urlscan.io logo urlscan.io
SecurityTrails logo

www.truthaboutfungus.com Open in urlscan Pro
2606:4700:10::6814:e786  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://fg2dw.info/
Effective URL: https://www.truthaboutfungus.com/DiscountOfferNHL2-YTBMPS/?s1=402&s2=5608_sessid20200301121620083&s3=&s4=&affId=68&c1=402
Submission: On March 01 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 5 countries across 13 domains to perform 27 HTTP transactions. The main IP is 2606:4700:10::6814:e786, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.truthaboutfungus.com.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on October 15th 2019. Valid for: 6 months.
This is the only time www.truthaboutfungus.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 184.168.131.241 26496 (AS-26496-...)
1 1 52.59.161.204 16509 (AMAZON-02)
1 1 50.23.130.135 36351 (SOFTLAYER)
1 1 35.155.223.96 16509 (AMAZON-02)
16 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 4 92.122.252.179 16625 (AKAMAI-AS)
1 2 3.248.28.111 16509 (AMAZON-02)
27 9
1    184.168.131.241 (Scottsdale, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-184-168-131-241.ip.secureserver.net
fg2dw.info
1    52.59.161.204 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-161-204.eu-central-1.compute.amazonaws.com
track.trackingbeard.net
1    50.23.130.135 (Seattle, United States)

ASN36351 (SOFTLAYER, US)
PTR: 87.82.1732.ip4.static.sl-reverse.com
m756w.com
1    35.155.223.96 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-155-223-96.us-west-2.compute.amazonaws.com
inthealthtrk.com
16    2606:4700:10::6814:e786 (United States)

ASN13335 (CLOUDFLARENET, US)
www.truthaboutfungus.com
1    2606:4700::6811:4104 (United States)

ASN13335 (CLOUDFLARENET, US)
ajax.cloudflare.com
1    2a00:1450:4001:817::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:81e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube-nocookie.com
1    2a00:1450:4001:815::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s.ytimg.com
2    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    92.122.252.179 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a92-122-252-179.deploy.static.akamaitechnologies.com
s.adroll.com
2    3.248.28.111 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-28-111.eu-west-1.compute.amazonaws.com
d.adroll.mgr.consensu.org
d.adroll.com
Domain Requested by
16 www.truthaboutfungus.com www.truthaboutfungus.com
4 s.adroll.com 1 redirects www.googletagmanager.com
s.adroll.com
2 stats.g.doubleclick.net www.googletagmanager.com
1 d.adroll.com
1 d.adroll.mgr.consensu.org 1 redirects
1 s.ytimg.com www.truthaboutfungus.com
1 www.youtube-nocookie.com www.truthaboutfungus.com
1 www.googletagmanager.com www.truthaboutfungus.com
1 ajax.googleapis.com ajax.cloudflare.com
1 ajax.cloudflare.com www.truthaboutfungus.com
1 inthealthtrk.com 1 redirects
1 m756w.com 1 redirects
1 track.trackingbeard.net 1 redirects
1 fg2dw.info 1 redirects
27 14

This site contains no links.

Subject Issuer Validity Valid
ssl951822.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-10-15 -
2020-04-22		 6 months crt.sh
cloudflare.com
CloudFlare Inc ECC CA-2		 2020-01-07 -
2020-10-09		 9 months crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2020-02-12 -
2020-05-06		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-02-12 -
2020-05-06		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-02-12 -
2020-05-06		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-02-12 -
2020-05-06		 3 months crt.sh
*.adroll.com
DigiCert SHA2 Secure Server CA		 2020-01-29 -
2021-04-29		 a year crt.sh
adroll.mgr.consensu.org
Amazon		 2019-11-06 -
2020-12-06		 a year crt.sh

This page contains 2 frames:

Primary Page: https://www.truthaboutfungus.com/DiscountOfferNHL2-YTBMPS/?s1=402&s2=5608_sessid20200301121620083&s3=&s4=&affId=68&c1=402
Frame ID: A4DC648F59AD65D3BC58758646863982
Requests: 26 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/CntxZ69mGts?enablejsapi=1&playsinline=1&fs=0&rel=0&controls=0&showinfo=0&autoplay=1
Frame ID: B05A666E2EDED9A7DFF17CB48567C441
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://fg2dw.info/ HTTP 302
    http://track.trackingbeard.net/828e526d-fc42-47d3-9407-33be061dfbc4 HTTP 302
    https://m756w.com/5608/402/130/?subid=w80dh0jvt8nolcathire2rjs HTTP 302
    https://inthealthtrk.com/?a=68&c=420&s2=5608_sessid20200301121620083&s1=402 HTTP 302
    https://www.truthaboutfungus.com/DiscountOfferNHL2-YTBMPS/?s1=402&s2=5608_sessid20200301121620083&s3=&s4=&aff... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

