urlscan.io logo urlscan.io
SecurityTrails logo

parasiterelief.com Open in urlscan Pro
100.28.91.13  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://links.easyhealthjournal.com/a/1455/click/9409/1732827/72e7402a24bc82a4177cc81420e1a598e41ab1ad/8abb9218310e36c19bff77a7600a9...
Effective URL: https://parasiterelief.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&...
Submission: On December 17 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 82 IPs in 7 countries across 66 domains to perform 151 HTTP transactions. The main IP is 100.28.91.13, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is parasiterelief.com.
TLS certificate: Issued by E6 on October 18th 2024. Valid for: 3 months.
This is the only time parasiterelief.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 35.238.129.105 396982 (GOOGLE-CL...)
1 3 34.107.199.247 396982 (GOOGLE-CL...)
5 100.28.91.13 14618 (AMAZON-AES)
1 2607:f8b0:400... 15169 (GOOGLE)
2 174.129.246.97 14618 (AMAZON-AES)
6 2607:f8b0:400... 15169 (GOOGLE)
2 31.13.66.19 32934 (FACEBOOK)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
5 74.125.192.94 15169 (GOOGLE)
2 31.13.66.35 32934 (FACEBOOK)
1 74.125.192.99 15169 (GOOGLE)
1 3.163.245.4 16509 (AMAZON-02)
2 162.159.153.247 13335 (CLOUDFLAR...)
1 2a02:6ea0:c40... 60068 (CDN77 Dat...)
5 2620:100:a00b::6 19750 (AS-CRITEO)
7 23.212.251.27 20940 (AKAMAI-AS...)
1 146.75.28.157 54113 (FASTLY)
1 3.167.64.79 16509 (AMAZON-02)
1 2600:9000:250... 16509 (AMAZON-02)
2 2620:1ec:29:1... 8075 (MICROSOFT...)
1 169.150.236.105 60068 (CDN77 Dat...)
1 5 35.227.244.1 396982 (GOOGLE-CL...)
3 2600:9000:28a... 16509 (AMAZON-02)
1 2 142.251.167.148 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2 2001:4860:480... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 142.251.167.94 15169 (GOOGLE)
2 3 172.217.222.149 15169 (GOOGLE)
1 209.85.144.154 15169 (GOOGLE)
8 35.190.43.134 15169 (GOOGLE)
4 10 74.119.117.16 19750 (AS-CRITEO)
2 178.250.1.9 44788 (ASN-CRITE...)
2 182.161.74.16 55569 (CRITEO-AS...)
1 6 185.184.10.30 203690 (RTB-HOUSE...)
2 162.159.140.229 13335 (CLOUDFLAR...)
2 104.244.42.3 13414 (TWITTER)
4 18.160.37.222 16509 (AMAZON-02)
1 2 2620:100:a00b... 19750 (AS-CRITEO)
1 188.42.63.49 7979 (SERVERS-COM)
1 188.42.63.48 7979 (SERVERS-COM)
1 52.202.190.25 14618 (AMAZON-AES)
1 1 2600:1f18:730... 14618 (AMAZON-AES)
1 34.231.172.117 14618 (AMAZON-AES)
3 20.57.85.160 8075 (MICROSOFT...)
1 216.22.16.9 30633 (LEASEWEB-...)
1 2 35.244.159.8 396982 (GOOGLE-CL...)
1 3 104.18.27.193 13335 (CLOUDFLAR...)
1 2 173.194.66.157 15169 (GOOGLE)
2 69.173.146.5 26667 (RUBICONPR...)
1 54.160.149.172 14618 (AMAZON-AES)
1 207.65.37.184 62713 (AS-PUBMATIC)
1 35.214.233.111 19527 (GOOGLE-2)
2 35.211.202.130 15169 (GOOGLE)
1 3.167.69.43 16509 (AMAZON-02)
2 4 68.67.160.184 29990 (ASN-APPNEX)
1 134.209.162.206 14061 (DIGITALOC...)
1 2 20.110.205.119 8075 (MICROSOFT...)
1 2 2620:1ec:c11:... 8068 (MICROSOFT...)
1 141.226.224.48 200478 (TABOOLA-A...)
1 35.245.40.102 396982 (GOOGLE-CL...)
1 50.19.69.177 14618 (AMAZON-AES)
1 63.251.28.230 26558 (FREEWHEEL)
1 2 3.217.222.187 14618 (AMAZON-AES)
1 1 3.218.55.33 14618 (AMAZON-AES)
2 2 23.21.74.44 14618 (AMAZON-AES)
1 1 2001:4998:14:... 14777 (YAHOO)
1 2001:4998:60:... 14196 (YAHOO-CHA)
1 23.62.172.23 16625 (AKAMAI-AS)
1 52.21.200.160 14618 (AMAZON-AES)
1 100.21.100.53 16509 (AMAZON-02)
1 70.42.32.63 22075 (AS-OUTBRAIN)
1 8.28.7.83 62713 (AS-PUBMATIC)
1 54.211.170.34 14618 (AMAZON-AES)
1 23.55.205.47 16625 (AKAMAI-AS)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 2600:1408:540... 20940 (AKAMAI-AS...)
1 2 52.223.22.214 16509 (AMAZON-02)
1 3.220.18.91 14618 (AMAZON-AES)
1 3.210.56.21 14618 (AMAZON-AES)
1 69.194.240.13 26120 (RHYTHMONE)
1 52.216.49.113 16509 (AMAZON-02)
1 35.190.54.17 15169 (GOOGLE)
1 99.83.128.14 16509 (AMAZON-02)
151 82
1    35.238.129.105 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 105.129.238.35.bc.googleusercontent.com
links.easyhealthjournal.com
3    34.107.199.247 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 247.199.107.34.bc.googleusercontent.com
www.bg6yrfg.com
www.p8btrk.com
5    100.28.91.13 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-28-91-13.compute-1.amazonaws.com
parasiterelief.com
1    2607:f8b0:4004:c08::5f (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    174.129.246.97 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-174-129-246-97.compute-1.amazonaws.com
secure.parasiterelief.com
6    2607:f8b0:4004:c1b::61 (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    31.13.66.19 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-iad3.fbcdn.net
connect.facebook.net
1    2607:f8b0:4004:c19::be (Washington, United States)

