ffeeeb1df48&domain1=www.frscosr.com&network_id=69
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:52:09 GMT
content-encoding: gzip
via: 1.1 b16df885683d0bb71fd074a9a72b1dc8.cloudfront.net (CloudFront)
last-modified: Tue, 08 Nov 2022 03:48:14 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-C2
age: 1114866
etag: W/"68a67fe06833ee53423bfe935fe5b59e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=31536000
x-amz-cf-id: yJ8HgWQ1rKXeOEkxMxVX3UItZXvcr6Xb0VZ4TIc7Xg6_dSl0D4zCgA==

GET
H2 200 blueshift_wow_v1.js Show response
d16hdrba6dusey.cloudfront.net/sitecommon/js/components/ 17 KB
6 KB 468ms
436ms Script
application/javascript 2600:9000:21f3:1000:18:d154:1680:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d16hdrba6dusey.cloudfront.net/sitecommon/js/components/blueshift_wow_v1.js?v=1
Requested by: Host: www.getthebuzzbgone.com
URL: https://www.getthebuzzbgone.com/zap/au/pre-5.html?pcta=index-v3.html&icta=order.html&iep=true&temp=hcvr&loader=0&fomo=1&Affid=6164&s1=&s2=&s3=&s4=3127&s5=167c1aea656a44e0972c4ffeeeb1df48&domain1=www.frscosr.com&network_id=69
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:1000:18:d154:1680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 63c477637b224a600a63d304a9655bf591d4cef6080f77ff4ecd70526f16d893

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 02:33:15 GMT
content-encoding: gzip
via: 1.1 d9bf8acc1da383db4531789bbb03ac06.cloudfront.net (CloudFront)
last-modified: Tue, 25 Oct 2022 17:48:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: W/"2e16cb2cad9bf72a8f370e6dfd90dda2"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: no-store
x-amz-cf-id: lqO3E-hxvXuXe66GPc68CN1vcmbqBervGCdvvTKUp4CVHYzuk39SRg==

GET
H2 200 pre-5.js Show response
www.getthebuzzbgone.com/zap/au/assets/js/ 22 KB
7 KB 44ms
43ms Script
text/javascript 2600:9000:2016:6200:2:856a:59c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.getthebuzzbgone.com/zap/au/assets/js/pre-5.js?v=1665548764653
Requested by: Host: www.getthebuzzbgone.com
URL: https://www.getthebuzzbgone.com/zap/au/pre-5.html?pcta=index-v3.html&icta=order.html&iep=true&temp=hcvr&loader=0&fomo=1&Affid=6164&s1=&s2=&s3=&s4=3127&s5=167c1aea656a44e0972c4ffeeeb1df48&domain1=www.frscosr.com&network_id=69
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2016:6200:2:856a:59c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 043051a6eedba5ed876e0775b25c04b44ce094c9a61ac6e1cbc6cbae426ab5b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/zap/au/pre-5.html?pcta=index-v3.html&icta=order.html&iep=true&temp=hcvr&loader=0&fomo=1&Affid=6164&s1=&s2=&s3=&s4=3127&s5=167c1aea656a44e0972c4ffeeeb1df48&domain1=www.frscosr.com&network_id=69
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:52:09 GMT
content-encoding: gzip
via: 1.1 b16df885683d0bb71fd074a9a72b1dc8.cloudfront.net (CloudFront)
last-modified: Wed, 12 Oct 2022 04:26:16 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-C2
age: 1114866
etag: W/"a40c1898322179c51f12bc13b490c396"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=31536000
x-amz-cf-id: T0nsL5pPw04nmwwB325HfS0J3hjy5IFxTRIIp3AS0rk59uo0B2GHTQ==

GET
H2 200 j.php Show response
dev.visualwebsiteoptimizer.com/ 14 KB
5 KB 43ms
17ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/j.php?a=463962&u=https%3A%2F%2Fwww.getthebuzzbgone.com%2Fzap%2Fau%2Fpre-5.html%3Fpcta%3Dindex-v3.html%26icta%3Dorder.html%26iep%3Dtrue%26temp%3Dhcvr%26loader%3D0%26fomo%3D1%26Affid%3D6164%26s1%3D%26s2%3D%26s3%3D%26s4%3D3127%26s5%3D167c1aea656a44e0972c4ffeeeb1df48%26domain1%3Dwww.frscosr.com%26network_id%3D69&f=1&r=0.5175044816602288
Requested by: Host: www.getthebuzzbgone.com
URL: https://www.getthebuzzbgone.com/zap/au/pre-5.html?pcta=index-v3.html&icta=order.html&iep=true&temp=hcvr&loader=0&fomo=1&Affid=6164&s1=&s2=&s3=&s4=3127&s5=167c1aea656a44e0972c4ffeeeb1df48&domain1=www.frscosr.com&network_id=69
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 13d59b945a9445d36344c79c26a3b2941b8fe47b295ee2d04dcd0b4eb96d7267

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 02:33:14 GMT
content-encoding: gzip
via: 1.1 google
server: gfra1
etag: W/"1670778394"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, no-cache, must-revalidate
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 bar.webp
www.getthebuzzbgone.com/zap/au/assets/image/584ea331-0cd2-4c48-85d9-737f9dddfa0b/60aca4dc104d5d0ab45c6cf0/7b1b28d2-6263-4575-b4cd-7c85a771c612/ 1 KB
2 KB 23ms
23ms Image
image/webp 2600:9000:2016:6200:2:856a:59c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.getthebuzzbgone.com/zap/au/assets/image/584ea331-0cd2-4c48-85d9-737f9dddfa0b/60aca4dc104d5d0ab45c6cf0/7b1b28d2-6263-4575-b4cd-7c85a771c612/bar.webp?t=20210614T180539582
Requested by: Host: www.getthebuzzbgone.com
URL: https://www.getthebuzzbgone.com/zap/au/assets/css/pre-5.css?v=1665548764653
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2016:6200:2:856a:59c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27a340dfd1cde40899f76b2d09c199b7a4ed43ec71f054fdd00cfb3d6bfe99a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/zap/au/assets/css/pre-5.css?v=1665548764653
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:52:09 GMT
via: 1.1 b16df885683d0bb71fd074a9a72b1dc8.cloudfront.net (CloudFront)
last-modified: Tue, 08 Nov 2022 03:48:16 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-C2
age: 1114866
etag: "2015cad3ae0288d73f6ad8baf02646d5"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=31536000
content-length: 1228
x-amz-cf-id: JapOAxV3Tq1WU6-7PR4DfpnjhElUho6dnTtTlPVzPEMRxGCijsROqQ==

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 30ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.getthebuzzbgone.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 18:50:24 GMT
x-content-type-options: nosniff
age: 546170
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Dec 2023 18:50:24 GMT

GET
DATA 200
OK truncated
/ 90 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 38 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 44 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/webp

GET
H3 200 tag-d355d98014f63c42150049c53a3d5812.js Show response
dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/ 174 KB
49 KB 22ms
14ms Script
text/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-d355d98014f63c42150049c53a3d5812.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=463962&u=https%3A%2F%2Fwww.getthebuzzbgone.com%2Fzap%2Fau%2Fpre-5.html%3Fpcta%3Dindex-v3.html%26icta%3Dorder.html%26iep%3Dtrue%26temp%3Dhcvr%26loader%3D0%26fomo%3D1%26Affid%3D6164%26s1%3D%26s2%3D%26s3%3D%26s4%3D3127%26s5%3D167c1aea656a44e0972c4ffeeeb1df48%26domain1%3Dwww.frscosr.com%26network_id%3D69&f=1&r=0.5175044816602288
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 1fc63aa7bbaa5ac735fb916aac1525d78e3a81a6185e198bd790f7b513e9da7d

Request headers

Referer: https://www.getthebuzzbgone.com/
Origin: https://www.getthebuzzbgone.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 02:33:14 GMT
content-encoding: br
via: 1.1 google
last-modified: Fri, 09 Dec 2022 14:15:33 GMT
server: gfra1
etag: "63934305-c26c"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49772

GET
H2 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
214 B 97ms
96ms Image
image/gif 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=463962&d=getthebuzzbgone.com&u=DE02AD16A928ED2C3FA8BF8D8960AED1F&h=4b8e41be2821eff51d6267529efa0af3&t=false&r=0.5774829039669351

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv1c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 02:33:14 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv1c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H3 200 settings.js Show response
dev.visualwebsiteoptimizer.com/ 43 KB
5 KB 15ms
15ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/settings.js?a=463962&settings_type=1&vn=7.0&exc=1611|1677|1676
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-d355d98014f63c42150049c53a3d5812.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 6d7107ff695fa3d7ab73d22183f9522d6960e9fab0e79bf949da21f537a9989f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 02:33:14 GMT
content-encoding: gzip
via: 1.1 google
server: gfra1
etag: W/"1670778394"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

OPTIONS
H/1.1 200
OK location
sales-prod.tryemanagecrm.com/api/campaigns/565D41F9-574E-491F-B34D-CAD66AD280E9/customers/ Frame 0
0 1042ms
475ms Preflight 51.143.102.21
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://sales-prod.tryemanagecrm.com/api/campaigns/565D41F9-574E-491F-B34D-CAD66AD280E9/customers/location

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.143.102.21 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-inline' 'unsafe-eval'; script-src 'unsafe-inline' 'unsafe-eval'; connect-src 'unsafe-inline'; img-src data: blob: 'unsafe-inline'; frame-src ; style-src 'unsafe-inline';'
Strict-Transport-Security	strict-transport-security: max-age=31536000; includeSubDomains
X-Content-Type-Options	X-Content-Type-Options: nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	X-XSS-Protection: 1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x_cid
Access-Control-Request-Method: GET
Origin: https://www.getthebuzzbgone.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type,x_cid
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Request-Context
Cache-Control: no-cache
Content-Length: 0
Content-Security-Policy: default-src 'unsafe-inline' 'unsafe-eval'; script-src 'unsafe-inline' 'unsafe-eval'; connect-src 'unsafe-inline'; img-src data: blob: 'unsafe-inline'; frame-src ; style-src 'unsafe-inline';'
Date: Mon, 12 Dec 2022 02:33:15 GMT
Expires: -1
Pragma: no-cache
Referrer-Policy: no-referrer
Request-Context: appId=cid-v1:6361e4eb-7dac-4fbe-b84b-897b6ebd3b92
Server: Microsoft-IIS/10.0
Strict-Transport-Security: strict-transport-security: max-age=31536000; includeSubDomains
X-AspNet-Version: 4.0.30319
X-Content-Type-Options: X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Powered-By: ASP.NET
X-XSS-Protection: X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK location Show response
sales-prod.tryemanagecrm.com/api/campaigns/565D41F9-574E-491F-B34D-CAD66AD280E9/customers/ 169 B
1 KB 2634ms
2633ms Fetch
application/json 51.143.102.21
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://sales-prod.tryemanagecrm.com/api/campaigns/565D41F9-574E-491F-B34D-CAD66AD280E9/customers/location

Requested by

Host: www.getthebuzzbgone.com
URL: https://www.getthebuzzbgone.com/zap/au/assets/js/ctrwowUtils-v2.10.0.min.js?v=1665548764653

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.143.102.21 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

48ba06f12f2ea8c7c25cb26039eda2259547fb8116fb927094b3fd6c844183ba

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-inline' 'unsafe-eval'; script-src 'unsafe-inline' 'unsafe-eval'; connect-src 'unsafe-inline'; img-src data: blob: 'unsafe-inline'; frame-src ; style-src 'unsafe-inline';'
Strict-Transport-Security	strict-transport-security: max-age=31536000; includeSubDomains
X-Content-Type-Options	X-Content-Type-Options: nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	X-XSS-Protection: 1; mode=block

Request headers

Referer: https://www.getthebuzzbgone.com/
X_CID: 584ea331-0cd2-4c48-85d9-737f9dddfa0b
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
content-type: application/json

Response headers

Date: Mon, 12 Dec 2022 02:33:18 GMT
Content-Encoding: gzip
X-Content-Type-Options: X-Content-Type-Options: nosniff
Strict-Transport-Security: strict-transport-security: max-age=31536000; includeSubDomains
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Security-Policy: default-src 'unsafe-inline' 'unsafe-eval'; script-src 'unsafe-inline' 'unsafe-eval'; connect-src 'unsafe-inline'; img-src data: blob: 'unsafe-inline'; frame-src ; style-src 'unsafe-inline';'
Content-Length: 237
X-XSS-Protection: X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:6361e4eb-7dac-4fbe-b84b-897b6ebd3b92
Pragma: no-cache
Referrer-Policy: no-referrer
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Request-Context
Cache-Control: no-cache
Expires: -1

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 318 KB
87 KB 65ms
43ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5W4SPMQ

Requested by

Host: www.getthebuzzbgone.com
URL: https://www.getthebuzzbgone.com/zap/au/assets/js/pre-5.js?v=1665548764653

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

64049fc030d4dfaf80e1d8c77d8fe2787b0738bb2fc2e7a479b048ef73ea2d39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 02:33:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89029
x-xss-protection: 0
last-modified: Mon, 12 Dec 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 12 Dec 2022 02:33:14 GMT

GET
H2 200 coolsummertips.webp
www.getthebuzzbgone.com/zap/au/assets/image/584ea331-0cd2-4c48-85d9-737f9dddfa0b/60aca4dc104d5d0ab45c6cf0/64d05369-1d1d-4956-920d-06f5ee14a73b/ 4 KB
5 KB 377ms
375ms Image
image/webp 2600:9000:2016:6200:2:856a:59c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.getthebuzzbgone.com/zap/au/assets/image/584ea331-0cd2-4c48-85d9-737f9dddfa0b/60aca4dc104d5d0ab45c6cf0/64d05369-1d1d-4956-920d-06f5ee14a73b/coolsummertips.webp?t=20220317T18243244
Requested by: Host: www.getthebuzzbgone.com
URL: https://www.getthebuzzbgone.com/zap/au/pre-5.html?pcta=index-v3.html&icta=order.html&iep=true&temp=hcvr&loader=0&fomo=1&Affid=6164&s1=&s2=&s3=&s4=3127&s5=167c1aea656a44e0972c4ffeeeb1df48&domain1=www.frscosr.com&network_id=69
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2016:6200:2:856a:59c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 95f1be481f9ca8756702701a87aa89ed613e8a82c0f28757d578570cce171bc9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/zap/au/pre-5.html?pcta=index-v3.html&icta=order.html&iep=true&temp=hcvr&loader=0&fomo=1&Affid=6164&s1=&s2=&s3=&s4=3127&s5=167c1aea656a44e0972c4ffeeeb1df48&domain1=www.frscosr.com&network_id=69
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 02:33:16 GMT
via: 1.1 b16df885683d0bb71fd074a9a72b1dc8.cloudfront.net (CloudFront)
last-modified: Tue, 08 Nov 2022 03:48:21 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-C2
etag: "827e7b27c054a3ac0ffaa2c0e657f84b"
x-cache: Miss from cloudfront
content-type: image/webp
cache-control: max-age=31536000
content-length: 4472
x-amz-cf-id: Kge5M_2RrVMrQlj8GIb8vmUEycZXsiuUkMW3P4T4o7YT6xkzht8Bsg==

GET
H2 200 author.webp
www.getthebuzzbgone.com/zap/au/assets/image/584ea331-0cd2-4c48-85d9-737f9dddfa0b/60aca4dc104d5d0ab45c6cf0/d55cfde7-3ec2-4e58-a1ec-c61cf5f202f0/ 750 B
1 KB 25ms
24ms Image
image/webp 2600:9000:2016:6200:2:856a:59c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.getthebuzzbgone.com/zap/au/assets/image/584ea331-0cd2-4c48-85d9-737f9dddfa0b/60aca4dc104d5d0ab45c6cf0/d55cfde7-3ec2-4e58-a1ec-c61cf5f202f0/author.webp?t=20220317T192337126
Requested by: Host: www.getthebuzzbgone.com
URL: https://www.getthebuzzbgone.com/zap/au/pre-5.html?pcta=index-v3.html&icta=order.html&iep=true&temp=hcvr&loader=0&fomo=1&Affid=6164&s1=&s2=&s3=&s4=3127&s5=167c1aea656a44e0972c4ffeeeb1df48&domain1=www.frscosr.com&network_id=69
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2016:6200:2:856a:59c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 63343d89574166adb90256d3c49eb77b72804b7d310ef577a8bda79cb7dbc97c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/zap/au/pre-5.html?pcta=index-v3.html&icta=order.html&iep=true&temp=hcvr&loader=0&fomo=1&Affid=6164&s1=&s2=&s3=&s4=3127&s5=167c1aea656a44e0972c4ffeeeb1df48&domain1=www.frscosr.com&network_id=69
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:52:10 GMT
via: 1.1 b16df885683d0bb71fd074a9a72b1dc8.cloudfront.net (CloudFront)
last-modified: Tue, 08 Nov 2022 03:48:21 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-C2
age: 1114865
etag: "925b585aef507f6473db74143e8b19c4"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=31536000
content-length: 750
x-amz-cf-id: DsZst1RwHfHqjGu4kLaL2qgZlxAGgTPIdkVh2UYLV4xvhnmD4VWiMw==