27
Requests

100 %
HTTPS

54 %
IPv6

13
Domains

14
Subdomains

9
IPs

5
Countries

408 kB
Transfer

592 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://fg2dw.info/ HTTP 302
    http://track.trackingbeard.net/828e526d-fc42-47d3-9407-33be061dfbc4 HTTP 302
    https://m756w.com/5608/402/130/?subid=w80dh0jvt8nolcathire2rjs HTTP 302
    https://inthealthtrk.com/?a=68&c=420&s2=5608_sessid20200301121620083&s1=402 HTTP 302
    https://www.truthaboutfungus.com/DiscountOfferNHL2-YTBMPS/?s1=402&s2=5608_sessid20200301121620083&s3=&s4=&affId=68&c1=402 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23
  • https://s.adroll.com/j/exp/LQIUK6L7JFEPHOEVOLE5C5/index.js HTTP 302
  • https://s.adroll.com/j/exp/index.js
Request Chain 25
  • https://d.adroll.mgr.consensu.org/consent/iabcheck/LQIUK6L7JFEPHOEVOLE5C5?_s=e6b99e4512485b0ada0c935d1608b13b&_b=2 HTTP 302
  • https://d.adroll.com/consent/check/LQIUK6L7JFEPHOEVOLE5C5/?_s=e6b99e4512485b0ada0c935d1608b13b&_b=2

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.truthaboutfungus.com/DiscountOfferNHL2-YTBMPS/
Redirect Chain
  • http://fg2dw.info/
  • http://track.trackingbeard.net/828e526d-fc42-47d3-9407-33be061dfbc4
  • https://m756w.com/5608/402/130/?subid=w80dh0jvt8nolcathire2rjs
  • https://inthealthtrk.com/?a=68&c=420&s2=5608_sessid20200301121620083&s1=402
  • https://www.truthaboutfungus.com/DiscountOfferNHL2-YTBMPS/?s1=402&s2=5608_sessid20200301121620083&s3=&s4=&affId=68&c1=402
36 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.truthaboutfungus.com/DiscountOfferNHL2-YTBMPS/?s1=402&s2=5608_sessid20200301121620083&s3=&s4=&affId=68&c1=402
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:e786 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a38821138aa79dc5d9bae2f866fe9f137e4648a68b26935e8d8d2e038d6d560

Request headers

:method
GET
:authority
www.truthaboutfungus.com
:scheme
https
:path
/DiscountOfferNHL2-YTBMPS/?s1=402&s2=5608_sessid20200301121620083&s3=&s4=&affId=68&c1=402
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Sun, 01 Mar 2020 12:16:31 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d7743d4630ca02e28fb8d147b7cb081db1583064991; expires=Tue, 31-Mar-20 12:16:31 GMT; path=/; domain=.truthaboutfungus.com; HttpOnly; SameSite=Lax; Secure looked=yes; expires=Sun, 01-Mar-2020 13:16:31 GMT; Max-Age=3600 PHPSESSID=4d7268117139d2e877233bad2a0118f4; path=/
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate max-age=600, private, must-revalidate
pragma
no-cache
vary
Accept-Encoding
x-proxy-cache
MISS
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
56d2cf41be30c272-FRA
content-encoding
br

Redirect headers

Cache-Control
private
Content-Length
258
Content-Type
text/html; charset=utf-8
Date
Sun, 01 Mar 2020 12:16:29 GMT
Location
https://www.truthaboutfungus.com/DiscountOfferNHL2-YTBMPS/?s1=402&s2=5608_sessid20200301121620083&s3=&s4=&affId=68&c1=402
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie
sid=Um3S5Tee/Y6AmFgEinKKeQb1Wr9SDFrFHWe3yl1hhy2mEP+n2MyKaA==; domain=.inthealthtrk.com; path=/; SameSite=None; secure; HttpOnly trk=UO+8bhBQVO+AmFgEinKKeQb1Wr9SDFrFHWe3yl1hhy2mEP+n2MyKaA==; domain=.inthealthtrk.com; expires=Sat, 01-Mar-2025 04:16:30 GMT; path=/; SameSite=None; secure; HttpOnly c27=Um3S5Tee/Y6oOP+NadU9XIjQMT7qrfZ8Ey4puPA5fcA=; domain=.inthealthtrk.com; expires=Tue, 31-Mar-2020 12:16:30 GMT; path=/; SameSite=None; secure; HttpOnly
Connection
close
progressbar.gif
www.truthaboutfungus.com/DiscountOfferNHL2-YTBMPS/imgs/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.truthaboutfungus.com/DiscountOfferNHL2-YTBMPS/imgs/progressbar.gif
Requested by
Host: www.truthaboutfungus.com
URL: https://www.truthaboutfungus.com/DiscountOfferNHL2-YTBMPS/?s1=402&s2=5608_sessid20200301121620083&s3=&s4=&affId=68&c1=402
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:e786 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
476a7b1085cc64de1c0eb74a6776fa8385d57eb18774f199df83fc4d7bbcc24e