ASN15169 (GOOGLE, US)
www.youtube-nocookie.com
2    2607:f8b0:4004:c08::5d (Washington, United States)

ASN15169 (GOOGLE, US)
www.youtube.com
5    74.125.192.94 (United States)

ASN15169 (GOOGLE, US)
PTR: qn-in-f94.1e100.net
fonts.gstatic.com
2    31.13.66.35 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-iad3.facebook.com
www.facebook.com
1    74.125.192.99 (United States)

ASN15169 (GOOGLE, US)
PTR: qn-in-f99.1e100.net
www.google.com
1    3.163.245.4 (United States)

ASN16509 (AMAZON-02, US)
sc-static.net
2    162.159.153.247 (None, )

ASN13335 (CLOUDFLARENET, US)
a.quora.com
q.quora.com
1    2a02:6ea0:c400::53 (New York, United States)

ASN60068 (CDN77 Datacamp Limited, GB)
tags.creativecdn.com
5    2620:100:a00b::6 (United States)

ASN19750 (AS-CRITEO, US)
dynamic.criteo.com
7    23.212.251.27 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-212-251-27.deploy.static.akamaitechnologies.com
analytics.tiktok.com
1    146.75.28.157 (Ashburn, United States)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    3.167.64.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-167-64-79.iad61.r.cloudfront.net
d9i5ve8f04qxt.cloudfront.net
1    2600:9000:2509:1a00:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)
b-code.liadm.com
2    2620:1ec:29:1::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
1    169.150.236.105 (Chicago, United States)

ASN60068 (CDN77 Datacamp Limited, GB)
PTR: 169-150-236-105.bunnyinfra.net
dsp-media.eskimi.com
5    35.227.244.1 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 1.244.227.35.bc.googleusercontent.com
shop.pe
app.shop.pe
manage.safeopt.com
3    2600:9000:28ac:8600:d:370a:51c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
d2mjzob2nc713b.cloudfront.net
2    142.251.167.148 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f148.1e100.net
13811400.fls.doubleclick.net
3    2607:f8b0:400d:c07::9a (Morganton, United States)