GET
H2 200 img_1.webp
www.getthebuzzbgone.com/zap/au/assets/image/584ea331-0cd2-4c48-85d9-737f9dddfa0b/60aca4dc104d5d0ab45c6cf0/89de87a4-5263-4929-9b01-25f99f28af67/ 5 KB
5 KB 27ms
26ms Image
image/webp 2600:9000:2016:6200:2:856a:59c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.getthebuzzbgone.com/zap/au/assets/image/584ea331-0cd2-4c48-85d9-737f9dddfa0b/60aca4dc104d5d0ab45c6cf0/89de87a4-5263-4929-9b01-25f99f28af67/img_1.webp?t=20220317T192337405
Requested by: Host: www.getthebuzzbgone.com
URL: https://www.getthebuzzbgone.com/zap/au/pre-5.html?pcta=index-v3.html&icta=order.html&iep=true&temp=hcvr&loader=0&fomo=1&Affid=6164&s1=&s2=&s3=&s4=3127&s5=167c1aea656a44e0972c4ffeeeb1df48&domain1=www.frscosr.com&network_id=69
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2016:6200:2:856a:59c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7f0aa617d0c6342d5bece7cf736cb226b3dc17794985031ea73159d471232edf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/zap/au/pre-5.html?pcta=index-v3.html&icta=order.html&iep=true&temp=hcvr&loader=0&fomo=1&Affid=6164&s1=&s2=&s3=&s4=3127&s5=167c1aea656a44e0972c4ffeeeb1df48&domain1=www.frscosr.com&network_id=69
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 14:45:16 GMT
via: 1.1 b16df885683d0bb71fd074a9a72b1dc8.cloudfront.net (CloudFront)
last-modified: Tue, 08 Nov 2022 03:48:21 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-C2
age: 820079
etag: "de365ac87f6d8566b22f40dff7aeebfc"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=31536000
content-length: 4948
x-amz-cf-id: FwE0uFxwlbQiKqNy8Xz0de4Wdi7fz6FRE_tbWtj23Xtpq5wNwfsHfg==

GET
H2 200 luke.png
www.getthebuzzbgone.com/zap/au/assets/image/584ea331-0cd2-4c48-85d9-737f9dddfa0b/60aca4dc104d5d0ab45c6cf0/be56d512-37f9-4e95-81ad-8cc1da34d508/ 13 KB
13 KB 26ms
25ms Image
image/png 2600:9000:2016:6200:2:856a:59c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.getthebuzzbgone.com/zap/au/assets/image/584ea331-0cd2-4c48-85d9-737f9dddfa0b/60aca4dc104d5d0ab45c6cf0/be56d512-37f9-4e95-81ad-8cc1da34d508/luke.png?t=20210614T223032603
Requested by: Host: www.getthebuzzbgone.com
URL: https://www.getthebuzzbgone.com/zap/au/pre-5.html?pcta=index-v3.html&icta=order.html&iep=true&temp=hcvr&loader=0&fomo=1&Affid=6164&s1=&s2=&s3=&s4=3127&s5=167c1aea656a44e0972c4ffeeeb1df48&domain1=www.frscosr.com&network_id=69
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2016:6200:2:856a:59c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2410efe4755561ca781e188eb745c3cee55c2e7bc06e0592aa385980355d463b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/zap/au/pre-5.html?pcta=index-v3.html&icta=order.html&iep=true&temp=hcvr&loader=0&fomo=1&Affid=6164&s1=&s2=&s3=&s4=3127&s5=167c1aea656a44e0972c4ffeeeb1df48&domain1=www.frscosr.com&network_id=69
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 02:32:43 GMT
via: 1.1 b16df885683d0bb71fd074a9a72b1dc8.cloudfront.net (CloudFront)
last-modified: Tue, 08 Nov 2022 03:48:20 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-C2
age: 777632
etag: "1290f0440a7690e7c949d1f8f6eb0870"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
content-length: 12865
x-amz-cf-id: 429LXiGxq1Nx3hRDBG0AGzT8xvk4jA09Ksy3A4vwJeFp2DRLMCa3dQ==

GET
H2 200 ecqx4egfsd Show response
www.clarity.ms/tag/ 1 KB
2 KB 152ms
104ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/ecqx4egfsd?ref=gtm2
Requested by: Host: www.getthebuzzbgone.com
URL: https://www.getthebuzzbgone.com/zap/au/pre-5.html?pcta=index-v3.html&icta=order.html&iep=true&temp=hcvr&loader=0&fomo=1&Affid=6164&s1=&s2=&s3=&s4=3127&s5=167c1aea656a44e0972c4ffeeeb1df48&domain1=www.frscosr.com&network_id=69
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 2a0be44bab5a09d82f4758e320d2b5b13876daa5d8cdd5f10b208fb78200184a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type: application/x-javascript
date: Mon, 12 Dec 2022 02:33:14 GMT
cache-control: no-cache, no-store
expires: -1
x-azure-ref: 065KWYwAAAACp10I3yzXUT5Gn2xmOo2MZRlJBMzFFREdFMDkxMAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H3 200 everflow.js Show response
www.frscosr.com/scripts/sdk/ 58 KB
18 KB 128ms
113ms Script
text/javascript 34.107.179.180
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.frscosr.com/scripts/sdk/everflow.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5W4SPMQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.179.180 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 180.179.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2c54989bdaf28154015c1253e3d3d0692f6ce8fe696e396ed7a750f715dc16ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 02:33:15 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
vary: Origin
content-type: text/javascript
cache-control: max-age=14400
x-eflow-request-id: 7486dc9a-469a-4249-ab88-cc312219da92
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 clarity.js Show response
www.clarity.ms/eus/s/0.6.43/ 54 KB
18 KB 10ms
9ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus/s/0.6.43/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/ecqx4egfsd?ref=gtm2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: cc8a16ce849d72f106bd67187e4b60c20da3093375202bf0b53f23e8f40a8b11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 02:33:14 GMT
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
server: Microsoft-IIS/10.0
x-azure-ref-originshield: 0tWmVYwAAAACshcj3edErRJL+s2iFX5InRlJBMjMxMDUwNDE3MDM3ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
etag: "1d90b0402dd6f4c"
x-azure-ref: 065KWYwAAAACdxV12Lw8rQ6UjL/xVbtM1RlJBMzFFREdFMDkxMAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: TCP_HIT
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

POST
H2 204 collect Show response
d.clarity.ms/ 0
171 B 319ms
99ms XHR
text/plain 40.76.174.66
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus/s/0.6.43/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.getthebuzzbgone.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin: https://www.getthebuzzbgone.com
date: Mon, 12 Dec 2022 02:33:14 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
vary: Origin
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

OPTIONS
H/1.1 204
No Content settings
salessupport.tryemanagecrm.com/api/clients/ Frame 0
0 648ms
165ms Preflight 40.64.128.231
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://salessupport.tryemanagecrm.com/api/clients/settings
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.64.128.231 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x_cid
Access-Control-Request-Method: GET
Origin: https://www.getthebuzzbgone.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Access-Control-Allow-Headers: x_cid
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Date: Mon, 12 Dec 2022 02:33:15 GMT
Request-Context: appId=cid-v1:8c83788f-eb2e-428e-9db0-43b69c73d734
Server: Kestrel

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 543 KB
107 KB 95ms
76ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T9DPM8H

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

36a0e7b217819689254f9bece316ee177ff94fa1fb7983d52fb2eea812d7cf74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 02:33:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109178
x-xss-protection: 0
last-modified: Mon, 12 Dec 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 12 Dec 2022 02:33:15 GMT

GET
H/1.1 200
OK settings Show response
salessupport.tryemanagecrm.com/api/clients/ 17 B
276 B 166ms
164ms Fetch
application/json 40.64.128.231
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://salessupport.tryemanagecrm.com/api/clients/settings
Requested by: Host: d16hdrba6dusey.cloudfront.net
URL: https://d16hdrba6dusey.cloudfront.net/sitecommon/js/components/blueshift_wow_v1.js?v=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.64.128.231 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 3178cccfc4bf1f0b0aa129a97af37f2f993dd171c10e26361c0072df46085cf8

Request headers

Referer: https://www.getthebuzzbgone.com/
X_CID: 584ea331-0cd2-4c48-85d9-737f9dddfa0b
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 12 Dec 2022 02:33:16 GMT
Content-Type: application/json; charset=utf-8
Server: Kestrel
Transfer-Encoding: chunked
Request-Context: appId=cid-v1:8c83788f-eb2e-428e-9db0-43b69c73d734

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=336E0D2DCAFB475783FC98F143BD29BB&RedC=c.clarity.ms&MXFR=265B6A41665560011F88783962556EF1
https://c.clarity.ms/c.gif?CtsSyncId=336E0D2DCAFB475783FC98F143BD29BB&MUID=3459D89C8FAC62A418E6CAE48EAC631D

42 B
369 B

27ms
27ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=336E0D2DCAFB475783FC98F143BD29BB&MUID=3459D89C8FAC62A418E6CAE48EAC631D
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 02:33:14 GMT
last-modified: Thu, 13 Oct 2022 20:07:05 GMT
server: Microsoft-IIS/10.0
etag: "40db785d3fdfd81:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 12 Dec 2022 02:33:15 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 677C9629B75F4A9C94C8FE40EA7D1938 Ref B: FRAEDGE1909 Ref C: 2022-12-12T02:33:15Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=336E0D2DCAFB475783FC98F143BD29BB&MUID=3459D89C8FAC62A418E6CAE48EAC631D
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 ctrwow_fp_analytics.min.js Show response
d16hdrba6dusey.cloudfront.net/ 42 KB
16 KB 119ms
118ms Script
application/javascript 2600:9000:21f3:1000:18:d154:1680:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d16hdrba6dusey.cloudfront.net/ctrwow_fp_analytics.min.js
Requested by: Host: www.getthebuzzbgone.com
URL: https://www.getthebuzzbgone.com/zap/au/assets/js/CTR_FP_TRACKING-v2.7.0.min.js?v=1665548764653
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:1000:18:d154:1680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a5e2573d899dae45986c63bf1f8aa164ad2eeb2737ab84dae1999e777d3859c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 02:33:16 GMT
content-encoding: gzip
via: 1.1 d9bf8acc1da383db4531789bbb03ac06.cloudfront.net (CloudFront)
last-modified: Thu, 18 Aug 2022 03:14:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: W/"b3f370ee7e0449a09eac8b3d80b621e7"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: Ap3T59w-bPoImaA2JRehGp4UiXNXXbFFnxWIhr9kwKAma2-74jKj4A==

GET
H2 200 luke.webp
www.getthebuzzbgone.com/zap/au/assets/image/584ea331-0cd2-4c48-85d9-737f9dddfa0b/60aca4dc104d5d0ab45c6cf0/356d8b20-c278-49eb-9cd0-c70ebad46ca5/ 2 KB
2 KB 33ms
30ms Image
image/webp 2600:9000:2016:6200:2:856a:59c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.getthebuzzbgone.com/zap/au/assets/image/584ea331-0cd2-4c48-85d9-737f9dddfa0b/60aca4dc104d5d0ab45c6cf0/356d8b20-c278-49eb-9cd0-c70ebad46ca5/luke.webp?t=20220317T192337628
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2016:6200:2:856a:59c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fdd8c45862683476506733e7600c95fd8ab32a1508801404bb7d76cc2b12217e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/zap/au/pre-5.html?pcta=index-v3.html&icta=order.html&iep=true&temp=hcvr&loader=0&fomo=1&Affid=6164&s1=&s2=&s3=&s4=3127&s5=167c1aea656a44e0972c4ffeeeb1df48&domain1=www.frscosr.com&network_id=69
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 02:32:44 GMT
via: 1.1 b16df885683d0bb71fd074a9a72b1dc8.cloudfront.net (CloudFront)
last-modified: Tue, 08 Nov 2022 03:48:21 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-C2
age: 777632
etag: "80ac4b1b6fbc4afe90a5b4cc15b5f3c2"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=31536000
content-length: 1606
x-amz-cf-id: igsL3bp8rOFZv9MM0uIxtR28DqHF-Wq65utzaPlaMs4IWI_EoTeGgw==

GET
H2 200 buzz-bgonefarm.webp
www.getthebuzzbgone.com/zap/au/assets/image/584ea331-0cd2-4c48-85d9-737f9dddfa0b/60aca4dc104d5d0ab45c6cf0/8e584437-1bd0-48b2-a3c4-e8df9ed09254/ 21 KB
22 KB 26ms
22ms Image
image/webp 2600:9000:2016:6200:2:856a:59c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.getthebuzzbgone.com/zap/au/assets/image/584ea331-0cd2-4c48-85d9-737f9dddfa0b/60aca4dc104d5d0ab45c6cf0/8e584437-1bd0-48b2-a3c4-e8df9ed09254/buzz-bgonefarm.webp?t=20220317T192337346
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2016:6200:2:856a:59c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e35d978a0a2ab0939b917aef450b4074fe1ab3d841223e4dc00f960cefd0a2e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/zap/au/pre-5.html?pcta=index-v3.html&icta=order.html&iep=true&temp=hcvr&loader=0&fomo=1&Affid=6164&s1=&s2=&s3=&s4=3127&s5=167c1aea656a44e0972c4ffeeeb1df48&domain1=www.frscosr.com&network_id=69
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 07:17:07 GMT
via: 1.1 b16df885683d0bb71fd074a9a72b1dc8.cloudfront.net (CloudFront)
last-modified: Tue, 08 Nov 2022 03:48:20 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-C2
age: 414969
etag: "e2b0141a3f76ce40d300c9b2aedcdd65"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=31536000
content-length: 21750
x-amz-cf-id: R_ggkgXvNY4D-nOcfJeiRICdaoZeSloSkTG7PnBnZaPMIYCxjuybEw==

GET
H2 200 img_2.webp
www.getthebuzzbgone.com/zap/au/assets/image/584ea331-0cd2-4c48-85d9-737f9dddfa0b/60aca4dc104d5d0ab45c6cf0/9c289689-7f1d-44b6-9400-d1674c57955a/ 16 KB
16 KB 34ms
31ms Image
image/webp 2600:9000:2016:6200:2:856a:59c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.getthebuzzbgone.com/zap/au/assets/image/584ea331-0cd2-4c48-85d9-737f9dddfa0b/60aca4dc104d5d0ab45c6cf0/9c289689-7f1d-44b6-9400-d1674c57955a/img_2.webp?t=20220317T192337403
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2016:6200:2:856a:59c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 536f17f68173373b9b0d9325491dd54f1136205a98e61f683649ca10104f5fcc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/zap/au/pre-5.html?pcta=index-v3.html&icta=order.html&iep=true&temp=hcvr&loader=0&fomo=1&Affid=6164&s1=&s2=&s3=&s4=3127&s5=167c1aea656a44e0972c4ffeeeb1df48&domain1=www.frscosr.com&network_id=69
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:52:11 GMT
via: 1.1 b16df885683d0bb71fd074a9a72b1dc8.cloudfront.net (CloudFront)
last-modified: Tue, 08 Nov 2022 03:48:20 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-C2
age: 1114865
etag: "4e22b547511a6711556d6d32da160080"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=31536000
content-length: 16230
x-amz-cf-id: NLxmWQHR_7MJmP4NgXDWzBpNhXCuFNmGR5KmIIym6iY_3dGtHVBbSA==

GET
H2 200 bbg2.webp
www.getthebuzzbgone.com/zap/au/assets/image/584ea331-0cd2-4c48-85d9-737f9dddfa0b/60aca4dc104d5d0ab45c6cf0/51508e69-22cc-48df-9776-0a5a734e240f/ 14 KB
15 KB 367ms
365ms Image
image/webp 2600:9000:2016:6200:2:856a:59c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.getthebuzzbgone.com/zap/au/assets/image/584ea331-0cd2-4c48-85d9-737f9dddfa0b/60aca4dc104d5d0ab45c6cf0/51508e69-22cc-48df-9776-0a5a734e240f/bbg2.webp?t=20220317T192337386
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2016:6200:2:856a:59c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5f6d489cdb810f12ba27d57e004c34ac16eefb9c61ff2192c1d1b29c85180105

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/zap/au/pre-5.html?pcta=index-v3.html&icta=order.html&iep=true&temp=hcvr&loader=0&fomo=1&Affid=6164&s1=&s2=&s3=&s4=3127&s5=167c1aea656a44e0972c4ffeeeb1df48&domain1=www.frscosr.com&network_id=69
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 02:33:16 GMT
via: 1.1 b16df885683d0bb71fd074a9a72b1dc8.cloudfront.net (CloudFront)
last-modified: Tue, 08 Nov 2022 03:48:19 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-C2
etag: "5727a6b7ae48e0b7a5097032948cf92e"
x-cache: Miss from cloudfront
content-type: image/webp
cache-control: max-age=31536000
content-length: 14824
x-amz-cf-id: QmVOMfwt6aXNogoUX4RgAwHp0moRR8gkbE45yVrZN3rCsWtRBXK-2w==