Request headers

Referer
https://www.truthaboutfungus.com/DiscountOfferNHL2-YTBMPS/?s1=402&s2=5608_sessid20200301121620083&s3=&s4=&affId=68&c1=402
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sun, 01 Mar 2020 12:16:31 GMT
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
status
200
cache-control
public, max-age=2692000
accept-ranges
bytes
cf-ray
56d2cf42e995c272-FRA
content-length
10819
x-proxy-cache
MISS
new2HL1-min.png
www.truthaboutfungus.com/DiscountOfferNHL2-YTBMPS/imgs/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.truthaboutfungus.com/DiscountOfferNHL2-YTBMPS/imgs/new2HL1-min.png
Requested by
Host: www.truthaboutfungus.com
URL: https://www.truthaboutfungus.com/DiscountOfferNHL2-YTBMPS/?s1=402&s2=5608_sessid20200301121620083&s3=&s4=&affId=68&c1=402
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:e786 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de618be39cd6ece4b3108c7c2bf5088da84f21e4c3491b91e76f350e12ad2825

Request headers

Referer
https://www.truthaboutfungus.com/DiscountOfferNHL2-YTBMPS/?s1=402&s2=5608_sessid20200301121620083&s3=&s4=&affId=68&c1=402
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sun, 01 Mar 2020 12:16:31 GMT
cf-cache-status
HIT
age
201618
cf-polished
origFmt=png, origSize=26203
status
200
content-disposition
inline; filename="new2HL1-min.webp"
content-length
23944
cf-bgj
imgq:85
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
public, max-age=2692000
accept-ranges
bytes
cf-ray
56d2cf42e997c272-FRA
x-proxy-cache
MISS
ScreenplayN2.jpg
www.truthaboutfungus.com/DiscountOfferNHL2-YTBMPS/imgs/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.truthaboutfungus.com/DiscountOfferNHL2-YTBMPS/imgs/ScreenplayN2.jpg
Requested by
Host: www.truthaboutfungus.com
URL: https://www.truthaboutfungus.com/DiscountOfferNHL2-YTBMPS/?s1=402&s2=5608_sessid20200301121620083&s3=&s4=&affId=68&c1=402
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:e786 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e9a1b0f2b164d2d54f384d3e7bd38cef0584fca485359b819fdee2deeb981fc

Request headers

Referer
https://www.truthaboutfungus.com/DiscountOfferNHL2-YTBMPS/?s1=402&s2=5608_sessid20200301121620083&s3=&s4=&affId=68&c1=402
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sun, 01 Mar 2020 12:16:31 GMT
cf-cache-status
HIT
cf-bgj
imgq:85
server
cloudflare
age
477279
cf-polished
origSize=36925, status=webp_bigger
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=2692000
accept-ranges
bytes
cf-ray
56d2cf42f9a2c272-FRA
content-length
36444
x-proxy-cache
MISS
CNP_package_1_resized.png
www.truthaboutfungus.com/DiscountOfferNHL2-WistBM/imgs/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.truthaboutfungus.com/DiscountOfferNHL2-WistBM/imgs/CNP_package_1_resized.png
Requested by
Host: www.truthaboutfungus.com
URL: https://www.truthaboutfungus.com/DiscountOfferNHL2-YTBMPS/?s1=402&s2=5608_sessid20200301121620083&s3=&s4=&affId=68&c1=402
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:e786 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ccd07d314da476330e54b8e9ecf437fb7716b575c73faa837d1d921070c8066

Request headers

Referer
https://www.truthaboutfungus.com/DiscountOfferNHL2-YTBMPS/?s1=402&s2=5608_sessid20200301121620083&s3=&s4=&affId=68&c1=402
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sun, 01 Mar 2020 12:16:31 GMT
cf-cache-status
HIT
age
262930
cf-polished
origFmt=png, origSize=16810
status
200
content-disposition
inline; filename="CNP_package_1_resized.webp"
content-length
16086
cf-bgj
imgq:85
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
public, max-age=2692000
accept-ranges
bytes
cf-ray
56d2cf42f9a4c272-FRA
x-proxy-cache
MISS
CNP_package_6_resized.png
www.truthaboutfungus.com/DiscountOfferNHL2-WistBM/imgs/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.truthaboutfungus.com/DiscountOfferNHL2-WistBM/imgs/CNP_package_6_resized.png
Requested by
Host: www.truthaboutfungus.com
URL: https://www.truthaboutfungus.com/DiscountOfferNHL2-YTBMPS/?s1=402&s2=5608_sessid20200301121620083&s3=&s4=&affId=68&c1=402
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:e786 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4461d003f4dfb3d97cc5592488fb979d44d1a6fc33a12fc3da797f6bc94df20e