ASN15169 (GOOGLE, US)
td.doubleclick.net
2    2001:4860:4802:38::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
1    2607:f8b0:4004:c21::8b (Washington, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2607:f8b0:400d:c04::9a (Morganton, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    142.251.167.94 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f94.1e100.net
www.google.ca
3    172.217.222.149 (United States)

ASN15169 (GOOGLE, US)
PTR: qi-in-f149.1e100.net
ad.doubleclick.net
1    209.85.144.154 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: qv-in-f154.1e100.net
adservice.google.com
8    35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com
tr.snapchat.com
tr6.snapchat.com
10    74.119.117.16 (United States)

ASN19750 (AS-CRITEO, US)
sslwidget.criteo.com
dis.criteo.com
2    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)
widget.eu.criteo.com
2    182.161.74.16 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
widget.as.criteo.com
6    185.184.10.30 (Cyprus)

ASN203690 (RTB-HOUSE-ASH RTB Marketing and Tech Services Ltd, CY)
PTR: ip-185-184-10-30.rtbhouse.net
us.creativecdn.com
2    162.159.140.229 (None, )

ASN13335 (CLOUDFLARENET, US)
t.co
2    104.244.42.3 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
4    18.160.37.222 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-37-222.iad55.r.cloudfront.net
d1pqvb2h9xgm7r.cloudfront.net
2    2620:100:a00b::12 (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
1    188.42.63.49 (Luxembourg)

ASN7979 (SERVERS-COM, US)
dsp-trk.eskimi.com
1    188.42.63.48 (Luxembourg)

ASN7979 (SERVERS-COM, US)
dsp-ap.eskimi.com
1    52.202.190.25 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-190-25.compute-1.amazonaws.com
i.liadm.com
1    2600:1f18:730:b150:daed:5d92:e571:5d73 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rp.liadm.com
1    34.231.172.117 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-172-117.compute-1.amazonaws.com
rp4.liadm.com
3    20.57.85.160 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e.clarity.ms
1    216.22.16.9 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
rtb-csync.smartadserver.com
2    35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com
eu-u.openx.net
3    104.18.27.193 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
r.casalemedia.com
2    173.194.66.157 (United States)

ASN15169 (GOOGLE, US)
PTR: qo-in-f157.1e100.net
cm.g.doubleclick.net
2    69.173.146.5 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    54.160.149.172 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-160-149-172.compute-1.amazonaws.com
cs.adingo.jp
1    207.65.37.184 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    35.214.233.111 (Groningen, Netherlands)

ASN19527 (GOOGLE-2, US)
PTR: 111.233.214.35.bc.googleusercontent.com
csync.loopme.me
2    35.211.202.130 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 130.202.211.35.bc.googleusercontent.com
x.bidswitch.net
1    3.167.69.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-167-69-43.iad61.r.cloudfront.net
public-prod-dspcookiematching.dmxleo.com
4    68.67.160.184 (Colonia, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
1    134.209.162.206 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
service3.purehealthresearch.com
2    20.110.205.119 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
2    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
1    141.226.224.48 (United States)

ASN200478 (TABOOLA-AS Taboola.com ltd, IL)
sync-t1.taboola.com
1    35.245.40.102 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 102.40.245.35.bc.googleusercontent.com
visitor.omnitagjs.com
1    50.19.69.177 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-19-69-177.compute-1.amazonaws.com
dpm.demdex.net
1    63.251.28.230 (Secaucus, United States)

ASN26558 (FREEWHEEL, US)
ads.stickyadstv.com
2    3.217.222.187 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-217-222-187.compute-1.amazonaws.com
ad.360yield.com
1    3.218.55.33 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-55-33.compute-1.amazonaws.com
i.liadm.com
2    23.21.74.44 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-21-74-44.compute-1.amazonaws.com
thrtle.com
1    2001:4998:14:800::1000 (United States)

ASN14777 (YAHOO, US)
cms.analytics.yahoo.com
1    2001:4998:60:807::2 (United States)