GET
H3 200 click Show response
www.frscosr.com/sdk/ 90 B
110 B 120ms
120ms Fetch
application/json 34.107.179.180
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.frscosr.com/sdk/click?effp=5468347a3ffa701b865c111784025ffb&_ef_transaction_id=167c1aea656a44e0972c4ffeeeb1df48&oid=&affid=6164&__cc=&async=json&sub1=&sub2=&sub3=&sub4=3127
Requested by: Host: www.frscosr.com
URL: https://www.frscosr.com/scripts/sdk/everflow.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.179.180 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 180.179.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: e18e21ce34059238d88626ff518f0898432519c13c32d0d3afd895c0abd70520

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 02:33:15 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.getthebuzzbgone.com
access-control-allow-credentials: true
x-eflow-request-id: 13c63686-18c1-455f-abce-ae72ed269b38
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 90

GET
H2 200 hotjar-1450693.js Show response
static.hotjar.com/c/ 15 KB
4 KB 109ms
42ms Script
application/javascript 13.225.78.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1450693.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T9DPM8H

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-103.fra2.r.cloudfront.net

Software

Resource Hash

0aa78c95eea7b33ed4357122db2cc7d9aec1f88624c8c514739ffc8324ba5424

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 02:33:15 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
etag: W/8d5995a36aeca3f61f1127f2120b387e
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: lbY_hTh0EYTrlwD_6fjDCXApq63HXKG51X7GyRx5UX0skGvMPktvRg==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 21ms
20ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-164498018-18

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T9DPM8H

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4e3038b4e6dc28bef0ffd0802351e820e63cc46777347b96f8632df54e94c3e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 02:33:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43573
x-xss-protection: 0
last-modified: Mon, 12 Dec 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 12 Dec 2022 02:33:15 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 134 KB
52 KB 22ms
22ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-776470710

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T9DPM8H

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

38456e4331db37eaf787267d081819f928f3191dc7dd11e212cf5d8c18b895a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 02:33:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52986
x-xss-protection: 0
last-modified: Mon, 12 Dec 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 12 Dec 2022 02:33:15 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 24ms
23ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-177438588-1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T9DPM8H

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a27135e413d0d182cddfee6ca249b59e2f7bf8838c486e544aeb76c2701b27e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 02:33:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43631
x-xss-protection: 0
last-modified: Mon, 12 Dec 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 12 Dec 2022 02:33:15 GMT

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 42 KB
15 KB 66ms
19ms Script
application/javascript 2a02:2638:1::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=97841

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5W4SPMQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

79feceefb984f6e47af56b29113b778091145ac701e71c0201c162a593f9cbc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 02:33:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 czgzuik8o3 Show response
www.clarity.ms/tag/ 2 KB
2 KB 98ms
97ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/czgzuik8o3?ref=gtm2
Requested by: Host: www.getthebuzzbgone.com
URL: https://www.getthebuzzbgone.com/zap/au/pre-5.html?pcta=index-v3.html&icta=order.html&iep=true&temp=hcvr&loader=0&fomo=1&Affid=6164&s1=&s2=&s3=&s4=3127&s5=167c1aea656a44e0972c4ffeeeb1df48&domain1=www.frscosr.com&network_id=69
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9830f0db03d828789b96e13503a0bfdfc6a51c3684962b2de5e8cd97aa4eacf2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type: application/x-javascript
date: Mon, 12 Dec 2022 02:33:15 GMT
cache-control: no-cache, no-store
expires: -1
x-azure-ref: 065KWYwAAAABuRU9AUEZaTZcioWdymorVRlJBMzFFREdFMDkxMAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 30ms
6ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T9DPM8H

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 12 Dec 2022 01:15:46 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 4649
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Mon, 12 Dec 2022 03:15:46 GMT

GET
H3 200 everflow.js Show response
www.frscosr.com/scripts/sdk/ 58 KB
18 KB 116ms
115ms Script
text/javascript 34.107.179.180
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.frscosr.com/scripts/sdk/everflow.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T9DPM8H
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.179.180 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 180.179.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2c54989bdaf28154015c1253e3d3d0692f6ce8fe696e396ed7a750f715dc16ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 02:33:15 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
vary: Origin
content-type: text/javascript
cache-control: max-age=14400
x-eflow-request-id: ffccc83b-ad21-4268-8d7f-597d248bd5d7
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1371373/ 58 KB
18 KB 32ms
7ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1371373/tfa.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T9DPM8H
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e09a271b55f77a7866ed5c3b09418e54438e89f7f0148abf28ca5b10cb0b44a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id: 7aD0H.Jw5gDM328GtlLwdfzD_FmTg9Qa
content-encoding: gzip
via: 1.1 varnish
date: Mon, 12 Dec 2022 02:33:15 GMT
x-amz-request-id: BT3WRCVGPNNY9J4B
age: 22725
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 18128
x-amz-id-2: u0vKMmgAAhyRQCYRu2orJrogHWLlC7BE357NcP7LTGnNtWFeol+Dbd0CpTvMfXythXm0yFis7HA=
x-served-by: cache-hhn-etou8220086-HHN
last-modified: Sun, 11 Dec 2022 11:41:00 GMT
server: AmazonS3
x-timer: S1670812396.698075,VS0,VE0
etag: "e9bf5fb468726470298d1da434449b66"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 29
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 json Show response
trc.taboola.com/1371373/trc/3/ 3 KB
2 KB 42ms
33ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1371373/trc/3/json?tim=1670812395765&data=%7B%22id%22%3A827%2C%22ii%22%3A%22%2Fzap%2Fau%2Fpre-5.html%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1670812395758%2C%22cv%22%3A%2220221211-7-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.getthebuzzbgone.com%2Fzap%2Fau%2Fpre-5.html%3Fpcta%3Dindex-v3.html%26icta%3Dorder.html%26iep%3Dtrue%26temp%3Dhcvr%26loader%3D0%26fomo%3D1%26Affid%3D6164%26s1%3D%26s2%3D%26s3%3D%26s4%3D3127%26s5%3D167c1aea656a44e0972c4ffeeeb1df48%26domain1%3Dwww.frscosr.com%26network_id%3D69%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Fpcta%3Dindex-v3.html%26icta%3Dorder.html%26iep%3Dtrue%26temp%3Dhcvr%26loader%3D0%26fomo%3D1%26Affid%3D6164%26s1%3D%26s2%3D%26s3%3D%26s4%3D3127%26s5%3D167c1aea656a44e0972c4ffeeeb1df48%26domain1%3Dwww.frscosr.com%26network_id%3D69%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Ddfo-globalperformance-chrisrohrer2-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1670812395764%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwww.getthebuzzbgone.com%2Fzap%2Fau%2Fpre-5.html%3Fpcta%3Dindex-v3.html%26icta%3Dorder.html%26iep%3Dtrue%26temp%3Dhcvr%26loader%3D0%26fomo%3D1%26Affid%3D6164%26s1%3D%26s2%3D%26s3%3D%26s4%3D3127%26s5%3D167c1aea656a44e0972c4ffeeeb1df48%26domain1%3Dwww.frscosr.com%26network_id%3D69%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A9%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1371373/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 21104f3eedd238d97851893fe04d6421ff6be5300089ae0135ef4addf6693e80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-vcl-time-ms: 26
date: Mon, 12 Dec 2022 02:33:15 GMT
content-encoding: gzip
via: 1.1 varnish
x-served-by: cache-hhn-etou8220086-HHN
server: nginx
x-timer: S1670812396.779946,VS0,VE26
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H3 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 22ms
7ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 02:33:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1129
x-xss-protection: 0
last-modified: Thu, 30 Dec 2021 12:48:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 12 Dec 2022 03:33:05 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 7ms
6ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-164498018-18

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 12 Dec 2022 01:15:46 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 4649
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Mon, 12 Dec 2022 03:15:46 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/776470710/ 2 KB
2 KB 85ms
55ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/776470710/?random=1670812395802&cv=11&fst=1670812395802&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.getthebuzzbgone.com%2Fzap%2Fau%2Fpre-5.html%3Fpcta%3Dindex-v3.html%26icta%3Dorder.html%26iep%3Dtrue%26temp%3Dhcvr%26loader%3D0%26fomo%3D1%26Affid%3D6164%26s1%3D%26s2%3D%26s3%3D%26s4%3D3127%26s5%3D167c1aea656a44e0972c4ffeeeb1df48%26domain1%3Dwww.frscosr.com%26network_id%3D69&tiba=This%20Genius%20Device%20Kills%20Mosquitoes%20Dead%20-%20Thousands%20Zapped%20Every%20Hour&auid=1367649835.1670812395&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-776470710

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

650d1380b55b1f1737132c8a4e778e30399e5fee3ee4767b20621b3c8de88379

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 02:33:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1081
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 71FB 15 KB
6 KB 50ms
17ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.getthebuzzbgone.com&origin=onetag

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=97841

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.getthebuzzbgone.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 12 Dec 2022 02:33:15 GMT
server: Kestrel
server-processing-duration-in-ticks: 515462
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 modules.bc0a4c72d88d266f15af.js Show response
script.hotjar.com/ 263 KB
68 KB 52ms
9ms Script
application/javascript 13.224.189.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.bc0a4c72d88d266f15af.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1450693.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-42.fra2.r.cloudfront.net

Software

Resource Hash

5266a11278de436c711a6fc1ab0618616f2495135c0157b21899c11f19ab163a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 14:35:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 eab88762658052b4a1e386f8521a38ce.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 388689
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 68590
last-modified: Wed, 07 Dec 2022 14:34:24 GMT
etag: "2375e31c5dc0ca09d740bee5c1486c2b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: TgobEaqXwaHBbJnWqZR8ol2GhIF7OSjN3DimyYV6gqop1JZXLcExrA==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 14ms
14ms XHR
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=972959318&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.getthebuzzbgone.com%2Fzap%2Fau%2Fpre-5.html%3Fpcta%3Dindex-v3.html%26icta%3Dorder.html%26iep%3Dtrue%26temp%3Dhcvr%26loader%3D0%26fomo%3D1%26Affid%3D6164%26s1%3D%26s2%3D%26s3%3D%26s4%3D3127%26s5%3D167c1aea656a44e0972c4ffeeeb1df48%26domain1%3Dwww.frscosr.com%26network_id%3D69&ul=en-us&de=UTF-8&dt=This%20Genius%20Device%20Kills%20Mosquitoes%20Dead%20-%20Thousands%20Zapped%20Every%20Hour&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=EE%20Funnel&ea=Step%201&el=Presale&_u=aGBAAEALAAAAACAMI~&jid=100620013&gjid=345227824&cid=596517134.1670812396&tid=UA-164498018-18&_gid=823535819.1670812396&_r=1&gtm=2wgbu0T9DPM8H&cos=1&pa=checkout&z=1213204322

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.getthebuzzbgone.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 02:33:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.getthebuzzbgone.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 14ms
14ms XHR
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=972959318&t=pageview&_s=1&dl=https%3A%2F%2Fwww.getthebuzzbgone.com%2Fzap%2Fau%2Fpre-5.html%3Fpcta%3Dindex-v3.html%26icta%3Dorder.html%26iep%3Dtrue%26temp%3Dhcvr%26loader%3D0%26fomo%3D1%26Affid%3D6164%26s1%3D%26s2%3D%26s3%3D%26s4%3D3127%26s5%3D167c1aea656a44e0972c4ffeeeb1df48%26domain1%3Dwww.frscosr.com%26network_id%3D69&ul=en-us&de=UTF-8&dt=This%20Genius%20Device%20Kills%20Mosquitoes%20Dead%20-%20Thousands%20Zapped%20Every%20Hour&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAUALAAAAACAMI~&jid=840829866&gjid=1200118366&cid=596517134.1670812396&tid=UA-164498018-18&_gid=823535819.1670812396&_r=1&gtm=2oubu0&z=2125257794

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.getthebuzzbgone.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 02:33:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.getthebuzzbgone.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 19ms
19ms XHR
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=972959318&t=pageview&_s=1&dl=https%3A%2F%2Fwww.getthebuzzbgone.com%2Fzap%2Fau%2Fpre-5.html%3Fpcta%3Dindex-v3.html%26icta%3Dorder.html%26iep%3Dtrue%26temp%3Dhcvr%26loader%3D0%26fomo%3D1%26Affid%3D6164%26s1%3D%26s2%3D%26s3%3D%26s4%3D3127%26s5%3D167c1aea656a44e0972c4ffeeeb1df48%26domain1%3Dwww.frscosr.com%26network_id%3D69&ul=en-us&de=UTF-8&dt=This%20Genius%20Device%20Kills%20Mosquitoes%20Dead%20-%20Thousands%20Zapped%20Every%20Hour&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAUALAAAAACAMI~&jid=1811010015&gjid=1970622168&cid=596517134.1670812396&tid=UA-177438588-1&_gid=823535819.1670812396&_r=1&gtm=2oubu0&z=333452397

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.getthebuzzbgone.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 02:33:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.getthebuzzbgone.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
445 B 69ms
20ms XHR
text/plain 2a00:1450:400c:c09::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-164498018-18&cid=596517134.1670812396&jid=100620013&gjid=345227824&_gid=823535819.1670812396&_u=aGBAAEAKAAAAACAMI~&z=1039412825

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.getthebuzzbgone.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 12 Dec 2022 02:33:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.getthebuzzbgone.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 68ms
20ms XHR
text/plain 2a00:1450:400c:c09::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-164498018-18&cid=596517134.1670812396&jid=840829866&gjid=1200118366&_gid=823535819.1670812396&_u=aGDAAUALAAAAACAMI~&z=1994053638

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.getthebuzzbgone.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 12 Dec 2022 02:33:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.getthebuzzbgone.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK CreateLogHttpTrigger
ctrwow-prod-fingerprint-microservice.azurewebsites.net/api/ 0
359 B 743ms
298ms Ping
text/plain 52.183.82.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://ctrwow-prod-fingerprint-microservice.azurewebsites.net/api/CreateLogHttpTrigger?code=X52ZQaDTSiyjsN334TNPrE34ReCoFvTXh7l0v8fT2knldk1LpP1fYw==&trackingId=60aca4dc104d5d0ab45c6cf0
Requested by: Host: d16hdrba6dusey.cloudfront.net
URL: https://d16hdrba6dusey.cloudfront.net/ctrwow_fp_analytics.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.183.82.125 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.getthebuzzbgone.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 12 Dec 2022 02:33:15 GMT
Content-Encoding: gzip
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Vary: Accept-Encoding
Request-Context: appId=

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
28 KB 68ms
19ms Script
application/x-javascript 2a03:2880:f080:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T9DPM8H

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

737be8d2a2db4d729155190f62d3b1f656cdaec35b42b59eeeda3043246a50cd

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 12 Dec 2022 02:33:16 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27317
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: Rf8RU6U5nWCC/j5c0rFRBNDrOAMqbPn/At+81edSMezS/7UgZyhtnrYf5xvFwj9aRlHeTwaeXNURovWfsch2Hg==
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/781456121/ 2 KB
1 KB 47ms
30ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/781456121/?random=1670812395977&cv=11&fst=1670812395977&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.getthebuzzbgone.com%2Fzap%2Fau%2Fpre-5.html%3Fpcta%3Dindex-v3.html%26icta%3Dorder.html%26iep%3Dtrue%26temp%3Dhcvr%26loader%3D0%26fomo%3D1%26Affid%3D6164%26s1%3D%26s2%3D%26s3%3D%26s4%3D3127%26s5%3D167c1aea656a44e0972c4ffeeeb1df48%26domain1%3Dwww.frscosr.com%26network_id%3D69&tiba=This%20Genius%20Device%20Kills%20Mosquitoes%20Dead%20-%20Thousands%20Zapped%20Every%20Hour&auid=1367649835.1670812395&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T9DPM8H

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a289fa29e89768df3ae9bac81c33715a595c3a06448c231535b59d3e6e97d57c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 02:33:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1062
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/671883265/ 2 KB
1 KB 66ms
56ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/671883265/?random=1670812395986&cv=11&fst=1670812395986&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.getthebuzzbgone.com%2Fzap%2Fau%2Fpre-5.html%3Fpcta%3Dindex-v3.html%26icta%3Dorder.html%26iep%3Dtrue%26temp%3Dhcvr%26loader%3D0%26fomo%3D1%26Affid%3D6164%26s1%3D%26s2%3D%26s3%3D%26s4%3D3127%26s5%3D167c1aea656a44e0972c4ffeeeb1df48%26domain1%3Dwww.frscosr.com%26network_id%3D69&tiba=This%20Genius%20Device%20Kills%20Mosquitoes%20Dead%20-%20Thousands%20Zapped%20Every%20Hour&auid=1367649835.1670812395&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T9DPM8H