Request headers

Referer
https://www.truthaboutfungus.com/DiscountOfferNHL2-YTBMPS/?s1=402&s2=5608_sessid20200301121620083&s3=&s4=&affId=68&c1=402
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sun, 01 Mar 2020 12:16:31 GMT
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=2692000
accept-ranges
bytes
cf-ray
56d2cf42f9a5c272-FRA
content-length
26120
x-proxy-cache
MISS
CNP_package_3_resized.png
www.truthaboutfungus.com/DiscountOfferNHL2-WistBM/imgs/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.truthaboutfungus.com/DiscountOfferNHL2-WistBM/imgs/CNP_package_3_resized.png
Requested by
Host: www.truthaboutfungus.com
URL: https://www.truthaboutfungus.com/DiscountOfferNHL2-YTBMPS/?s1=402&s2=5608_sessid20200301121620083&s3=&s4=&affId=68&c1=402
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:e786 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b993317aff71fe9260e22d9855934d6192f1ca845bc85d33d05825c960f053a4

Request headers

Referer
https://www.truthaboutfungus.com/DiscountOfferNHL2-YTBMPS/?s1=402&s2=5608_sessid20200301121620083&s3=&s4=&affId=68&c1=402
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sun, 01 Mar 2020 12:16:31 GMT
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=2692000
accept-ranges
bytes
cf-ray
56d2cf42f9a7c272-FRA
content-length
20892
x-proxy-cache
MISS
book-C.png
www.truthaboutfungus.com/DiscountOfferNHL2-YTBMPS/imgs/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.truthaboutfungus.com/DiscountOfferNHL2-YTBMPS/imgs/book-C.png
Requested by
Host: www.truthaboutfungus.com
URL: https://www.truthaboutfungus.com/DiscountOfferNHL2-YTBMPS/?s1=402&s2=5608_sessid20200301121620083&s3=&s4=&affId=68&c1=402
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:e786 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02cb5123f793644dd260a5085a26c758e9ce69e7f2bc21e9ff24aa86be0f9aac

Request headers

Referer
https://www.truthaboutfungus.com/DiscountOfferNHL2-YTBMPS/?s1=402&s2=5608_sessid20200301121620083&s3=&s4=&affId=68&c1=402
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sun, 01 Mar 2020 12:16:31 GMT
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=2692000
accept-ranges
bytes
cf-ray
56d2cf42f9a9c272-FRA
content-length
14765
x-proxy-cache
MISS
bookC1.png
www.truthaboutfungus.com/DiscountOfferNHL2-YTBMPS/imgs/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.truthaboutfungus.com/DiscountOfferNHL2-YTBMPS/imgs/bookC1.png
Requested by
Host: www.truthaboutfungus.com
URL: https://www.truthaboutfungus.com/DiscountOfferNHL2-YTBMPS/?s1=402&s2=5608_sessid20200301121620083&s3=&s4=&affId=68&c1=402
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:e786 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8aaf483db95702cf7535281f6a3616458331fd875e77c0ae7239db32a200580

Request headers

Referer
https://www.truthaboutfungus.com/DiscountOfferNHL2-YTBMPS/?s1=402&s2=5608_sessid20200301121620083&s3=&s4=&affId=68&c1=402
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sun, 01 Mar 2020 12:16:31 GMT
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=2692000
accept-ranges
bytes
cf-ray
56d2cf42f9abc272-FRA
content-length
23627
x-proxy-cache
MISS
testmob1.png
www.truthaboutfungus.com/DiscountOfferNHL2-YTBMPS/imgs/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.truthaboutfungus.com/DiscountOfferNHL2-YTBMPS/imgs/testmob1.png
Requested by
Host: www.truthaboutfungus.com
URL: https://www.truthaboutfungus.com/DiscountOfferNHL2-YTBMPS/?s1=402&s2=5608_sessid20200301121620083&s3=&s4=&affId=68&c1=402
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:e786 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17b42968f6a1bb08923b363f97160a5dcbe0859a963bdb160d84df31a904b936

Request headers

Referer
https://www.truthaboutfungus.com/DiscountOfferNHL2-YTBMPS/?s1=402&s2=5608_sessid20200301121620083&s3=&s4=&affId=68&c1=402
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sun, 01 Mar 2020 12:16:31 GMT
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=2692000
accept-ranges
bytes
cf-ray
56d2cf42f9adc272-FRA
content-length
8619
x-proxy-cache
MISS
testmob2.png
www.truthaboutfungus.com/DiscountOfferNHL2-YTBMPS/imgs/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.truthaboutfungus.com/DiscountOfferNHL2-YTBMPS/imgs/testmob2.png
Requested by
Host: www.truthaboutfungus.com
URL: https://www.truthaboutfungus.com/DiscountOfferNHL2-YTBMPS/?s1=402&s2=5608_sessid20200301121620083&s3=&s4=&affId=68&c1=402
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:e786 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d26593c93f61ac3b240c381814565cf7b34b176217ffa37af48cce6b295cb8de