ASN14196 (YAHOO-CHA, US)
ups.analytics.yahoo.com
1    23.62.172.23 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-62-172-23.deploy.static.akamaitechnologies.com
contextual.media.net
1    52.21.200.160 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-200-160.compute-1.amazonaws.com
exchange.mediavine.com
1    100.21.100.53 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-100-21-100-53.us-west-2.compute.amazonaws.com
jadserve.postrelease.com
1    70.42.32.63 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
sync.outbrain.com
1    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    54.211.170.34 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-211-170-34.compute-1.amazonaws.com
match.sharethrough.com
1    23.55.205.47 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-55-205-47.deploy.static.akamaitechnologies.com
criteo-sync.teads.tv
1    2600:1f18:612b:4232:32bf:c12c:81c0:4994 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
criteo-partners.tremorhub.com
1    2600:1408:5400:1d::173d:b95 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
ade.clmbtech.com
2    52.223.22.214 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
1    3.220.18.91 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-18-91.compute-1.amazonaws.com
sync-criteo.ads.yieldmo.com
1    3.210.56.21 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-56-21.compute-1.amazonaws.com
e1.emxdgt.com
1    69.194.240.13 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
1    52.216.49.113 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
addshoppers.s3.amazonaws.com
1    35.190.54.17 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 17.54.190.35.bc.googleusercontent.com
shopper.shop.pe
1    99.83.128.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: a954c1fc80b8251dc.awsglobalaccelerator.com
nytrng.com
Apex Domain
Subdomains		 Transfer
21 criteo.com
dynamic.criteo.com — Cisco Umbrella Rank: 3682
sslwidget.criteo.com — Cisco Umbrella Rank: 2375
widget.eu.criteo.com — Cisco Umbrella Rank: 40119
widget.as.criteo.com — Cisco Umbrella Rank: 52900
gum.criteo.com — Cisco Umbrella Rank: 450
dis.criteo.com — Cisco Umbrella Rank: 702
125 KB
11 doubleclick.net
13811400.fls.doubleclick.net
td.doubleclick.net — Cisco Umbrella Rank: 182
ad.doubleclick.net — Cisco Umbrella Rank: 145 Failed
stats.g.doubleclick.net — Cisco Umbrella Rank: 135
cm.g.doubleclick.net — Cisco Umbrella Rank: 284
3 KB
8 snapchat.com
tr.snapchat.com — Cisco Umbrella Rank: 903
tr6.snapchat.com — Cisco Umbrella Rank: 1333
2 KB
8 cloudfront.net
d9i5ve8f04qxt.cloudfront.net
d2mjzob2nc713b.cloudfront.net
d1pqvb2h9xgm7r.cloudfront.net
78 KB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 625
e.clarity.ms — Cisco Umbrella Rank: 8266
c.clarity.ms — Cisco Umbrella Rank: 1269
31 KB
7 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 799
143 KB
7 creativecdn.com
tags.creativecdn.com — Cisco Umbrella Rank: 6061
us.creativecdn.com — Cisco Umbrella Rank: 2955
5 KB
7 parasiterelief.com
parasiterelief.com
secure.parasiterelief.com
300 KB
6 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
514 KB
5 shop.pe
shop.pe — Cisco Umbrella Rank: 12425
shopper.shop.pe — Cisco Umbrella Rank: 15066
app.shop.pe — Cisco Umbrella Rank: 14285
11 KB
5 liadm.com
b-code.liadm.com — Cisco Umbrella Rank: 3229
i.liadm.com — Cisco Umbrella Rank: 572
rp.liadm.com — Cisco Umbrella Rank: 966
rp4.liadm.com — Cisco Umbrella Rank: 5689
48 KB
5 gstatic.com
fonts.gstatic.com
108 KB
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 281
4 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 3
analytics.google.com — Cisco Umbrella Rank: 142
adservice.google.com — Cisco Umbrella Rank: 518
1 KB
3 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 607
r.casalemedia.com — Cisco Umbrella Rank: 1967
2 KB
3 eskimi.com
dsp-media.eskimi.com — Cisco Umbrella Rank: 55158