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65d1fca57bd54c0a0327ff0237b1b73453b653188154886db994f690ed0adcc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 02:33:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1063
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/714279189/ 2 KB
1 KB 99ms
90ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/714279189/?random=1670812395987&cv=11&fst=1670812395987&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.getthebuzzbgone.com%2Fzap%2Fau%2Fpre-5.html%3Fpcta%3Dindex-v3.html%26icta%3Dorder.html%26iep%3Dtrue%26temp%3Dhcvr%26loader%3D0%26fomo%3D1%26Affid%3D6164%26s1%3D%26s2%3D%26s3%3D%26s4%3D3127%26s5%3D167c1aea656a44e0972c4ffeeeb1df48%26domain1%3Dwww.frscosr.com%26network_id%3D69&tiba=This%20Genius%20Device%20Kills%20Mosquitoes%20Dead%20-%20Thousands%20Zapped%20Every%20Hour&auid=1367649835.1670812395&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T9DPM8H

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aff9528985f2138a922b7e393be9e6acee4d39e7d7fbb982fd1d79959311c9cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 02:33:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1065
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 50ms
41ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f2c4b7d20ff42a433d0c76631c460cd75128f8f0436d052ce2cf79dc4fa6a244

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 12 Dec 2022 02:33:15 GMT
last-modified: Mon, 05 Dec 2022 17:15:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3C9CD172574341449A720B0EFA5C0DDE Ref B: FRAEDGE1909 Ref C: 2022-12-12T02:33:16Z
etag: "027e538cd8d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11460

GET
H3 200 everflow.js Show response
www.frscosr.com/scripts/sdk/ 58 KB
18 KB 115ms
115ms Script
text/javascript 34.107.179.180
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.frscosr.com/scripts/sdk/everflow.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T9DPM8H
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.179.180 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 180.179.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2c54989bdaf28154015c1253e3d3d0692f6ce8fe696e396ed7a750f715dc16ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 02:33:16 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
vary: Origin
content-type: text/javascript
cache-control: max-age=14400
x-eflow-request-id: 7d76ccbc-278c-4d05-9901-4e42cdc7c474
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=972959318&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.getthebuzzbgone.com%2Fzap%2Fau%2Fpre-5.html%3Fpcta%3Dindex-v3.html%26icta%3Dorder.html%26iep%3Dtrue%26temp%3Dhcvr%26loader%3D0%26fomo%3D1%26Affid%3D6164%26s1%3D%26s2%3D%26s3%3D%26s4%3D3127%26s5%3D167c1aea656a44e0972c4ffeeeb1df48%26domain1%3Dwww.frscosr.com%26network_id%3D69&ul=en-us&de=UTF-8&dt=This%20Genius%20Device%20Kills%20Mosquitoes%20Dead%20-%20Thousands%20Zapped%20Every%20Hour&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Page%20Based%20Events&ea=Presale&el=Offer%203127&_u=aGDAAUALAAAAACAMI~&jid=&gjid=&cid=596517134.1670812396&tid=UA-164498018-18&_gid=823535819.1670812396&gtm=2wgbu0T9DPM8H&z=245143678

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 19:00:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 27140
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK CreateFunctionHttpTrigger
ctrwow-prod-fingerprint-microservice.azurewebsites.net/api/ 0
359 B 777ms
362ms Ping
text/plain 52.183.82.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://ctrwow-prod-fingerprint-microservice.azurewebsites.net/api/CreateFunctionHttpTrigger?code=UaJqPA9RGvefKokk5Jt6CXObgyELuRwSLvpiGFZi6FtD//RXEBzcIg==&trackingId=60aca4dc104d5d0ab45c6cf0
Requested by: Host: d16hdrba6dusey.cloudfront.net
URL: https://d16hdrba6dusey.cloudfront.net/ctrwow_fp_analytics.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.183.82.125 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.getthebuzzbgone.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 12 Dec 2022 02:33:16 GMT
Content-Encoding: gzip
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Vary: Accept-Encoding
Request-Context: appId=

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 61ms
19ms XHR
text/plain 2a00:1450:400c:c09::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-177438588-1&cid=596517134.1670812396&jid=1811010015&gjid=1970622168&_gid=823535819.1670812396&_u=aGDAAUALAAAAACAMI~&z=1888630747

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c09::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.getthebuzzbgone.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 12 Dec 2022 02:33:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.getthebuzzbgone.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-5e66f98b4ee957db209dc6f63e3d59dd.html Show response
vars.hotjar.com/ Frame 2E07 2 KB
1 KB 45ms
8ms Document
text/html 13.224.189.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1450693.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-122.fra2.r.cloudfront.net

Software

Resource Hash

cbffce6f8642619af7ed7335e32750f7f2933765d32c113115da0710aa7deadc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://www.getthebuzzbgone.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1603390
cache-control: max-age=31536000
content-encoding: br
content-length: 1035
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 13:10:06 GMT
etag: "e0652b84b7b3b650769c759fc520c3f8"
last-modified: Wed, 23 Nov 2022 13:09:18 GMT
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
via: 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
x-amz-cf-id: PvrBjHlRyn9yGiAPFbSSOsH_fSpHvDUEiBfmEIZmdvuKR5ZwY7YzdA==
x-amz-cf-pop: FRA2-C1
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2

200

sid Show response
mug.criteo.com/ Frame 71FB
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=getthebuzzbgone.com&sn=ChromeSyncframe&so=0&topUrl=www.getthebuzzbgone.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=m28g4nwwSEFjVmQ1RlBwMnZINnN6Nm0xZk9BbVVxak5renc2QnRkTGpyeDZ6U1FVcjdsVnBGOVF6eW93QnRUL1Zxc211NjZmMk12cmFvTGpUNHl5VE0vSjFObnY4NWV0K3Z3aDJ6dlZmb3BydDMrc2Z4Q3ZhckdFRzhWTV...

443 B
663 B

73ms
15ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=m28g4nwwSEFjVmQ1RlBwMnZINnN6Nm0xZk9BbVVxak5renc2QnRkTGpyeDZ6U1FVcjdsVnBGOVF6eW93QnRUL1Zxc211NjZmMk12cmFvTGpUNHl5VE0vSjFObnY4NWV0K3Z3aDJ6dlZmb3BydDMrc2Z4Q3ZhckdFRzhWTVBBdTI0SzhQN2V0cWVCU2t0cGRqTDllV2pueU9XNUhQSzZXVjY5V3p4bWUvVFIwVTU3WjNUMG82ZkRQQmo3ZCtiUm9sTzkxN25qUnBidXJoRXlkbS9ibXRFK1RlUTZzSUhuZGZIeFkwd20vcVI2SWd2QXdFNW83SzRIZ2cvYlQ2bzFVRTlPaUMzNXlWK1haTjRmQnpTVjdPUklKVTFlM3BGOG1Kb092WFJBN2lMQUh6MzZ6TT18&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b09bf3c14ffa5035a36f6f8d27b26f8ba451f58985ef615fed269e27fbd6dd7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 02:33:15 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1904722
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 12 Dec 2022 02:33:15 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=m28g4nwwSEFjVmQ1RlBwMnZINnN6Nm0xZk9BbVVxak5renc2QnRkTGpyeDZ6U1FVcjdsVnBGOVF6eW93QnRUL1Zxc211NjZmMk12cmFvTGpUNHl5VE0vSjFObnY4NWV0K3Z3aDJ6dlZmb3BydDMrc2Z4Q3ZhckdFRzhWTVBBdTI0SzhQN2V0cWVCU2t0cGRqTDllV2pueU9XNUhQSzZXVjY5V3p4bWUvVFIwVTU3WjNUMG82ZkRQQmo3ZCtiUm9sTzkxN25qUnBidXJoRXlkbS9ibXRFK1RlUTZzSUhuZGZIeFkwd20vcVI2SWd2QXdFNW83SzRIZ2cvYlQ2bzFVRTlPaUMzNXlWK1haTjRmQnpTVjdPUklKVTFlM3BGOG1Kb092WFJBN2lMQUh6MzZ6TT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 579558
content-length: 0
expires: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/776470710/ 42 B
548 B 53ms
20ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/776470710/?random=1670812395802&cv=11&fst=1670810400000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.getthebuzzbgone.com%2Fzap%2Fau%2Fpre-5.html%3Fpcta%3Dindex-v3.html%26icta%3Dorder.html%26iep%3Dtrue%26temp%3Dhcvr%26loader%3D0%26fomo%3D1%26Affid%3D6164%26s1%3D%26s2%3D%26s3%3D%26s4%3D3127%26s5%3D167c1aea656a44e0972c4ffeeeb1df48%26domain1%3Dwww.frscosr.com%26network_id%3D69&tiba=This%20Genius%20Device%20Kills%20Mosquitoes%20Dead%20-%20Thousands%20Zapped%20Every%20Hour&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2488184311&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 02:33:16 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/776470710/ 42 B
548 B 50ms
19ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/776470710/?random=1670812395802&cv=11&fst=1670810400000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.getthebuzzbgone.com%2Fzap%2Fau%2Fpre-5.html%3Fpcta%3Dindex-v3.html%26icta%3Dorder.html%26iep%3Dtrue%26temp%3Dhcvr%26loader%3D0%26fomo%3D1%26Affid%3D6164%26s1%3D%26s2%3D%26s3%3D%26s4%3D3127%26s5%3D167c1aea656a44e0972c4ffeeeb1df48%26domain1%3Dwww.frscosr.com%26network_id%3D69&tiba=This%20Genius%20Device%20Kills%20Mosquitoes%20Dead%20-%20Thousands%20Zapped%20Every%20Hour&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2488184311&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 02:33:16 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/781456121/ 42 B
64 B 40ms
20ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/781456121/?random=1670812395977&cv=11&fst=1670810400000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.getthebuzzbgone.com%2Fzap%2Fau%2Fpre-5.html%3Fpcta%3Dindex-v3.html%26icta%3Dorder.html%26iep%3Dtrue%26temp%3Dhcvr%26loader%3D0%26fomo%3D1%26Affid%3D6164%26s1%3D%26s2%3D%26s3%3D%26s4%3D3127%26s5%3D167c1aea656a44e0972c4ffeeeb1df48%26domain1%3Dwww.frscosr.com%26network_id%3D69&tiba=This%20Genius%20Device%20Kills%20Mosquitoes%20Dead%20-%20Thousands%20Zapped%20Every%20Hour&fmt=3&is_vtc=1&random=21764846&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 02:33:16 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/781456121/ 42 B
64 B 38ms
20ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/781456121/?random=1670812395977&cv=11&fst=1670810400000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.getthebuzzbgone.com%2Fzap%2Fau%2Fpre-5.html%3Fpcta%3Dindex-v3.html%26icta%3Dorder.html%26iep%3Dtrue%26temp%3Dhcvr%26loader%3D0%26fomo%3D1%26Affid%3D6164%26s1%3D%26s2%3D%26s3%3D%26s4%3D3127%26s5%3D167c1aea656a44e0972c4ffeeeb1df48%26domain1%3Dwww.frscosr.com%26network_id%3D69&tiba=This%20Genius%20Device%20Kills%20Mosquitoes%20Dead%20-%20Thousands%20Zapped%20Every%20Hour&fmt=3&is_vtc=1&random=21764846&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 02:33:16 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 27005388.js Show response
bat.bing.com/p/action/ 0
118 B 107ms
107ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/27005388.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Mon, 12 Dec 2022 02:33:15 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: AF62DB75D5BE46E3B597F7854A3B1C48 Ref B: FRAEDGE1909 Ref C: 2022-12-12T02:33:16Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
162 B 35ms
35ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=27005388&Ver=2&mid=23e7ebe3-26b1-4c35-b3ac-b6f292df3a0a&sid=551e46a079c511eda634e90f1d0b5c77&vid=551e6d9079c511edb4c1c54b2625aa22&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=This%20Genius%20Device%20Kills%20Mosquitoes%20Dead%20-%20Thousands%20Zapped%20Every%20Hour&p=https%3A%2F%2Fwww.getthebuzzbgone.com%2Fzap%2Fau%2Fpre-5.html%3Fpcta%3Dindex-v3.html%26icta%3Dorder.html%26iep%3Dtrue%26temp%3Dhcvr%26loader%3D0%26fomo%3D1%26Affid%3D6164%26s1%3D%26s2%3D%26s3%3D%26s4%3D3127%26s5%3D167c1aea656a44e0972c4ffeeeb1df48%26domain1%3Dwww.frscosr.com%26network_id%3D69&r=&lt=2314&evt=pageLoad&sv=1&rn=73759

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 12 Dec 2022 02:33:15 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FD615E51D9474F98872C4832D835661D Ref B: FRAEDGE1909 Ref C: 2022-12-12T02:33:16Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 27005391.js Show response
bat.bing.com/p/action/ 0
118 B 112ms
111ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/27005391.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Mon, 12 Dec 2022 02:33:15 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BC3001ED5FBA443F87481C93103AC5AF Ref B: FRAEDGE1909 Ref C: 2022-12-12T02:33:16Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
119 B 34ms
34ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=27005391&Ver=2&mid=a4cbaf7b-99b7-4a31-85bb-89ba7acdff67&sid=551e46a079c511eda634e90f1d0b5c77&vid=551e6d9079c511edb4c1c54b2625aa22&vids=0&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=This%20Genius%20Device%20Kills%20Mosquitoes%20Dead%20-%20Thousands%20Zapped%20Every%20Hour&p=https%3A%2F%2Fwww.getthebuzzbgone.com%2Fzap%2Fau%2Fpre-5.html%3Fpcta%3Dindex-v3.html%26icta%3Dorder.html%26iep%3Dtrue%26temp%3Dhcvr%26loader%3D0%26fomo%3D1%26Affid%3D6164%26s1%3D%26s2%3D%26s3%3D%26s4%3D3127%26s5%3D167c1aea656a44e0972c4ffeeeb1df48%26domain1%3Dwww.frscosr.com%26network_id%3D69&r=&lt=2314&evt=pageLoad&sv=1&rn=592956

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 12 Dec 2022 02:33:15 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 029123CE118D449485FB741336170019 Ref B: FRAEDGE1909 Ref C: 2022-12-12T02:33:16Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/671883265/ 42 B
64 B 20ms
19ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/671883265/?random=1670812395986&cv=11&fst=1670810400000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.getthebuzzbgone.com%2Fzap%2Fau%2Fpre-5.html%3Fpcta%3Dindex-v3.html%26icta%3Dorder.html%26iep%3Dtrue%26temp%3Dhcvr%26loader%3D0%26fomo%3D1%26Affid%3D6164%26s1%3D%26s2%3D%26s3%3D%26s4%3D3127%26s5%3D167c1aea656a44e0972c4ffeeeb1df48%26domain1%3Dwww.frscosr.com%26network_id%3D69&tiba=This%20Genius%20Device%20Kills%20Mosquitoes%20Dead%20-%20Thousands%20Zapped%20Every%20Hour&fmt=3&is_vtc=1&random=4200104675&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 02:33:16 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/671883265/ 42 B
64 B 19ms
18ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/671883265/?random=1670812395986&cv=11&fst=1670810400000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.getthebuzzbgone.com%2Fzap%2Fau%2Fpre-5.html%3Fpcta%3Dindex-v3.html%26icta%3Dorder.html%26iep%3Dtrue%26temp%3Dhcvr%26loader%3D0%26fomo%3D1%26Affid%3D6164%26s1%3D%26s2%3D%26s3%3D%26s4%3D3127%26s5%3D167c1aea656a44e0972c4ffeeeb1df48%26domain1%3Dwww.frscosr.com%26network_id%3D69&tiba=This%20Genius%20Device%20Kills%20Mosquitoes%20Dead%20-%20Thousands%20Zapped%20Every%20Hour&fmt=3&is_vtc=1&random=4200104675&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 02:33:16 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 31ms
14ms Script
application/x-javascript 2a03:2880:f080:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.89

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 12 Dec 2022 02:33:16 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20722
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: /khANZUjWRRrcW1fR6E5b1Hm5yCWp2MEb707zbkCfzAc59qFjMPX9nlkfgzNm+LK9LQkYCURFxRBJzpMwwIhnw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 252134019366681 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 172ms
156ms Script
application/x-javascript 2a03:2880:f080:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/252134019366681?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

61a0daafbfc20a7402f2d43c0846670323ba1750ac92aedc1472c4d1c0dbf937

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 12 Dec 2022 02:33:16 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: uUpu8IzN9mmQl8UxW48jzulvn2tUmscobOHCQHymCtOd4a1f5jERhPm7hXjz1Tly1fUHvJZmrQmNzKuedROB5A==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 click Show response
www.frscosr.com/sdk/ 90 B
109 B 125ms
125ms Fetch
application/json 34.107.179.180
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.frscosr.com/sdk/click?effp=5468347a3ffa701b865c111784025ffb&_ef_transaction_id=167c1aea656a44e0972c4ffeeeb1df48&oid=3127&affid=6164&__cc=&async=json&sub1=&sub2=&sub3=&sub4=3127
Requested by: Host: www.frscosr.com
URL: https://www.frscosr.com/scripts/sdk/everflow.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.179.180 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 180.179.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: e18e21ce34059238d88626ff518f0898432519c13c32d0d3afd895c0abd70520