Request headers

Referer
https://www.truthaboutfungus.com/DiscountOfferNHL2-YTBMPS/?s1=402&s2=5608_sessid20200301121620083&s3=&s4=&affId=68&c1=402
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sun, 01 Mar 2020 12:16:31 GMT
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=2692000
accept-ranges
bytes
cf-ray
56d2cf42f9aec272-FRA
content-length
8115
x-proxy-cache
MISS
testmob3.png
www.truthaboutfungus.com/DiscountOfferNHL2-YTBMPS/imgs/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.truthaboutfungus.com/DiscountOfferNHL2-YTBMPS/imgs/testmob3.png
Requested by
Host: www.truthaboutfungus.com
URL: https://www.truthaboutfungus.com/DiscountOfferNHL2-YTBMPS/?s1=402&s2=5608_sessid20200301121620083&s3=&s4=&affId=68&c1=402
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:e786 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c313ecb463204e95ece8af2cefd2c22d2f228bbefc4453da8e2b42a9bc1dd91

Request headers

Referer
https://www.truthaboutfungus.com/DiscountOfferNHL2-YTBMPS/?s1=402&s2=5608_sessid20200301121620083&s3=&s4=&affId=68&c1=402
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sun, 01 Mar 2020 12:16:31 GMT
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=2692000
accept-ranges
bytes
cf-ray
56d2cf42f9afc272-FRA
content-length
8254
x-proxy-cache
MISS
guar.png
www.truthaboutfungus.com/DiscountOfferNHL2-YTBMPS/imgs/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.truthaboutfungus.com/DiscountOfferNHL2-YTBMPS/imgs/guar.png
Requested by
Host: www.truthaboutfungus.com
URL: https://www.truthaboutfungus.com/DiscountOfferNHL2-YTBMPS/?s1=402&s2=5608_sessid20200301121620083&s3=&s4=&affId=68&c1=402
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:e786 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37d94fe68ae3b45470eae9af2689db4a8a7040a31d164fdb539d951c3dfebe4a

Request headers

Referer
https://www.truthaboutfungus.com/DiscountOfferNHL2-YTBMPS/?s1=402&s2=5608_sessid20200301121620083&s3=&s4=&affId=68&c1=402
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sun, 01 Mar 2020 12:16:31 GMT
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=2692000
accept-ranges
bytes
cf-ray
56d2cf42f9b1c272-FRA
content-length
12262
x-proxy-cache
MISS
email-decode.min.js
www.truthaboutfungus.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
833 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.truthaboutfungus.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.truthaboutfungus.com
URL: https://www.truthaboutfungus.com/DiscountOfferNHL2-YTBMPS/?s1=402&s2=5608_sessid20200301121620083&s3=&s4=&affId=68&c1=402
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:e786 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.truthaboutfungus.com/DiscountOfferNHL2-YTBMPS/?s1=402&s2=5608_sessid20200301121620083&s3=&s4=&affId=68&c1=402
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sun, 01 Mar 2020 12:16:31 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Wed, 26 Feb 2020 11:08:35 GMT
server
cloudflare
etag
W/"5e5651b3-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
cache-control
max-age=172800, public
cf-ray
56d2cf42f9a1c272-FRA
expires
Tue, 03 Mar 2020 12:16:31 GMT
rocket-loader.min.js
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Requested by
Host: www.truthaboutfungus.com
URL: https://www.truthaboutfungus.com/DiscountOfferNHL2-YTBMPS/?s1=402&s2=5608_sessid20200301121620083&s3=&s4=&affId=68&c1=402
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.truthaboutfungus.com/DiscountOfferNHL2-YTBMPS/?s1=402&s2=5608_sessid20200301121620083&s3=&s4=&affId=68&c1=402
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sun, 01 Mar 2020 12:16:31 GMT
content-encoding
gzip
last-modified
Wed, 26 Feb 2020 11:08:35 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5e5651b3-3016"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=172800, public
strict-transport-security
max-age=15780000; includeSubDomains
cf-ray
56d2cf4349e6969e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
expires
Tue, 03 Mar 2020 12:16:31 GMT
trans.png
www.truthaboutfungus.com/DiscountOfferNHL2-YTBMPS/imgs/ 		96 B
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.truthaboutfungus.com/DiscountOfferNHL2-YTBMPS/imgs/trans.png
Requested by
Host: www.truthaboutfungus.com
URL: https://www.truthaboutfungus.com/DiscountOfferNHL2-YTBMPS/?s1=402&s2=5608_sessid20200301121620083&s3=&s4=&affId=68&c1=402
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:e786 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bdb18261ee7f56b879c2e307d8f3569349ffb6543eef9e38e321c51bbe91a08