dsp-trk.eskimi.com — Cisco Umbrella Rank: 50075
dsp-ap.eskimi.com — Cisco Umbrella Rank: 13522
5 KB
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 429
981 B
2 yahoo.com
cms.analytics.yahoo.com — Cisco Umbrella Rank: 2194
ups.analytics.yahoo.com — Cisco Umbrella Rank: 548
561 B
2 thrtle.com
thrtle.com — Cisco Umbrella Rank: 1272
1 KB
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 800
907 B
2 bing.com
c.bing.com — Cisco Umbrella Rank: 205
1 KB
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 393
275 B
2 pubmatic.com
image2.pubmatic.com — Cisco Umbrella Rank: 886
simage2.pubmatic.com — Cisco Umbrella Rank: 920
1 KB
2 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 419
3 KB
2 openx.net
eu-u.openx.net — Cisco Umbrella Rank: 2879
523 B
2 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 991
1 KB
2 t.co
t.co — Cisco Umbrella Rank: 904
1 KB
2 p8btrk.com
www.p8btrk.com
19 KB
2 quora.com
a.quora.com — Cisco Umbrella Rank: 6981
q.quora.com — Cisco Umbrella Rank: 5280
15 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
212 B
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 79
12 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
86 KB
1 safeopt.com
manage.safeopt.com — Cisco Umbrella Rank: 23840
836 B
1 nytrng.com
nytrng.com — Cisco Umbrella Rank: 8179
1 amazonaws.com
addshoppers.s3.amazonaws.com — Cisco Umbrella Rank: 17966
2 KB
1 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 513
99 B
1 emxdgt.com
e1.emxdgt.com — Cisco Umbrella Rank: 2034
120 B
1 yieldmo.com
sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 3004
621 B
1 clmbtech.com
ade.clmbtech.com — Cisco Umbrella Rank: 2973
259 B
1 tremorhub.com
criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2884
399 B
1 teads.tv
criteo-sync.teads.tv — Cisco Umbrella Rank: 2996
278 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 530
301 B
1 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 897
360 B
1 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1040
534 B
1 mediavine.com
exchange.mediavine.com — Cisco Umbrella Rank: 1697
966 B
1 media.net
contextual.media.net — Cisco Umbrella Rank: 724
834 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 619
661 B
1 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 262
719 B
1 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 848
428 B
1 taboola.com
sync-t1.taboola.com — Cisco Umbrella Rank: 1988
374 B
1 purehealthresearch.com
service3.purehealthresearch.com — Cisco Umbrella Rank: 310022
1 dmxleo.com
public-prod-dspcookiematching.dmxleo.com — Cisco Umbrella Rank: 2920
264 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 890
155 B
1 adingo.jp
cs.adingo.jp — Cisco Umbrella Rank: 4789
404 B
1 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 739
584 B
1 google.ca
www.google.ca — Cisco Umbrella Rank: 11557
63 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 1016
16 KB
1 sc-static.net
sc-static.net — Cisco Umbrella Rank: 1109
24 KB
1 youtube-nocookie.com
www.youtube-nocookie.com — Cisco Umbrella Rank: 3683
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
2 KB
1 bg6yrfg.com
www.bg6yrfg.com
823 B
1 easyhealthjournal.com
links.easyhealthjournal.com
576 B
0 smaato.net Failed
s.ad.smaato.net Failed
0 revcontent.com Failed
trends.revcontent.com Failed
0 mediawallahscript.com Failed
partner.mediawallahscript.com — Cisco Umbrella Rank: 2653 Failed
151 66
Domain Requested by
8 sslwidget.criteo.com 4 redirects dynamic.criteo.com
7 tr.snapchat.com sc-static.net
parasiterelief.com
7 analytics.tiktok.com parasiterelief.com
analytics.tiktok.com
6 us.creativecdn.com 1 redirects parasiterelief.com
tags.creativecdn.com
6 www.googletagmanager.com parasiterelief.com
www.googletagmanager.com
5 dynamic.criteo.com www.googletagmanager.com
5 fonts.gstatic.com fonts.googleapis.com
5 parasiterelief.com parasiterelief.com
4 ib.adnxs.com 2 redirects parasiterelief.com