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 02:33:16 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.getthebuzzbgone.com
access-control-allow-credentials: true
x-eflow-request-id: 6b6fbf1b-ce70-4ed5-b335-2dca3cba43f7
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 90

GET
H3 200 /
www.google.com/pagead/1p-user-list/714279189/ 42 B
64 B 19ms
19ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/714279189/?random=1670812395987&cv=11&fst=1670810400000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.getthebuzzbgone.com%2Fzap%2Fau%2Fpre-5.html%3Fpcta%3Dindex-v3.html%26icta%3Dorder.html%26iep%3Dtrue%26temp%3Dhcvr%26loader%3D0%26fomo%3D1%26Affid%3D6164%26s1%3D%26s2%3D%26s3%3D%26s4%3D3127%26s5%3D167c1aea656a44e0972c4ffeeeb1df48%26domain1%3Dwww.frscosr.com%26network_id%3D69&tiba=This%20Genius%20Device%20Kills%20Mosquitoes%20Dead%20-%20Thousands%20Zapped%20Every%20Hour&fmt=3&is_vtc=1&random=3168670279&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 02:33:16 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/714279189/ 42 B
64 B 20ms
20ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/714279189/?random=1670812395987&cv=11&fst=1670810400000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.getthebuzzbgone.com%2Fzap%2Fau%2Fpre-5.html%3Fpcta%3Dindex-v3.html%26icta%3Dorder.html%26iep%3Dtrue%26temp%3Dhcvr%26loader%3D0%26fomo%3D1%26Affid%3D6164%26s1%3D%26s2%3D%26s3%3D%26s4%3D3127%26s5%3D167c1aea656a44e0972c4ffeeeb1df48%26domain1%3Dwww.frscosr.com%26network_id%3D69&tiba=This%20Genius%20Device%20Kills%20Mosquitoes%20Dead%20-%20Thousands%20Zapped%20Every%20Hour&fmt=3&is_vtc=1&random=3168670279&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 02:33:16 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 1450693 Show response
vc.hotjar.io/sessions/ 0
257 B 87ms
32ms XHR
text/plain 13.225.78.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/1450693?s=0.25&r=0.20022324651680945
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.bc0a4c72d88d266f15af.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-124.fra2.r.cloudfront.net
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 02:33:16 GMT
via: 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
server: Python/3.7 aiohttp/3.5.4
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: uBGTeB39dT-HSuU1Yf1OaJN-gA8OURqsoRua4xpA4-qZwydVj3I_Yw==

GET
H/1.1 200
OK blueshift.js Show response
cdn.getblueshift.com/ 4 KB
2 KB 40ms
7ms Script
application/javascript 13.224.189.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.getblueshift.com/blueshift.js
Requested by: Host: d16hdrba6dusey.cloudfront.net
URL: https://d16hdrba6dusey.cloudfront.net/sitecommon/js/components/blueshift_wow_v1.js?v=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-86.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 877df0c5bed07ec118206d7ab59f55534378b432bc117f11cb373d3439ca698f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Mon, 12 Dec 2022 02:20:03 GMT
Content-Encoding: gzip
Via: 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C1
Age: 1625
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 1975
Last-Modified: Fri, 02 Dec 2022 12:16:27 GMT
Server: AmazonS3
ETag: "72b5c14c6153ec1e7f8e78ec457b928f"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=3600
Accept-Ranges: bytes
X-Amz-Cf-Id: k4YJu3J6o-7JpEWRL5gC1RRBR_W2e4GdS1XC5KCVkv-8AeiqDKukPA==

GET
H2

200

event Show response
widget.us.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=97841&v=5.12.3&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=d1vM2F9DMmZYd0ZHR3gwc01QZlBoQ2NZVTVkd20lMkZLMWV4VFF4SkRsQVhmRG...
https://widget.us.criteo.com/event?a=97841&v=5.12.3&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=d1vM2F9DMmZYd0ZHR3gwc01QZlBoQ2NZVTVkd20lMkZLMWV4VFF4SkRsQVhmRG...

8 KB
4 KB

310ms
104ms

Script
application/x-javascript

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.us.criteo.com/event?a=97841&v=5.12.3&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=d1vM2F9DMmZYd0ZHR3gwc01QZlBoQ2NZVTVkd20lMkZLMWV4VFF4SkRsQVhmRG5aOUs3bUVCRHRsRXlCdW45aTlrQlpxdXRkUlc1ZVo4VXpwWmZBZ2lseE5KZng1d0dGUHpkdURraldkb3JrMzFXcEpzV0UlMkZ0WHF4UU83Z21SelM1SU9oUTdPdUtPdXZQU0ZVeHg4OHNmSkNkR0hZdWV2cWtJVXFCQWtiN05BdmduVTFnJTNE&tld=getthebuzzbgone.com&dy=1&fu=https%253A%252F%252Fwww.getthebuzzbgone.com%252Fzap%252Fau%252Fpre-5.html%253Fpcta%253Dindex-v3.html%2526icta%253Dorder.html%2526iep%253Dtrue%2526temp%253Dhcvr%2526loader%253D0%2526fomo%253D1%2526Affid%253D6164%2526s1%253D%2526s2%253D%2526s3%253D%2526s4%253D3127%2526s5%253D167c1aea656a44e0972c4ffeeeb1df48%2526domain1%253Dwww.frscosr.com%2526network_id%253D69&dtycbr=45556

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

06ad0fee56f05fbedccfc3a732088e402e1286c008cd37eb57f8307761877b8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 02:33:16 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 12557028
timing-allow-origin: *
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 12 Dec 2022 02:33:16 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://widget.us.criteo.com/event?a=97841&v=5.12.3&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=d1vM2F9DMmZYd0ZHR3gwc01QZlBoQ2NZVTVkd20lMkZLMWV4VFF4SkRsQVhmRG5aOUs3bUVCRHRsRXlCdW45aTlrQlpxdXRkUlc1ZVo4VXpwWmZBZ2lseE5KZng1d0dGUHpkdURraldkb3JrMzFXcEpzV0UlMkZ0WHF4UU83Z21SelM1SU9oUTdPdUtPdXZQU0ZVeHg4OHNmSkNkR0hZdWV2cWtJVXFCQWtiN05BdmduVTFnJTNE&tld=getthebuzzbgone.com&dy=1&fu=https%253A%252F%252Fwww.getthebuzzbgone.com%252Fzap%252Fau%252Fpre-5.html%253Fpcta%253Dindex-v3.html%2526icta%253Dorder.html%2526iep%253Dtrue%2526temp%253Dhcvr%2526loader%253D0%2526fomo%253D1%2526Affid%253D6164%2526s1%253D%2526s2%253D%2526s3%253D%2526s4%253D3127%2526s5%253D167c1aea656a44e0972c4ffeeeb1df48%2526domain1%253Dwww.frscosr.com%2526network_id%253D69&dtycbr=45556
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 18986119
timing-allow-origin: *
content-length: 0
expires: 0

POST
H2 204 collect Show response
d.clarity.ms/ 0
48 B 93ms
92ms XHR
text/plain 40.76.174.66
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus/s/0.6.43/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.getthebuzzbgone.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin: https://www.getthebuzzbgone.com
date: Mon, 12 Dec 2022 02:33:15 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
vary: Origin
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H3 200 1115292892176378 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 138ms
138ms Script
application/x-javascript 2a03:2880:f080:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1115292892176378?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6571537d158dbc2a0c5e4bfd47f508099ff416158080dcafc0a6868613d7606f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 12 Dec 2022 02:33:16 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: SJKwc0LowWDtPBdr7ZqsqIQ9PK3U/VP4xbjcJqdmP1eg/70cVtfd0eZtRfsLV+pzTDSBXw2+zuegc87OWYNQKA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 33ms
8ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=252134019366681&ev=PageView&dl=https%3A%2F%2Fwww.getthebuzzbgone.com%2Fzap%2Fau%2Fpre-5.html%3Fpcta%3Dindex-v3.html%26icta%3Dorder.html%26iep%3Dtrue%26temp%3Dhcvr%26loader%3D0%26fomo%3D1%26Affid%3D6164%26s1%3D%26s2%3D%26s3%3D%26s4%3D3127%26s5%3D167c1aea656a44e0972c4ffeeeb1df48%26domain1%3Dwww.frscosr.com%26network_id%3D69&rl=&if=false&ts=1670812396435&sw=1600&sh=1200&v=2.9.89&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1670812396434.1968484698&it=1670812396211&coo=false&tm=1&exp=a1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 12 Dec 2022 02:33:16 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 click Show response
www.frscosr.com/sdk/ 90 B
109 B 131ms
130ms Fetch
application/json 34.107.179.180
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.frscosr.com/sdk/click?effp=5468347a3ffa701b865c111784025ffb&_ef_transaction_id=167c1aea656a44e0972c4ffeeeb1df48&oid=3127&affid=6164&__cc=&async=json&sub1=&sub2=&sub3=&sub4=3127
Requested by: Host: www.frscosr.com
URL: https://www.frscosr.com/scripts/sdk/everflow.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.179.180 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 180.179.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: e18e21ce34059238d88626ff518f0898432519c13c32d0d3afd895c0abd70520

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 02:33:16 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.getthebuzzbgone.com
access-control-allow-credentials: true
x-eflow-request-id: 06e8fc58-289d-4139-a467-75074dbbdb0d
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 90

GET
H3 200 267676300989451 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 376ms
376ms Script
application/x-javascript 2a03:2880:f080:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/267676300989451?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3f83bdd19b401bb9a75be47e9c246e9b6d2dc35e1369ee99ebb2cc71b401761e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 12 Dec 2022 02:33:16 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 6ziiOASLhdqHqSNyC6J8blwW4fCiPRXkj0ZRgSGEjPgjDMaQYLol7N7OfMZh9ue9nineutL+6FMCKGV8dmmreQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
17 B 17ms
7ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1115292892176378&ev=PageView&dl=https%3A%2F%2Fwww.getthebuzzbgone.com%2Fzap%2Fau%2Fpre-5.html%3Fpcta%3Dindex-v3.html%26icta%3Dorder.html%26iep%3Dtrue%26temp%3Dhcvr%26loader%3D0%26fomo%3D1%26Affid%3D6164%26s1%3D%26s2%3D%26s3%3D%26s4%3D3127%26s5%3D167c1aea656a44e0972c4ffeeeb1df48%26domain1%3Dwww.frscosr.com%26network_id%3D69&rl=&if=false&ts=1670812396596&sw=1600&sh=1200&v=2.9.89&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1670812396434.1968484698&it=1670812396211&coo=false&tm=1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 12 Dec 2022 02:33:16 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2

200

sync
x.bidswitch.net/ul_cb/ Frame E23D
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-Ho3Emq6Wd1LETA9whU8EIb05hhyrSu1KVU1-CQ&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-Ho3Emq6Wd1LETA9whU8EIb05hhyrSu1KVU1-CQ&expires=30

43 B
344 B

9ms
8ms

Image
image/gif

18.158.158.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-Ho3Emq6Wd1LETA9whU8EIb05hhyrSu1KVU1-CQ&expires=30
Protocol: H2
Server: 18.158.158.96 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-158-96.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 02:33:16 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-Ho3Emq6Wd1LETA9whU8EIb05hhyrSu1KVU1-CQ&expires=30
date: Mon, 12 Dec 2022 02:33:16 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame E23D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-hVK74q6Wd1LETA9whU8EIb05hhxkyNIWhj7j4w&google_cm&google_hm=ay1oVks3NHE2V2QxTEVUQTl3aFU4RUliMDVoaHhreU5JV...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-hVK74q6Wd1LETA9whU8EIb05hhxkyNIWhj7j4w&google_gid=CAESECUAZGBo5jTDYXTyO4rBC-k&google_cver=1&google_ula=913071,0

43 B
369 B

93ms
16ms

Image
image/gif

178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-hVK74q6Wd1LETA9whU8EIb05hhxkyNIWhj7j4w&google_gid=CAESECUAZGBo5jTDYXTyO4rBC-k&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 02:33:16 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 923379
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 12 Dec 2022 02:33:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-hVK74q6Wd1LETA9whU8EIb05hhxkyNIWhj7j4w&google_gid=CAESECUAZGBo5jTDYXTyO4rBC-k&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame E23D
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=675375556649057536

43 B
370 B

121ms
17ms

Image
image/gif

178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=675375556649057536

Protocol

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 02:33:16 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1929049
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 12 Dec 2022 02:33:16 GMT
AN-X-Request-Uuid: 7d9904cf-1278-4ea6-ac40-0690d3a9fcdc
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=675375556649057536
Connection: keep-alive
X-Proxy-Origin: 193.27.14.24; 193.27.14.24; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

rum
r.casalemedia.com/ Frame E23D
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-g0TRMa6Wd1LETA9whU8EIb05hhz1xok6hVkQMg
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-g0TRMa6Wd1LETA9whU8EIb05hhz1xok6hVkQMg&C=1

43 B
867 B

36ms
25ms

Image
image/gif

104.18.33.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-g0TRMa6Wd1LETA9whU8EIb05hhz1xok6hVkQMg&C=1
Protocol: H3
Server: 104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 02:33:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UZEtHMMiK9fxTZFmcbUayi6kirT8xrJWuFDGjzqtgojCGia1Vwoyh3EMkHafSfqgkScEHKXb0j%2FD4TMrfJ1eykIRWyw7GzghKMTzEgHEWH%2BOiw%2FD2TH2mjkYMkfvvBaTJktQ"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 77830de829a4925b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 12 Dec 2022 02:33:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZwrbuxRdMwHxdMwfQ3HDkN4HiRa7IwNLrdLMJn85iHmLyrdUp0WUqXTLoZCIGHbHFZP5y%2BW%2FktLzGqSZ5qxNmtTEGo2pETttynN%2FTZPFwpGwPFI0drXsZ2uEjKG0mLEsmaR8"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=20&external_user_id=k-g0TRMa6Wd1LETA9whU8EIb05hhz1xok6hVkQMg&C=1
cache-control: no-cache
cf-ray: 77830de7ea529b43-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame E23D
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-8afcmK6Wd1LETA9whU8EIb05hhz4wJWBHvlN1A
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-8afcmK6Wd1LETA9whU8EIb05hhz4wJWBHvlN1A

43 B
447 B

33ms
33ms

Image
image/gif

176.34.141.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-8afcmK6Wd1LETA9whU8EIb05hhz4wJWBHvlN1A
Protocol: H2
Server: 176.34.141.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-176-34-141-217.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 12 Dec 2022 02:33:16 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-8afcmK6Wd1LETA9whU8EIb05hhz4wJWBHvlN1A
date: Mon, 12 Dec 2022 02:33:16 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 cksync.php
contextual.media.net/ Frame E23D 45 B
785 B 57ms
29ms Image
image/gif 184.30.20.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-o76EHK6Wd1LETA9whU8EIb05hhwvqw8-foaq5w

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Mon, 12 Dec 2022 02:33:16 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 45
x-mnet-hl2: E
expires: Mon, 12 Dec 2022 02:33:16 GMT

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame E23D 0
145 B 369ms
88ms Image
text/plain 64.202.112.127
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-__IZa66Wd1LETA9whU8EIb05hhxyePNFoKXXzg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.127 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Mon, 12 Dec 2022 02:33:17 GMT
Cache-Control: no-cache
X-TraceId: 30e21b4a0ea31fedd0986126fd567782
Content-Length: 0

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame E23D 0
239 B 99ms
9ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-JVCCPq6Wd1LETA9whU8EIb05hhwadJu-kr7fyg&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 v1
match.sharethrough.com/sync/ Frame E23D 0
35 B 51ms
7ms Image
text/plain 18.196.238.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-NID9lq6Wd1LETA9whU8EIb05hhy3dGRI8T5xzg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.238.199 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-238-199.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 02:33:16 GMT

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame E23D 43 B
163 B 200ms
25ms Image
image/gif 185.86.139.114
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-tcFzz66Wd1LETA9whU8EIb05hhwi8O94X8I_rw
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 02:33:16 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame E23D 0
99 B 86ms
16ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-kj4qva6Wd1LETA9whU8EIb05hhyy5In_E3BQBA
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 02:33:16 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13629

GET
H2 200 um
criteo-sync.teads.tv/ Frame E23D 23 B
172 B 103ms
38ms Image
image/gif 104.75.89.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-S4xqm66Wd1LETA9whU8EIb05hhzKhDTZewiKGA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-89-75.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

expires: Mon, 12 Dec 2022 02:33:16 GMT
pragma: no-cache
date: Mon, 12 Dec 2022 02:33:16 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame E23D 37 B
140 B 39ms
9ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-u3_rvK6Wd1LETA9whU8EIb05hhwZheiXvQrLNQ&dongle=013b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 02:33:16 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58301/ Frame E23D
Redirect Chain