Request headers

Referer
https://www.truthaboutfungus.com/DiscountOfferNHL2-YTBMPS/?s1=402&s2=5608_sessid20200301121620083&s3=&s4=&affId=68&c1=402
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sun, 01 Mar 2020 12:16:31 GMT
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=2692000
accept-ranges
bytes
cf-ray
56d2cf42f9b5c272-FRA
content-length
96
x-proxy-cache
MISS
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.1.0/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.1.0/jquery.min.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.truthaboutfungus.com/DiscountOfferNHL2-YTBMPS/?s1=402&s2=5608_sessid20200301121620083&s3=&s4=&affId=68&c1=402
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 04 Feb 2020 05:07:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2272145
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
30211
x-xss-protection
0
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 Feb 2021 05:07:26 GMT
gtm.js
www.googletagmanager.com/ 		57 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T4BR2B8
Requested by
Host: www.truthaboutfungus.com
URL: https://www.truthaboutfungus.com/DiscountOfferNHL2-YTBMPS/?s1=402&s2=5608_sessid20200301121620083&s3=&s4=&affId=68&c1=402
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
491d5f1d62d78d57f7688772e0e1efb8251a43cc6e218ed70487808065dbd475
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.truthaboutfungus.com/DiscountOfferNHL2-YTBMPS/?s1=402&s2=5608_sessid20200301121620083&s3=&s4=&affId=68&c1=402
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sun, 01 Mar 2020 12:16:31 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
21421
x-xss-protection
0
last-modified
Sun, 01 Mar 2020 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 01 Mar 2020 12:16:31 GMT
CntxZ69mGts
www.youtube-nocookie.com/embed/ Frame B05A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/embed/CntxZ69mGts?enablejsapi=1&playsinline=1&fs=0&rel=0&controls=0&showinfo=0&autoplay=1
Requested by
Host: www.truthaboutfungus.com
URL: https://www.truthaboutfungus.com/DiscountOfferNHL2-YTBMPS/?s1=402&s2=5608_sessid20200301121620083&s3=&s4=&affId=68&c1=402
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube-nocookie.com
:scheme
https
:path
/embed/CntxZ69mGts?enablejsapi=1&playsinline=1&fs=0&rel=0&controls=0&showinfo=0&autoplay=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://www.truthaboutfungus.com/DiscountOfferNHL2-YTBMPS/?s1=402&s2=5608_sessid20200301121620083&s3=&s4=&affId=68&c1=402
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://www.truthaboutfungus.com/DiscountOfferNHL2-YTBMPS/?s1=402&s2=5608_sessid20200301121620083&s3=&s4=&affId=68&c1=402

Response headers

status
200
strict-transport-security
max-age=31536000
content-type
text/html; charset=utf-8
cache-control
no-cache
expires
Tue, 27 Apr 1971 19:44:06 GMT
x-content-type-options
nosniff
content-encoding
br
date
Sun, 01 Mar 2020 12:16:31 GMT
server
YouTube Frontend Proxy
x-xss-protection
0
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
www-widgetapi.js
s.ytimg.com/yts/jsbin/www-widgetapi-vflgX_lHM/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ytimg.com/yts/jsbin/www-widgetapi-vflgX_lHM/www-widgetapi.js
Requested by
Host: www.truthaboutfungus.com
URL: https://www.truthaboutfungus.com/DiscountOfferNHL2-YTBMPS/?s1=402&s2=5608_sessid20200301121620083&s3=&s4=&affId=68&c1=402
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd6b18ff49e6f8b2a4729827452ce62bf9d8f7a66ef683ebfa581d7fb4b4f3a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.truthaboutfungus.com/DiscountOfferNHL2-YTBMPS/?s1=402&s2=5608_sessid20200301121620083&s3=&s4=&affId=68&c1=402
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sun, 01 Mar 2020 12:16:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 02 Jul 2018 17:57:02 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript
status
200
cache-control
public, max-age=691200
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7700
x-xss-protection
0
expires
Mon, 09 Mar 2020 12:16:31 GMT
comments-min.jpg
www.truthaboutfungus.com/DiscountOfferNHL2-YTBMPS/imgs/ 		98 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.truthaboutfungus.com/DiscountOfferNHL2-YTBMPS/imgs/comments-min.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:e786 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8708eed08001ee2a1d651899df0da18e586f87654ea6f4eb59d1659c284f0bc

Request headers

Referer
https://www.truthaboutfungus.com/DiscountOfferNHL2-YTBMPS/?s1=402&s2=5608_sessid20200301121620083&s3=&s4=&affId=68&c1=402
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sun, 01 Mar 2020 12:16:31 GMT
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=2692000
accept-ranges
bytes
cf-ray
56d2cf445cfdc272-FRA
content-length
100486
x-proxy-cache
MISS
dc.js
stats.g.doubleclick.net/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T4BR2B8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.truthaboutfungus.com/DiscountOfferNHL2-YTBMPS/?s1=402&s2=5608_sessid20200301121620083&s3=&s4=&affId=68&c1=402
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
285
date
Sun, 01 Mar 2020 12:11:46 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17093
expires
Sun, 01 Mar 2020 14:11:46 GMT
roundtrip.js
s.adroll.com/j/ 		34 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/roundtrip.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T4BR2B8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.252.179 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-252-179.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
2e8482bdd64c06f5dad92fc1e1efa5815f58f5664578a65a9b9ec783dacc9726

Request headers

Referer
https://www.truthaboutfungus.com/DiscountOfferNHL2-YTBMPS/?s1=402&s2=5608_sessid20200301121620083&s3=&s4=&affId=68&c1=402
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-amz-version-id
zw3gDafwdfmkA1kq9nPAA6cid7KliPGC
Content-Encoding
gzip
x-amz-request-id
CE15E065D7E22EED
x-amz-server-side-encryption
AES256
Access-Control-Max-Age
600
Date
Sun, 01 Mar 2020 12:16:31 GMT
Connection
keep-alive
Content-Length
10763
x-amz-id-2
wOrGMeC33EoelqOJ7dwwlkTLg9kqPkFTKyRMu/cmUvDcvHHYWzg4iOMJp7KtdjxIG8VI85OWS40=
Last-Modified
Thu, 27 Feb 2020 16:21:23 GMT
Server
AmazonS3
ETag
"6cffbe2b1eafeaff85a7f1d4ea035464"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
__utm.gif
stats.g.doubleclick.net/r/ 		35 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=1105889656&utmhn=www.truthaboutfungus.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Clear%20Nails%20Plus&utmhid=1382794885&utmr=-&utmp=%2FDiscountOfferNHL2-YTBMPS%2F%3Fs1%3D402%26s2%3D5608_sessid20200301121620083%26s3%3D%26s4%3D%26affId%3D68%26c1%3D402&utmht=1583064991455&utmac=UA-136162175-1&utmgtm=2wg2j0T4BR2B8&utmcc=__utma%3D152242300.1973960565.1583064991.1583064991.1583064991.1%3B%2B__utmz%3D152242300.1583064991.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=805266196&utmredir=3&utmu=qmAgAABAAAGBAAAAAgAAAAAE~
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.truthaboutfungus.com/DiscountOfferNHL2-YTBMPS/?s1=402&s2=5608_sessid20200301121620083&s3=&s4=&affId=68&c1=402
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
date
Sun, 01 Mar 2020 12:16:31 GMT
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.js
s.adroll.com/j/exp/
Redirect Chain
  • https://s.adroll.com/j/exp/LQIUK6L7JFEPHOEVOLE5C5/index.js
  • https://s.adroll.com/j/exp/index.js
28 B
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/exp/index.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.252.179 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-252-179.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Referer
https://www.truthaboutfungus.com/DiscountOfferNHL2-YTBMPS/?s1=402&s2=5608_sessid20200301121620083&s3=&s4=&affId=68&c1=402
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
FcaZ9fQuufI0j2Jlie4e0Qn7iovsdj20
Content-Encoding
gzip
x-amz-request-id
1C12E7297FB49E16
x-amz-server-side-encryption
AES256
Access-Control-Max-Age
600
Date
Sun, 01 Mar 2020 12:16:31 GMT
Connection
keep-alive
Content-Length
48
x-amz-id-2
tGVe53EdMDMpGnbiBCSphJKz/n0ft+FHNPqUPS+0RVo3vBOGXeXjTUNEoUoZoCtnE0VVnHoUJls=
Last-Modified
Fri, 21 Feb 2020 18:14:11 GMT
Server
AmazonS3
ETag
"5816cced8568d223aa09d889f300692b"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*

Redirect headers

Date
Sun, 01 Mar 2020 12:16:31 GMT
Server
AkamaiGHost
Access-Control-Allow-Origin
*
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Location
https://s.adroll.com/j/exp/index.js
Access-Control-Allow-Credentials
false
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
0
index.js
s.adroll.com/j/pre/LQIUK6L7JFEPHOEVOLE5C5/2E3YUNMMCNGDXAUD2BUADG/ 		0
773 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/pre/LQIUK6L7JFEPHOEVOLE5C5/2E3YUNMMCNGDXAUD2BUADG/index.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.252.179 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-252-179.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.truthaboutfungus.com/DiscountOfferNHL2-YTBMPS/?s1=402&s2=5608_sessid20200301121620083&s3=&s4=&affId=68&c1=402
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-amz-version-id
eFe8lfsY_G15Reayt8OJVMt2XICNk1n9
Content-Encoding
gzip
x-amz-request-id
2F620D7E794F6C14
x-amz-server-side-encryption
AES256
Access-Control-Max-Age
600
Date
Sun, 01 Mar 2020 12:16:31 GMT
Connection
keep-alive
Content-Length
20
x-amz-id-2
5BA6n+HzwXmZuWuwuHPv8lT73C0siPA+v8ApgQcmjqaFk6Txk+oD+/eeQelMPudg71Vir4joSqw=
Last-Modified
Sun, 01 Mar 2020 09:32:20 GMT
Server
AmazonS3
ETag
"d41d8cd98f00b204e9800998ecf8427e"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
/
d.adroll.com/consent/check/LQIUK6L7JFEPHOEVOLE5C5/
Redirect Chain
  • https://d.adroll.mgr.consensu.org/consent/iabcheck/LQIUK6L7JFEPHOEVOLE5C5?_s=e6b99e4512485b0ada0c935d1608b13b&_b=2
  • https://d.adroll.com/consent/check/LQIUK6L7JFEPHOEVOLE5C5/?_s=e6b99e4512485b0ada0c935d1608b13b&_b=2
116 B
208 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/consent/check/LQIUK6L7JFEPHOEVOLE5C5/?_s=e6b99e4512485b0ada0c935d1608b13b&_b=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.28.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-28-111.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
90f94c64548a2a8f2ce1177863981ba387c4d915d4e3c4d1370ed7721f18adaf