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-5cAwga6Wd1LETA9whU8EIb05hhze0hDh9YUXbA
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-5cAwga6Wd1LETA9whU8EIb05hhze0hDh9YUXbA&verify=true

0
121 B

10ms
9ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-5cAwga6Wd1LETA9whU8EIb05hhze0hDh9YUXbA&verify=true

Protocol

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 02:33:16 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-5cAwga6Wd1LETA9whU8EIb05hhze0hDh9YUXbA&verify=true
date: Mon, 12 Dec 2022 02:33:16 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 put
e1.emxdgt.com/ Frame E23D 0
55 B 44ms
7ms Image
text/html 18.156.32.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d53&uid=k-8FqFmq6Wd1LETA9whU8EIb05hhyrp1tbKgAqfQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.32.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-32-70.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 02:33:16 GMT
content-length: 0
content-type: text/html

GET
H2 200 pixel
cm.adform.net/ Frame E23D 43 B
162 B 87ms
24ms Image
image/gif 37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-W3oLTa6Wd1LETA9whU8EIb05hhyO1Fp_SBvR5w
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 02:33:16 GMT
last-modified: Thu, 28 Jul 2022 12:09:37 GMT
server: nginx
accept-ranges: bytes
etag: "62e27c81-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame E23D 49 B
235 B 62ms
16ms Image
image/gif 185.255.84.152
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-wPHg6K6Wd1LETA9whU8EIb05hhyy8PD7ACJfvw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.152 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 02:33:16 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
content-length: 49
expires: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame E23D
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=GY4r5K1bOGThxgeMbKiISFapb_Mg7uP0
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=GY4r5K1bOGThxgeMbKiISFapb_Mg7uP0

42 B
942 B

34ms
34ms

Image
image/gif

52.16.99.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=GY4r5K1bOGThxgeMbKiISFapb_Mg7uP0

Protocol

HTTP/1.1

Server

52.16.99.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-16-99-144.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v045-07e4ed132.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 58o6SQI2T7k=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v045-0bb46f593.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: smGSTdbZTmk=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=GY4r5K1bOGThxgeMbKiISFapb_Mg7uP0
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200 9.gif
id5-sync.com/s/966/ Frame E23D 43 B
1 KB 33ms
7ms Image
image/gif 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-LfJ1Fq6Wd1LETA9whU8EIb05hhxYDKM3J3kzxQ

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Mon, 12 Dec 2022 02:33:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H2 200 sync
matching.ivitrack.com/ Frame E23D 42 B
274 B 36ms
15ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-G2Z7ZK6Wd1LETA9whU8EIb05hhxYJp9qI82V8g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 02:33:15 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame E23D 0
882 B 37ms
11ms Image
text/html 52.57.144.0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-YAbw466Wd1LETA9whU8EIb05hhzsw7U6702_pg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.144.0 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-144-0.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 02:33:16 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame E23D 42 B
577 B 66ms
14ms Image
image/gif 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-002JU66Wd1LETA9whU8EIb05hhxV-af3gMSrvQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Mon, 12 Dec 2022 02:33:16 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame E23D 43 B
183 B 327ms
97ms Image
image/gif 2600:1f18:612b:4216:f6:411e:ff52:dd4b
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-4HSHva6Wd1LETA9whU8EIb05hhwuXNOoM6pdvg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:f6:411e:ff52:dd4b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Mon, 12 Dec 2022 02:33:17 GMT
server: Apache-Coyote/1.1
content-type: image/gif

GET
H2 200 getusermatch.php
a.twiago.com/rtb/ Frame E23D 43 B
153 B 85ms
28ms Image
image/gif 85.215.5.31
CRONON-BERLIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-BcBopq6Wd1LETA9whU8EIb05hhyWFVkmH7dyrA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.215.5.31 Berlin, Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software: Apache / PHP/7.3.29
Resource Hash: 5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 12 Dec 2022 02:33:16 GMT
server: Apache
x-powered-by: PHP/7.3.29
content-length: 43
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame E23D 0
525 B 43ms
18ms Image
text/plain 184.31.94.14
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-KDLU1q6Wd1LETA9whU8EIb05hhwoHmwoNYFgwQ

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.31.94.14 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-31-94-14.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Dec 2022 02:33:16 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Sun, 11 Dec 2022 02:33:16 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame E23D 43 B
220 B 144ms
31ms Image
image/gif 52.49.74.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-zymHtq6Wd1LETA9whU8EIb05hhyiWLn9Afdp0w&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.74.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-74-99.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 12 Dec 2022 02:33:17 GMT
content-type: image/gif
content-length: 43
access-control-allow-methods: GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame E23D
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=Tz6ft5tsiUYOklvSIFCAYd3x9IwsOGgU

0
338 B

121ms
31ms

Image
text/plain

52.49.90.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=Tz6ft5tsiUYOklvSIFCAYd3x9IwsOGgU
Protocol: H2
Server: 52.49.90.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-90-126.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-served-by: beacon-n004-dub-prod.krxd.net
date: Mon, 12 Dec 2022 02:33:17 GMT
cache-control: private, no-cache, no-store
x-request-time: D=79 t=1670812397
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=Tz6ft5tsiUYOklvSIFCAYd3x9IwsOGgU
date: Mon, 12 Dec 2022 02:33:16 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 1347980
content-length: 0

GET
H2

200

cs
s.thebrighttag.com/ Frame E23D
Redirect Chain

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=AQGTKooALb1DuqbXKNSOWwOOLkEiWL08

35 B
268 B

359ms
110ms

Image
image/gif

3.143.128.248
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=AQGTKooALb1DuqbXKNSOWwOOLkEiWL08
Protocol: H2
Server: 3.143.128.248 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-143-128-248.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 02:33:17 GMT
x-bt-requestid: 55dd0620-79c5-11ed-b340-0000ac17031e
server: nginx
content-type: image/gif
access-control-allow-origin
p3p: CP=NOI DSP COR NID
cache-control: private, must-revalidate
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=AQGTKooALb1DuqbXKNSOWwOOLkEiWL08
date: Mon, 12 Dec 2022 02:33:16 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 1315899
content-length: 0

GET
H3 200 2694714490816701 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 2087ms
2085ms Script
application/x-javascript 2a03:2880:f080:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2694714490816701?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a1eba6dc9d90b189d182d9c6c932f971cd1594c433440ef8520227dbaff7a414

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 12 Dec 2022 02:33:19 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: XKDLYl1rZc2RLdO/HalLCmVtEvi2DoOpA2wCDvVHpIkh/bwnuZjBmwmseaZUM71bMk4SSwNEtfNhWdQUp7q3qA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 10ms
7ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=267676300989451&ev=PageView&dl=https%3A%2F%2Fwww.getthebuzzbgone.com%2Fzap%2Fau%2Fpre-5.html%3Fpcta%3Dindex-v3.html%26icta%3Dorder.html%26iep%3Dtrue%26temp%3Dhcvr%26loader%3D0%26fomo%3D1%26Affid%3D6164%26s1%3D%26s2%3D%26s3%3D%26s4%3D3127%26s5%3D167c1aea656a44e0972c4ffeeeb1df48%26domain1%3Dwww.frscosr.com%26network_id%3D69&rl=&if=false&ts=1670812397124&sw=1600&sh=1200&v=2.9.89&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1670812396434.1968484698&it=1670812396211&coo=false&tm=1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 12 Dec 2022 02:33:17 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 unity.gif Show response
api.getblueshift.com/ 42 B
236 B 491ms
166ms XHR
image/gif 52.33.148.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.getblueshift.com/unity.gif?t=1670812397&e=pageload&r=&z=220618&x=13c25a652e2a0c05cb06a3b1dba09a85&k=b5108b88-66a5-5c60-d3e8-124b8347c35c&u=https%3A%2F%2Fwww.getthebuzzbgone.com%2Fzap%2Fau%2Fpre-5.html%3Fpcta%3Dindex-v3.html%26icta%3Dorder.html%26iep%3Dtrue%26temp%3Dhcvr%26loader%3D0%26fomo%3D1%26Affid%3D6164%26s1%3D%26s2%3D%26s3%3D%26s4%3D3127%26s5%3D167c1aea656a44e0972c4ffeeeb1df48%26domain1%3Dwww.frscosr.com%26network_id%3D69
Requested by: Host: cdn.getblueshift.com
URL: https://cdn.getblueshift.com/blueshift.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.33.148.114 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-33-148-114.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin: https://www.getthebuzzbgone.com
date: Mon, 12 Dec 2022 02:33:17 GMT
access-control-expose-headers: etag
content-length: 42
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: image/gif

GET
H2 200 unity.gif Show response
api.getblueshift.com/ 42 B
235 B 490ms
167ms XHR
image/gif 52.33.148.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.getblueshift.com/unity.gif?t=1670812397&e=presale_load&r=&z=3418&x=13c25a652e2a0c05cb06a3b1dba09a85&k=b5108b88-66a5-5c60-d3e8-124b8347c35c&u=https%3A%2F%2Fwww.getthebuzzbgone.com%2Fzap%2Fau%2Fpre-5.html%3Fpcta%3Dindex-v3.html%26icta%3Dorder.html%26iep%3Dtrue%26temp%3Dhcvr%26loader%3D0%26fomo%3D1%26Affid%3D6164%26s1%3D%26s2%3D%26s3%3D%26s4%3D3127%26s5%3D167c1aea656a44e0972c4ffeeeb1df48%26domain1%3Dwww.frscosr.com%26network_id%3D69
Requested by: Host: cdn.getblueshift.com
URL: https://cdn.getblueshift.com/blueshift.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.33.148.114 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-33-148-114.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin: https://www.getthebuzzbgone.com
date: Mon, 12 Dec 2022 02:33:17 GMT
access-control-expose-headers: etag
content-length: 42
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: image/gif

GET
H2 204 unip Show response
trc-events.taboola.com/1371373/log/3/ 0
252 B 68ms
15ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1371373/log/3/unip?en=pre_d_eng_tb&tos=1593&scd=9&ssd=1&est=1670812395762&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1670812397355&vi=1670812395758&ri=81836680e2ff21c760809d018ff42627&ref=null&cv=20221211-7-RELEASE&item-url=https%3A%2F%2Fwww.getthebuzzbgone.com%2Fzap%2Fau%2Fpre-5.html%3Fpcta%3Dindex-v3.html%26icta%3Dorder.html%26iep%3Dtrue%26temp%3Dhcvr%26loader%3D0%26fomo%3D1%26Affid%3D6164%26s1%3D%26s2%3D%26s3%3D%26s4%3D3127%26s5%3D167c1aea656a44e0972c4ffeeeb1df48%26domain1%3Dwww.frscosr.com%26network_id%3D69
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1371373/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin: https://www.getthebuzzbgone.com
pragma: no-cache
date: Mon, 12 Dec 2022 02:33:17 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H3 204 conversion
www.frscosr.com/sdk/ 0
0 112ms
111ms Fetch 34.107.179.180
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.frscosr.com/sdk/conversion?effp=5468347a3ffa701b865c111784025ffb&transaction_id=167c1aea656a44e0972c4ffeeeb1df48&adv_event_id=313&event_source_url=www.getthebuzzbgone.com
Requested by: Host: www.frscosr.com
URL: https://www.frscosr.com/scripts/sdk/everflow.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.179.180 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 180.179.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash

Request headers

Accept: application/json
Referer: https://www.getthebuzzbgone.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 02:33:17 GMT
via: 1.1 google
server: nginx
vary: Origin
access-control-allow-origin: https://www.getthebuzzbgone.com
access-control-allow-credentials: true
x-eflow-request-id: 6f80ea48-3355-458d-ae39-0aed1b89e10b
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 conversion Show response
www.frscosr.com/sdk/ 121 B
139 B 142ms
141ms Fetch
application/json 34.107.179.180
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.frscosr.com/sdk/conversion?effp=5468347a3ffa701b865c111784025ffb&transaction_id=167c1aea656a44e0972c4ffeeeb1df48&oid=3127&adv_event_id=128&event_source_url=www.getthebuzzbgone.com
Requested by: Host: www.frscosr.com
URL: https://www.frscosr.com/scripts/sdk/everflow.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.179.180 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 180.179.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 7b55689a5637481aec3b46514af7b0790eb431be6842458edeafa1576862c52b

Request headers

Accept: application/json
Referer: https://www.getthebuzzbgone.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 02:33:18 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.getthebuzzbgone.com
access-control-allow-credentials: true
x-eflow-request-id: 173fbd24-7aa0-46a4-b272-130d42de9579
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121

GET
H3 204 conversion
www.frscosr.com/sdk/ 0
0 121ms
121ms Fetch 34.107.179.180
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.frscosr.com/sdk/conversion?effp=5468347a3ffa701b865c111784025ffb&transaction_id=167c1aea656a44e0972c4ffeeeb1df48&oid=3127&adv_event_id=228&event_source_url=www.getthebuzzbgone.com
Requested by: Host: www.frscosr.com
URL: https://www.frscosr.com/scripts/sdk/everflow.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.179.180 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 180.179.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash

Request headers

Accept: application/json
Referer: https://www.getthebuzzbgone.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 02:33:18 GMT
via: 1.1 google
server: nginx
vary: Origin
access-control-allow-origin: https://www.getthebuzzbgone.com
access-control-allow-credentials: true
x-eflow-request-id: c5fa183d-272e-4c5a-8bc3-ab1cb1327cc9
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 299983300983237 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 138ms
138ms Script
application/x-javascript 2a03:2880:f080:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/299983300983237?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fddaf89efdd0c1f57df26aa2cf94a337382a982dfe5b6f2adc6b6c76f090ef56

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 12 Dec 2022 02:33:19 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: V3fVgxd30oiNnGUG+gZdvzsZBA6l47QxawUA5Ko6YkWg8OMKEH8X+z7akDkJccEXu6Wck7eUgzkfx6iJwyUzoA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 8ms
7ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2694714490816701&ev=PageView&dl=https%3A%2F%2Fwww.getthebuzzbgone.com%2Fzap%2Fau%2Fpre-5.html%3Fpcta%3Dindex-v3.html%26icta%3Dorder.html%26iep%3Dtrue%26temp%3Dhcvr%26loader%3D0%26fomo%3D1%26Affid%3D6164%26s1%3D%26s2%3D%26s3%3D%26s4%3D3127%26s5%3D167c1aea656a44e0972c4ffeeeb1df48%26domain1%3Dwww.frscosr.com%26network_id%3D69&rl=&if=false&ts=1670812399231&sw=1600&sh=1200&v=2.9.89&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1670812396434.1968484698&it=1670812396211&coo=false&tm=1&exp=a1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 12 Dec 2022 02:33:19 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 253772819065419 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 138ms
137ms Script
application/x-javascript 2a03:2880:f080:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/253772819065419?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1eebeaf7d5d554f3243f6bf5a321eb1afe2507d3aebc4856db4d7bfe36744ec2

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 12 Dec 2022 02:33:19 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 8P1UToUWPeqW5OCL3fMwf605U7ZDoaFa4yuIjDY8Q9ip5Ju4jRsdXxDF3lRxHdGTjzO4vL6iS31x2NoGLX9OMA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 12ms
10ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=299983300983237&ev=PageView&dl=https%3A%2F%2Fwww.getthebuzzbgone.com%2Fzap%2Fau%2Fpre-5.html%3Fpcta%3Dindex-v3.html%26icta%3Dorder.html%26iep%3Dtrue%26temp%3Dhcvr%26loader%3D0%26fomo%3D1%26Affid%3D6164%26s1%3D%26s2%3D%26s3%3D%26s4%3D3127%26s5%3D167c1aea656a44e0972c4ffeeeb1df48%26domain1%3Dwww.frscosr.com%26network_id%3D69&rl=&if=false&ts=1670812399393&sw=1600&sh=1200&v=2.9.89&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1670812396434.1968484698&it=1670812396211&coo=false&tm=1&exp=c0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 12 Dec 2022 02:33:19 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 973860756722629 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 132ms
131ms Script
application/x-javascript 2a03:2880:f080:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/973860756722629?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6a9f385e8247103f03084425e290613df8167118f39faa4a0c89fe81a6a16f28