Request headers

Referer
https://www.truthaboutfungus.com/DiscountOfferNHL2-YTBMPS/?s1=402&s2=5608_sessid20200301121620083&s3=&s4=&affId=68&c1=402
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Sun, 01 Mar 2020 12:16:31 GMT
server
nginx/1.16.1
content-length
116
content-type
application/javascript

Redirect headers

status
302
date
Sun, 01 Mar 2020 12:16:31 GMT
server
nginx/1.16.1
content-length
105
location
https://d.adroll.com/consent/check/LQIUK6L7JFEPHOEVOLE5C5/?_s=e6b99e4512485b0ada0c935d1608b13b&_b=2

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| __cfQR object| dataLayer function| $ function| jQuery object| player function| onYouTubeIframeAPIReady function| onPlayerReady function| onPlayerStateChange function| stopedVideo function| show number| remain_bv function| parseTime_bv boolean| click function| init function| grayOut boolean| __cfRLUnblockHandlers function| onYTReady number| $time object| google_tag_manager object| _gaq string| adroll_adv_id string| adroll_pix_id boolean| __adroll_loaded object| _gat object| gaGlobal string| adroll_sid object| __adroll boolean| adroll_optout object| adroll_ext_network object| adroll_callbacks function| adroll_tpc_callback object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| YT object| video boolean| __adroll_consent boolean| __adroll_consent_is_gdpr object| __adroll_consent_data string| __adroll_consent_user_country string| __adroll_consent_adv_country object| adroll_exp_list

3 Cookies

Domain/Path Name / Value
www.truthaboutfungus.com/ Name: PHPSESSID
Value: 4d7268117139d2e877233bad2a0118f4
.truthaboutfungus.com/ Name: __cfduid
Value: d7743d4630ca02e28fb8d147b7cb081db1583064991
www.truthaboutfungus.com/DiscountOfferNHL2-YTBMPS Name: looked
Value: yes

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.cloudflare.com
ajax.googleapis.com
d.adroll.com
d.adroll.mgr.consensu.org
fg2dw.info
inthealthtrk.com
m756w.com
s.adroll.com
s.ytimg.com
stats.g.doubleclick.net
track.trackingbeard.net
www.googletagmanager.com
www.truthaboutfungus.com
www.youtube-nocookie.com
184.168.131.241
2606:4700:10::6814:e786
2606:4700::6811:4104
2a00:1450:4001:815::200e
2a00:1450:4001:817::200a
2a00:1450:4001:81c::2008
2a00:1450:4001:81e::200e
2a00:1450:400c:c00::9c
3.248.28.111
35.155.223.96
50.23.130.135
52.59.161.204
92.122.252.179
02cb5123f793644dd260a5085a26c758e9ce69e7f2bc21e9ff24aa86be0f9aac
17b42968f6a1bb08923b363f97160a5dcbe0859a963bdb160d84df31a904b936
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2e8482bdd64c06f5dad92fc1e1efa5815f58f5664578a65a9b9ec783dacc9726
37d94fe68ae3b45470eae9af2689db4a8a7040a31d164fdb539d951c3dfebe4a
4461d003f4dfb3d97cc5592488fb979d44d1a6fc33a12fc3da797f6bc94df20e
476a7b1085cc64de1c0eb74a6776fa8385d57eb18774f199df83fc4d7bbcc24e
491d5f1d62d78d57f7688772e0e1efb8251a43cc6e218ed70487808065dbd475
4a38821138aa79dc5d9bae2f866fe9f137e4648a68b26935e8d8d2e038d6d560
5ccd07d314da476330e54b8e9ecf437fb7716b575c73faa837d1d921070c8066
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8c313ecb463204e95ece8af2cefd2c22d2f228bbefc4453da8e2b42a9bc1dd91
8e9a1b0f2b164d2d54f384d3e7bd38cef0584fca485359b819fdee2deeb981fc
90f94c64548a2a8f2ce1177863981ba387c4d915d4e3c4d1370ed7721f18adaf
9bdb18261ee7f56b879c2e307d8f3569349ffb6543eef9e38e321c51bbe91a08
a8aaf483db95702cf7535281f6a3616458331fd875e77c0ae7239db32a200580
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
b993317aff71fe9260e22d9855934d6192f1ca845bc85d33d05825c960f053a4
cd6b18ff49e6f8b2a4729827452ce62bf9d8f7a66ef683ebfa581d7fb4b4f3a3
d26593c93f61ac3b240c381814565cf7b34b176217ffa37af48cce6b295cb8de
de618be39cd6ece4b3108c7c2bf5088da84f21e4c3491b91e76f350e12ad2825
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f8708eed08001ee2a1d651899df0da18e586f87654ea6f4eb59d1659c284f0bc