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 12 Dec 2022 02:33:19 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: vbljpxx9RpTG5WWdQysSSXgWN/DgcebMdQ2MjoU/EQgHq8+UJt5fgYDlFdjaFY0MVPrDtteCoGfBAU9deiMTVA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 7ms
7ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=253772819065419&ev=PageView&dl=https%3A%2F%2Fwww.getthebuzzbgone.com%2Fzap%2Fau%2Fpre-5.html%3Fpcta%3Dindex-v3.html%26icta%3Dorder.html%26iep%3Dtrue%26temp%3Dhcvr%26loader%3D0%26fomo%3D1%26Affid%3D6164%26s1%3D%26s2%3D%26s3%3D%26s4%3D3127%26s5%3D167c1aea656a44e0972c4ffeeeb1df48%26domain1%3Dwww.frscosr.com%26network_id%3D69&rl=&if=false&ts=1670812399551&sw=1600&sh=1200&v=2.9.89&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1670812396434.1968484698&it=1670812396211&coo=false&tm=1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 12 Dec 2022 02:33:19 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 153734496814560 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 130ms
129ms Script
application/x-javascript 2a03:2880:f080:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/153734496814560?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d4a922fb863d81a6607a0d6ec136c5de2b3132ec70ed4311758c72d8742aac2d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 12 Dec 2022 02:33:19 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: KlWdK8SmfJaB0DF+9KEAXWLY4AwDXS0VPBwBCAyCIfVJdsmotkH0g9//gxlgo7Tny1EetSm6AaDEKSrsXddfdw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 11ms
10ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=973860756722629&ev=PageView&dl=https%3A%2F%2Fwww.getthebuzzbgone.com%2Fzap%2Fau%2Fpre-5.html%3Fpcta%3Dindex-v3.html%26icta%3Dorder.html%26iep%3Dtrue%26temp%3Dhcvr%26loader%3D0%26fomo%3D1%26Affid%3D6164%26s1%3D%26s2%3D%26s3%3D%26s4%3D3127%26s5%3D167c1aea656a44e0972c4ffeeeb1df48%26domain1%3Dwww.frscosr.com%26network_id%3D69&rl=&if=false&ts=1670812399756&sw=1600&sh=1200&v=2.9.89&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1670812396434.1968484698&it=1670812396211&coo=false&tm=1&exp=a0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 12 Dec 2022 02:33:19 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 247783423568708 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 136ms
136ms Script
application/x-javascript 2a03:2880:f080:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/247783423568708?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7e5c536457461972554c2d74e06e3f19406eeaa27f514896e84ff908774b5fce

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 12 Dec 2022 02:33:20 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: MYKzpBn7wawP5QuJwqlNvleF+vOx9Iua0yVMsu51jKrZPOAZtHRhLpoO7lMDQ2zZf06ybLhm2pkm7iOql9Zh1Q==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 8ms
7ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=153734496814560&ev=PageView&dl=https%3A%2F%2Fwww.getthebuzzbgone.com%2Fzap%2Fau%2Fpre-5.html%3Fpcta%3Dindex-v3.html%26icta%3Dorder.html%26iep%3Dtrue%26temp%3Dhcvr%26loader%3D0%26fomo%3D1%26Affid%3D6164%26s1%3D%26s2%3D%26s3%3D%26s4%3D3127%26s5%3D167c1aea656a44e0972c4ffeeeb1df48%26domain1%3Dwww.frscosr.com%26network_id%3D69&rl=&if=false&ts=1670812399905&sw=1600&sh=1200&v=2.9.89&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1670812396434.1968484698&it=1670812396211&coo=false&tm=1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 12 Dec 2022 02:33:19 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 13ms
11ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=247783423568708&ev=PageView&dl=https%3A%2F%2Fwww.getthebuzzbgone.com%2Fzap%2Fau%2Fpre-5.html%3Fpcta%3Dindex-v3.html%26icta%3Dorder.html%26iep%3Dtrue%26temp%3Dhcvr%26loader%3D0%26fomo%3D1%26Affid%3D6164%26s1%3D%26s2%3D%26s3%3D%26s4%3D3127%26s5%3D167c1aea656a44e0972c4ffeeeb1df48%26domain1%3Dwww.frscosr.com%26network_id%3D69&rl=&if=false&ts=1670812400066&sw=1600&sh=1200&v=2.9.89&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1670812396434.1968484698&it=1670812396211&coo=false&tm=1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 12 Dec 2022 02:33:20 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 11ms
9ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=252134019366681&ev=Microdata&dl=https%3A%2F%2Fwww.getthebuzzbgone.com%2Fzap%2Fau%2Fpre-5.html%3Fpcta%3Dindex-v3.html%26icta%3Dorder.html%26iep%3Dtrue%26temp%3Dhcvr%26loader%3D0%26fomo%3D1%26Affid%3D6164%26s1%3D%26s2%3D%26s3%3D%26s4%3D3127%26s5%3D167c1aea656a44e0972c4ffeeeb1df48%26domain1%3Dwww.frscosr.com%26network_id%3D69&rl=&if=false&ts=1670812400067&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22This%20Genius%20Device%20Kills%20Mosquitoes%20Dead%20-%20Thousands%20Zapped%20Every%20Hour%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.89&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.1.1670812396434.1968484698&it=1670812396211&coo=false&es=automatic&tm=3&exp=a0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 12 Dec 2022 02:33:20 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 13ms
11ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1115292892176378&ev=Microdata&dl=https%3A%2F%2Fwww.getthebuzzbgone.com%2Fzap%2Fau%2Fpre-5.html%3Fpcta%3Dindex-v3.html%26icta%3Dorder.html%26iep%3Dtrue%26temp%3Dhcvr%26loader%3D0%26fomo%3D1%26Affid%3D6164%26s1%3D%26s2%3D%26s3%3D%26s4%3D3127%26s5%3D167c1aea656a44e0972c4ffeeeb1df48%26domain1%3Dwww.frscosr.com%26network_id%3D69&rl=&if=false&ts=1670812400069&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22This%20Genius%20Device%20Kills%20Mosquitoes%20Dead%20-%20Thousands%20Zapped%20Every%20Hour%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.89&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.1.1670812396434.1968484698&it=1670812396211&coo=false&es=automatic&tm=3&exp=a0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 12 Dec 2022 02:33:20 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 14ms
12ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=267676300989451&ev=Microdata&dl=https%3A%2F%2Fwww.getthebuzzbgone.com%2Fzap%2Fau%2Fpre-5.html%3Fpcta%3Dindex-v3.html%26icta%3Dorder.html%26iep%3Dtrue%26temp%3Dhcvr%26loader%3D0%26fomo%3D1%26Affid%3D6164%26s1%3D%26s2%3D%26s3%3D%26s4%3D3127%26s5%3D167c1aea656a44e0972c4ffeeeb1df48%26domain1%3Dwww.frscosr.com%26network_id%3D69&rl=&if=false&ts=1670812400070&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22This%20Genius%20Device%20Kills%20Mosquitoes%20Dead%20-%20Thousands%20Zapped%20Every%20Hour%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.89&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.1.1670812396434.1968484698&it=1670812396211&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 12 Dec 2022 02:33:20 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 204 unip Show response
trc-events.taboola.com/1371373/log/3/ 0
252 B 14ms
14ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1371373/log/3/unip?en=pre_d_eng_tb&tos=4595&scd=9&ssd=1&est=1670812395762&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1670812400358&vi=1670812395758&ri=81836680e2ff21c760809d018ff42627&ref=null&cv=20221211-7-RELEASE&item-url=https%3A%2F%2Fwww.getthebuzzbgone.com%2Fzap%2Fau%2Fpre-5.html%3Fpcta%3Dindex-v3.html%26icta%3Dorder.html%26iep%3Dtrue%26temp%3Dhcvr%26loader%3D0%26fomo%3D1%26Affid%3D6164%26s1%3D%26s2%3D%26s3%3D%26s4%3D3127%26s5%3D167c1aea656a44e0972c4ffeeeb1df48%26domain1%3Dwww.frscosr.com%26network_id%3D69
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1371373/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin: https://www.getthebuzzbgone.com
pragma: no-cache
date: Mon, 12 Dec 2022 02:33:20 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 8ms
7ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2694714490816701&ev=Microdata&dl=https%3A%2F%2Fwww.getthebuzzbgone.com%2Fzap%2Fau%2Fpre-5.html%3Fpcta%3Dindex-v3.html%26icta%3Dorder.html%26iep%3Dtrue%26temp%3Dhcvr%26loader%3D0%26fomo%3D1%26Affid%3D6164%26s1%3D%26s2%3D%26s3%3D%26s4%3D3127%26s5%3D167c1aea656a44e0972c4ffeeeb1df48%26domain1%3Dwww.frscosr.com%26network_id%3D69&rl=&if=false&ts=1670812400734&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22This%20Genius%20Device%20Kills%20Mosquitoes%20Dead%20-%20Thousands%20Zapped%20Every%20Hour%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.89&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.1.1670812396434.1968484698&it=1670812396211&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 12 Dec 2022 02:33:20 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 8ms
7ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=299983300983237&ev=Microdata&dl=https%3A%2F%2Fwww.getthebuzzbgone.com%2Fzap%2Fau%2Fpre-5.html%3Fpcta%3Dindex-v3.html%26icta%3Dorder.html%26iep%3Dtrue%26temp%3Dhcvr%26loader%3D0%26fomo%3D1%26Affid%3D6164%26s1%3D%26s2%3D%26s3%3D%26s4%3D3127%26s5%3D167c1aea656a44e0972c4ffeeeb1df48%26domain1%3Dwww.frscosr.com%26network_id%3D69&rl=&if=false&ts=1670812400896&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22This%20Genius%20Device%20Kills%20Mosquitoes%20Dead%20-%20Thousands%20Zapped%20Every%20Hour%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.89&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.1.1670812396434.1968484698&it=1670812396211&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 12 Dec 2022 02:33:20 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 8ms
8ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=253772819065419&ev=Microdata&dl=https%3A%2F%2Fwww.getthebuzzbgone.com%2Fzap%2Fau%2Fpre-5.html%3Fpcta%3Dindex-v3.html%26icta%3Dorder.html%26iep%3Dtrue%26temp%3Dhcvr%26loader%3D0%26fomo%3D1%26Affid%3D6164%26s1%3D%26s2%3D%26s3%3D%26s4%3D3127%26s5%3D167c1aea656a44e0972c4ffeeeb1df48%26domain1%3Dwww.frscosr.com%26network_id%3D69&rl=&if=false&ts=1670812401054&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22This%20Genius%20Device%20Kills%20Mosquitoes%20Dead%20-%20Thousands%20Zapped%20Every%20Hour%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.89&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.1.1670812396434.1968484698&it=1670812396211&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 12 Dec 2022 02:33:21 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 8ms
7ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=973860756722629&ev=Microdata&dl=https%3A%2F%2Fwww.getthebuzzbgone.com%2Fzap%2Fau%2Fpre-5.html%3Fpcta%3Dindex-v3.html%26icta%3Dorder.html%26iep%3Dtrue%26temp%3Dhcvr%26loader%3D0%26fomo%3D1%26Affid%3D6164%26s1%3D%26s2%3D%26s3%3D%26s4%3D3127%26s5%3D167c1aea656a44e0972c4ffeeeb1df48%26domain1%3Dwww.frscosr.com%26network_id%3D69&rl=&if=false&ts=1670812401257&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22This%20Genius%20Device%20Kills%20Mosquitoes%20Dead%20-%20Thousands%20Zapped%20Every%20Hour%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.89&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.1.1670812396434.1968484698&it=1670812396211&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 12 Dec 2022 02:33:21 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 8ms
8ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=153734496814560&ev=Microdata&dl=https%3A%2F%2Fwww.getthebuzzbgone.com%2Fzap%2Fau%2Fpre-5.html%3Fpcta%3Dindex-v3.html%26icta%3Dorder.html%26iep%3Dtrue%26temp%3Dhcvr%26loader%3D0%26fomo%3D1%26Affid%3D6164%26s1%3D%26s2%3D%26s3%3D%26s4%3D3127%26s5%3D167c1aea656a44e0972c4ffeeeb1df48%26domain1%3Dwww.frscosr.com%26network_id%3D69&rl=&if=false&ts=1670812401407&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22This%20Genius%20Device%20Kills%20Mosquitoes%20Dead%20-%20Thousands%20Zapped%20Every%20Hour%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.89&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.1.1670812396434.1968484698&it=1670812396211&coo=false&es=automatic&tm=3&exp=a0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 12 Dec 2022 02:33:21 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 8ms
7ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=247783423568708&ev=Microdata&dl=https%3A%2F%2Fwww.getthebuzzbgone.com%2Fzap%2Fau%2Fpre-5.html%3Fpcta%3Dindex-v3.html%26icta%3Dorder.html%26iep%3Dtrue%26temp%3Dhcvr%26loader%3D0%26fomo%3D1%26Affid%3D6164%26s1%3D%26s2%3D%26s3%3D%26s4%3D3127%26s5%3D167c1aea656a44e0972c4ffeeeb1df48%26domain1%3Dwww.frscosr.com%26network_id%3D69&rl=&if=false&ts=1670812401569&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22This%20Genius%20Device%20Kills%20Mosquitoes%20Dead%20-%20Thousands%20Zapped%20Every%20Hour%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.89&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.1.1670812396434.1968484698&it=1670812396211&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getthebuzzbgone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 12 Dec 2022 02:33:21 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

Verdicts & Comments Add Verdict or Comment

180 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

73 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.frscosr.com/	1970-01-20 08:50:04	Name: uniqueClick_6J3FGCJ Value: 6f4a75fc-532d-4e18-ab28-6be84be602f9:1670812393
www.frscosr.com/	1970-01-20 10:16:28	Name: transaction_id Value: 167c1aea656a44e0972c4ffeeeb1df48
.getthebuzzbgone.com/	1970-01-20 16:53:54	Name: _vwo_uuid_v2 Value: DE02AD16A928ED2C3FA8BF8D8960AED1F\|4b8e41be2821eff51d6267529efa0af3
.getthebuzzbgone.com/	1970-01-20 10:30:52	Name: _vis_opt_s Value: 1%7C
.getthebuzzbgone.com/	1969-12-31 23:59:59	Name: _vis_opt_test_cookie Value: 1
.getthebuzzbgone.com/	1970-01-20 17:42:52	Name: _vwo_uuid Value: DE02AD16A928ED2C3FA8BF8D8960AED1F
.getthebuzzbgone.com/	1970-01-20 10:16:28	Name: _vwo_ds Value: 3%241670812394%3A31.93638776%3A%3A
.getthebuzzbgone.com/	1970-01-20 08:06:54	Name: _vwo_sn Value: 0%3A1
.getthebuzzbgone.com/	1970-01-20 10:16:28	Name: _gcl_au Value: 1.1.1367649835.1670812395
www.clarity.ms/	1970-01-20 16:52:28	Name: CLID Value: 3db8849efb7f42a2b9cb5b4aa4b0987c.20221212.20231212
.getthebuzzbgone.com/	1970-01-20 16:52:28	Name: _clck Value: jip0qn\|1\|f7c\|0
.c.bing.com/	1970-01-20 17:28:28	Name: SRM_B Value: 3459D89C8FAC62A418E6CAE48EAC631D
.getthebuzzbgone.com/	1970-01-20 08:08:18	Name: _clsk Value: dbehp5\|1670812395636\|1\|0\|d.clarity.ms/collect
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 17:28:28	Name: MUID Value: 3459D89C8FAC62A418E6CAE48EAC631D
.c.clarity.ms/	1970-01-20 08:06:52	Name: ANONCHK Value: 0
www.frscosr.com/	1970-01-20 08:50:04	Name: uniqueClick Value: c7ddb903-e0ec-47e1-beb0-5ee67b82bb9b:1670812395
.getthebuzzbgone.com/	1970-01-20 17:42:52	Name: _ga Value: GA1.2.596517134.1670812396
.getthebuzzbgone.com/	1970-01-20 08:08:18	Name: _gid Value: GA1.2.823535819.1670812396
.getthebuzzbgone.com/	1970-01-20 08:06:52	Name: _gat_UA-164498018-18 Value: 1
.getthebuzzbgone.com/	1970-01-20 08:06:52	Name: _gat_gtag_UA_164498018_18 Value: 1
.getthebuzzbgone.com/	1970-01-20 08:06:52	Name: _gat_gtag_UA_177438588_1 Value: 1
.criteo.com/	1970-01-20 17:28:28	Name: uid Value: 81fb43a9-d180-4284-b170-c4034f34fad6
www.getthebuzzbgone.com/	1970-01-20 17:42:52	Name: d_ctr_cid Value: f3de8dd06add6dc142e6e11d17621214
www.getthebuzzbgone.com/	1970-01-20 08:06:54	Name: d_ctr_sid60aca4dc104d5d0ab45c6cf0 Value: 60aca4dc104d5d0ab45c6cf0.1670812395964.474763726
.bing.com/	1970-01-20 17:28:28	Name: MUID Value: 0BD6B77CA18D653831ECA504A08D64E7
.doubleclick.net/	1970-01-20 17:28:28	Name: IDE Value: AHWqTUmMj39QVWERNB9j1ry46N2UAVaDu2AufIoQITJ2EBlz7Ui7oz9FaT8u3jYJ
.ctrwow-prod-analytics-socketserver.azurewebsites.net/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: 75ddd5225fe95ac7c182c95ddb06572176e41e2582bc2a571de4d3544b0ad899
.getthebuzzbgone.com/	1970-01-20 08:08:18	Name: _uetsid Value: 551e46a079c511eda634e90f1d0b5c77
.getthebuzzbgone.com/	1970-01-20 17:28:28	Name: _uetvid Value: 551e6d9079c511edb4c1c54b2625aa22
.getthebuzzbgone.com/	1970-01-20 16:52:28	Name: _hjSessionUser_1450693 Value: eyJpZCI6Ijc4MmZmN2RmLTEyZjgtNWFiNi04Yzg4LWUwYjZkYmRlNDgyYiIsImNyZWF0ZWQiOjE2NzA4MTIzOTYwNjYsImV4aXN0aW5nIjpmYWxzZX0=
.getthebuzzbgone.com/	1970-01-20 08:06:54	Name: _hjFirstSeen Value: 1
www.getthebuzzbgone.com/	1970-01-20 08:06:52	Name: _hjIncludedInSessionSample Value: 0
.getthebuzzbgone.com/	1970-01-20 08:06:54	Name: _hjSession_1450693 Value: eyJpZCI6IjMxZjNhODM2LTE2NzgtNGQ3OS05ZDE5LThmYWJmMTM3OWE4MyIsImNyZWF0ZWQiOjE2NzA4MTIzOTYyNDEsImluU2FtcGxlIjpmYWxzZX0=
.getthebuzzbgone.com/	1970-01-20 08:06:54	Name: _hjAbsoluteSessionInProgress Value: 1
.getthebuzzbgone.com/	1970-01-20 17:36:16	Name: cto_bundle Value: d1vM2F9DMmZYd0ZHR3gwc01QZlBoQ2NZVTVkd20lMkZLMWV4VFF4SkRsQVhmRG5aOUs3bUVCRHRsRXlCdW45aTlrQlpxdXRkUlc1ZVo4VXpwWmZBZ2lseE5KZng1d0dGUHpkdURraldkb3JrMzFXcEpzV0UlMkZ0WHF4UU83Z21SelM1SU9oUTdPdUtPdXZQU0ZVeHg4OHNmSkNkR0hZdWV2cWtJVXFCQWtiN05BdmduVTFnJTNE
.getthebuzzbgone.com/	1970-01-20 10:16:28	Name: _fbp Value: fb.1.1670812396434.1968484698
www.getthebuzzbgone.com/	1970-01-20 08:50:04	Name: ef_tid_c_o_3127 Value: 167c1aea656a44e0972c4ffeeeb1df48\|167c1aea656a44e0972c4ffeeeb1df48\|167c1aea656a44e0972c4ffeeeb1df48
www.getthebuzzbgone.com/	1970-01-20 08:50:04	Name: ef_tid_c_a_172 Value: 167c1aea656a44e0972c4ffeeeb1df48\|167c1aea656a44e0972c4ffeeeb1df48\|167c1aea656a44e0972c4ffeeeb1df48
.adnxs.com/	1970-01-20 10:16:28	Name: uuid2 Value: 675375556649057536
.media.net/	1970-01-20 16:52:28	Name: visitor-id Value: 3138139967576876000V10
.media.net/	1970-01-20 08:50:04	Name: data-c-ts Value: 1670812396
.media.net/	1970-01-20 08:50:04	Name: data-c Value: k-o76EHK6Wd1LETA9whU8EIb05hhwvqw8-foaq5w~~3
.casalemedia.com/	1970-01-20 16:52:28	Name: CMID Value: Y5aS7JGzzWoXUMFAR-hJPQAA
.casalemedia.com/	1970-01-20 10:16:28	Name: CMPS Value: 1160
.casalemedia.com/	1970-01-20 10:16:28	Name: CMPRO Value: 1160
.casalemedia.com/	1970-01-20 10:16:28	Name: CMTS Value: 5156
.360yield.com/	1970-01-20 10:16:28	Name: tuuid Value: 86953f92-3325-47cb-b084-ef90863a6410
.360yield.com/	1970-01-20 10:16:28	Name: tuuid_lu Value: 1670812396
.bidswitch.net/	1970-01-20 16:52:28	Name: tuuid Value: 35666e2a-b2e3-4835-85ce-566e2b6b9b23
.bidswitch.net/	1970-01-20 16:52:28	Name: c Value: 1670812396
.bidswitch.net/	1970-01-20 16:52:28	Name: tuuid_lu Value: 1670812396
.360yield.com/	1970-01-20 10:16:28	Name: um Value: !38,JfLkKU7AqC0Z8gRFzN8pKN4yrsh20ECnz3JndcyRAdOUIDc1N7mbUaPKBk1rh-G.DMyZIUGA,1678588396
.360yield.com/	1970-01-20 10:16:28	Name: umeh Value: !38,0,1733020396,-1
.demdex.net/	1970-01-20 12:26:04	Name: demdex Value: 50586475094633516513064558085397535209
.id5-sync.com/	1970-01-20 08:06:52	Name: cf Value:
.id5-sync.com/	1970-01-20 08:06:52	Name: cip Value:
.id5-sync.com/	1970-01-20 08:06:52	Name: cnac Value:
.id5-sync.com/	1970-01-20 08:06:52	Name: car Value:
.id5-sync.com/	1970-01-20 08:06:52	Name: gdpr Value:
.id5-sync.com/	1970-01-20 08:06:52	Name: callback Value:
exchange.mediavine.com/	1970-01-20 08:27:01	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%22558ebf10-79c5-11ed-93c5-2bf6d8eb7bf3%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 08:27:01	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22558ebf10-79c5-11ed-93c5-2bf6d8eb7bf3%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 08:27:01	Name: am_tokens Value: %7B%22mv_uuid%22%3A%22558ebf10-79c5-11ed-93c5-2bf6d8eb7bf3%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 08:27:01	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22558ebf10-79c5-11ed-93c5-2bf6d8eb7bf3%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 08:27:01	Name: criteo Value: %7B%22id%22%3A%22k-YAbw466Wd1LETA9whU8EIb05hhzsw7U6702_pg%22%2C%22version%22%3A%22criteo%22%7D
.yahoo.com/	1970-01-20 16:52:49	Name: A3 Value: d=AQABBOySlmMCEE6B4KZoIC2DmRpj0yQ3OboFEgEBAQHkl2OgYwAAAAAA_eMAAA&S=AQAAAtyvcpzo5BiL2o1PIK8DhoI
.dpm.demdex.net/	1970-01-20 12:26:04	Name: dpm Value: 50586475094633516513064558085397535209
.pubmatic.com/	1970-01-20 08:50:04	Name: KRTBCOOKIE_97 Value: 3385-uid:k-002JU66Wd1LETA9whU8EIb05hhxV-af3gMSrvQ&KRTB&23144-uid:k-002JU66Wd1LETA9whU8EIb05hhxV-af3gMSrvQ&KRTB&23286-uid:k-002JU66Wd1LETA9whU8EIb05hhxV-af3gMSrvQ&KRTB&23287-uid:k-002JU66Wd1LETA9whU8EIb05hhxV-af3gMSrvQ
.pubmatic.com/	1970-01-20 08:50:04	Name: PugT Value: 1670812396
.analytics.yahoo.com/	1970-01-20 16:52:28	Name: IDSYNC Value: 18zh~28sq
.krxd.net/	1970-01-20 12:26:04	Name: _kuid_ Value: PQKRdsOe
.getthebuzzbgone.com/	1970-01-20 16:52:28	Name: _bs Value: b5108b88-66a5-5c60-d3e8-124b8347c35c

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.twiago.com
ad.360yield.com
ad.yieldlab.net
api.getblueshift.com
bat.bing.com
beacon.krxd.net
c.bing.com
c.clarity.ms
cdn.getblueshift.com
cdn.taboola.com
cm.adform.net
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
ctrwow-prod-fingerprint-microservice.azurewebsites.net
d.clarity.ms
d16hdrba6dusey.cloudfront.net
dev.visualwebsiteoptimizer.com
dis.criteo.com
dpm.demdex.net
dynamic.criteo.com
e1.emxdgt.com
eb2.3lift.com
exchange.mediavine.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
pixel.rubiconproject.com
r.casalemedia.com
rtb-csync.smartadserver.com
s.thebrighttag.com
sales-prod.tryemanagecrm.com
salessupport.tryemanagecrm.com
script.hotjar.com
simage2.pubmatic.com
sslwidget.criteo.com
static.hotjar.com
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
trc-events.taboola.com
trc.taboola.com
ups.analytics.yahoo.com
vars.hotjar.com
vc.hotjar.io
visitor.omnitagjs.com
widget.us.criteo.com
www.clarity.ms
www.facebook.com
www.frscosr.com
www.getthebuzzbgone.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.yourchefhome.com
x.bidswitch.net
104.18.33.19
104.75.89.75
13.224.189.122
13.224.189.42
13.224.189.86
13.225.78.103
13.225.78.124
13.248.245.213
141.226.228.48
142.250.186.162
151.101.193.44
162.19.138.117
176.34.141.217
178.250.0.163
178.250.2.146
18.156.32.70
18.158.158.96
18.196.238.199
184.30.20.22
184.31.94.14
185.255.84.152
185.64.189.110
185.86.139.114
198.54.125.161
20.234.93.27
2001:4860:4802:34::178
2600:1f18:612b:4216:f6:411e:ff52:dd4b
2600:9000:2016:6200:2:856a:59c0:93a1
2600:9000:21f3:1000:18:d154:1680:21
2620:1ec:bdf::45
2620:1ec:c11::200
2a00:1450:4001:806::200a
2a00:1450:4001:812::2008
2a00:1450:4001:827::2002
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2003
2a00:1450:4001:830::2003
2a00:1450:400c:c09::9a
2a02:2638:1::d
2a02:2638::1c
2a03:2880:f080:9:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
3.126.56.137
3.143.128.248
34.107.179.180
34.117.157.22
34.96.102.137
37.157.2.234
37.252.171.21
40.64.128.231
40.76.174.66
51.143.102.21
52.16.99.144
52.183.82.125
52.33.148.114
52.49.74.99
52.49.90.126
52.57.144.0
64.202.112.127
69.173.144.165
74.119.119.150
85.215.5.31
043051a6eedba5ed876e0775b25c04b44ce094c9a61ac6e1cbc6cbae426ab5b1
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
06ad0fee56f05fbedccfc3a732088e402e1286c008cd37eb57f8307761877b8b
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0aa78c95eea7b33ed4357122db2cc7d9aec1f88624c8c514739ffc8324ba5424
0f427d0f88a0698c955ff63bf13af4ca80c9b32f218b5e210847450da901a74f
13d59b945a9445d36344c79c26a3b2941b8fe47b295ee2d04dcd0b4eb96d7267
1eebeaf7d5d554f3243f6bf5a321eb1afe2507d3aebc4856db4d7bfe36744ec2
1fc63aa7bbaa5ac735fb916aac1525d78e3a81a6185e198bd790f7b513e9da7d
21104f3eedd238d97851893fe04d6421ff6be5300089ae0135ef4addf6693e80
2410efe4755561ca781e188eb745c3cee55c2e7bc06e0592aa385980355d463b
27a340dfd1cde40899f76b2d09c199b7a4ed43ec71f054fdd00cfb3d6bfe99a9
2a0be44bab5a09d82f4758e320d2b5b13876daa5d8cdd5f10b208fb78200184a
2c54989bdaf28154015c1253e3d3d0692f6ce8fe696e396ed7a750f715dc16ca
3178cccfc4bf1f0b0aa129a97af37f2f993dd171c10e26361c0072df46085cf8
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
36a0e7b217819689254f9bece316ee177ff94fa1fb7983d52fb2eea812d7cf74
38456e4331db37eaf787267d081819f928f3191dc7dd11e212cf5d8c18b895a3
39df89d8660d598dd69b909f2fb68233f57ce85e3fc7227cc3dd07dce5ed5098
3f83bdd19b401bb9a75be47e9c246e9b6d2dc35e1369ee99ebb2cc71b401761e
48ba06f12f2ea8c7c25cb26039eda2259547fb8116fb927094b3fd6c844183ba
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e3038b4e6dc28bef0ffd0802351e820e63cc46777347b96f8632df54e94c3e0
4f9f134f5f92de093c76df41c0130b5bb991ab8dbb90325a394f5e74ed3d7029
5266a11278de436c711a6fc1ab0618616f2495135c0157b21899c11f19ab163a
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0
536f17f68173373b9b0d9325491dd54f1136205a98e61f683649ca10104f5fcc
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
5f6d489cdb810f12ba27d57e004c34ac16eefb9c61ff2192c1d1b29c85180105
61a0daafbfc20a7402f2d43c0846670323ba1750ac92aedc1472c4d1c0dbf937
63343d89574166adb90256d3c49eb77b72804b7d310ef577a8bda79cb7dbc97c
63c477637b224a600a63d304a9655bf591d4cef6080f77ff4ecd70526f16d893
64049fc030d4dfaf80e1d8c77d8fe2787b0738bb2fc2e7a479b048ef73ea2d39
650d1380b55b1f1737132c8a4e778e30399e5fee3ee4767b20621b3c8de88379
6571537d158dbc2a0c5e4bfd47f508099ff416158080dcafc0a6868613d7606f
65d1fca57bd54c0a0327ff0237b1b73453b653188154886db994f690ed0adcc9
6a9f385e8247103f03084425e290613df8167118f39faa4a0c89fe81a6a16f28
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d7107ff695fa3d7ab73d22183f9522d6960e9fab0e79bf949da21f537a9989f
737be8d2a2db4d729155190f62d3b1f656cdaec35b42b59eeeda3043246a50cd
79feceefb984f6e47af56b29113b778091145ac701e71c0201c162a593f9cbc1
7b55689a5637481aec3b46514af7b0790eb431be6842458edeafa1576862c52b
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551
7e5c536457461972554c2d74e06e3f19406eeaa27f514896e84ff908774b5fce
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
7f0aa617d0c6342d5bece7cf736cb226b3dc17794985031ea73159d471232edf
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
877df0c5bed07ec118206d7ab59f55534378b432bc117f11cb373d3439ca698f
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a34fefeaacfe1f612d64877d8b9cf5298c1096f90e25d3641ee99eb774200ad
90f899910a7b57c79c6170bdd001b95c2852cbbc0b00301a3d7dee18e632d9be
95f1be481f9ca8756702701a87aa89ed613e8a82c0f28757d578570cce171bc9
9830f0db03d828789b96e13503a0bfdfc6a51c3684962b2de5e8cd97aa4eacf2
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1eba6dc9d90b189d182d9c6c932f971cd1594c433440ef8520227dbaff7a414
a27135e413d0d182cddfee6ca249b59e2f7bf8838c486e544aeb76c2701b27e5
a289fa29e89768df3ae9bac81c33715a595c3a06448c231535b59d3e6e97d57c
a5d800754ca9a9ece3b760b994c8335b336f1539771f2a4f3877ea250117bf26
a5e2573d899dae45986c63bf1f8aa164ad2eeb2737ab84dae1999e777d3859c8
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
aff9528985f2138a922b7e393be9e6acee4d39e7d7fbb982fd1d79959311c9cd
b09bf3c14ffa5035a36f6f8d27b26f8ba451f58985ef615fed269e27fbd6dd7c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
cbffce6f8642619af7ed7335e32750f7f2933765d32c113115da0710aa7deadc
cc8a16ce849d72f106bd67187e4b60c20da3093375202bf0b53f23e8f40a8b11
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d4a922fb863d81a6607a0d6ec136c5de2b3132ec70ed4311758c72d8742aac2d
d52a0a6f743cfad5d974390f0abcdb261ad4b56ed69eac5e71d580b857a888a1
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e09a271b55f77a7866ed5c3b09418e54438e89f7f0148abf28ca5b10cb0b44a1
e18e21ce34059238d88626ff518f0898432519c13c32d0d3afd895c0abd70520
e35d978a0a2ab0939b917aef450b4074fe1ab3d841223e4dc00f960cefd0a2e9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2c4b7d20ff42a433d0c76631c460cd75128f8f0436d052ce2cf79dc4fa6a244
fdd8c45862683476506733e7600c95fd8ab32a1508801404bb7d76cc2b12217e
fddaf89efdd0c1f57df26aa2cf94a337382a982dfe5b6f2adc6b6c76f090ef56

www.getthebuzzbgone.com Open in urlscan Pro 2600:9000:2016:6200:2:856a:59c0:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

150 Requests

92 %HTTPS

27 %IPv6

49 Domains

66 Subdomains

60 IPs

9 Countries

1699 kBTransfer

5497 kBSize

73 Cookies

3 Outgoing links

Page URL History

Redirected requests

150 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.getthebuzzbgone.com Open in urlscan Pro
2600:9000:2016:6200:2:856a:59c0:93a1 Public Scan

Screenshot
Live screenshot

Full Image

150
Requests

92 %
HTTPS

27 %
IPv6

49
Domains

66
Subdomains

60
IPs

9
Countries

1699 kB
Transfer

5497 kB
Size

73
Cookies

150 HTTP transactions
4 data transactions