4 d1pqvb2h9xgm7r.cloudfront.net d9i5ve8f04qxt.cloudfront.net
3 e.clarity.ms www.clarity.ms
3 ad.doubleclick.net parasiterelief.com
3 td.doubleclick.net www.googletagmanager.com
3 d2mjzob2nc713b.cloudfront.net parasiterelief.com
shop.pe
3 shop.pe 1 redirects d2mjzob2nc713b.cloudfront.net
2 eb2.3lift.com 1 redirects
2 thrtle.com 2 redirects
2 ad.360yield.com 1 redirects
2 dis.criteo.com
2 c.bing.com 1 redirects
2 c.clarity.ms 1 redirects
2 x.bidswitch.net parasiterelief.com
2 pixel.rubiconproject.com parasiterelief.com
2 cm.g.doubleclick.net 1 redirects parasiterelief.com
2 dsum-sec.casalemedia.com 1 redirects parasiterelief.com
2 eu-u.openx.net 1 redirects parasiterelief.com
2 i.liadm.com 1 redirects b-code.liadm.com
2 gum.criteo.com 1 redirects dynamic.criteo.com
2 analytics.twitter.com parasiterelief.com
2 t.co parasiterelief.com
2 widget.as.criteo.com parasiterelief.com
2 widget.eu.criteo.com parasiterelief.com
2 analytics.google.com 1 redirects www.googletagmanager.com
2 13811400.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 www.clarity.ms parasiterelief.com
www.clarity.ms
2 www.p8btrk.com www.googletagmanager.com
www.p8btrk.com
2 www.facebook.com parasiterelief.com
2 www.youtube.com parasiterelief.com
www.youtube.com
2 connect.facebook.net parasiterelief.com
connect.facebook.net
2 secure.parasiterelief.com parasiterelief.com
secure.parasiterelief.com
1 manage.safeopt.com shopper.shop.pe
1 nytrng.com d2mjzob2nc713b.cloudfront.net
1 app.shop.pe d2mjzob2nc713b.cloudfront.net
1 shopper.shop.pe shop.pe
1 addshoppers.s3.amazonaws.com d2mjzob2nc713b.cloudfront.net
1 sync.1rx.io
1 e1.emxdgt.com
1 sync-criteo.ads.yieldmo.com
1 ade.clmbtech.com
1 criteo-partners.tremorhub.com
1 criteo-sync.teads.tv
1 match.sharethrough.com
1 simage2.pubmatic.com
1 sync.outbrain.com
1 jadserve.postrelease.com
1 exchange.mediavine.com
1 contextual.media.net
1 ups.analytics.yahoo.com
1 cms.analytics.yahoo.com 1 redirects
1 ads.stickyadstv.com
1 dpm.demdex.net
1 r.casalemedia.com
1 visitor.omnitagjs.com
1 sync-t1.taboola.com
1 service3.purehealthresearch.com parasiterelief.com
1 public-prod-dspcookiematching.dmxleo.com parasiterelief.com
1 csync.loopme.me parasiterelief.com
1 image2.pubmatic.com parasiterelief.com
1 cs.adingo.jp parasiterelief.com
1 rtb-csync.smartadserver.com parasiterelief.com
1 tr6.snapchat.com sc-static.net
1 rp4.liadm.com parasiterelief.com
1 rp.liadm.com 1 redirects
1 dsp-ap.eskimi.com dsp-media.eskimi.com
1 dsp-trk.eskimi.com dsp-media.eskimi.com
1 adservice.google.com parasiterelief.com
1 www.google.ca parasiterelief.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 www.google-analytics.com parasiterelief.com
1 q.quora.com parasiterelief.com
1 dsp-media.eskimi.com parasiterelief.com
1 b-code.liadm.com www.googletagmanager.com
1 d9i5ve8f04qxt.cloudfront.net www.googletagmanager.com
1 static.ads-twitter.com parasiterelief.com
1 tags.creativecdn.com www.googletagmanager.com
1 a.quora.com www.googletagmanager.com
1 sc-static.net www.googletagmanager.com
1 www.google.com www.googletagmanager.com
1 www.youtube-nocookie.com parasiterelief.com
1 fonts.googleapis.com parasiterelief.com
1 www.bg6yrfg.com 1 redirects
1 links.easyhealthjournal.com 1 redirects
0 s.ad.smaato.net Failed
0 trends.revcontent.com Failed
0 partner.mediawallahscript.com Failed
151 95

This site contains no links.

Subject Issuer Validity Valid
parasiterelief.com
E6		 2024-10-18 -
2025-01-16		 3 months crt.sh
upload.video.google.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
secure.parasiterelief.com
Sectigo RSA Domain Validation Secure Server CA		 2024-05-21 -
2025-06-20		 a year crt.sh
*.google-analytics.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-09-25 -
2024-12-24		 3 months crt.sh
*.google.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
*.gstatic.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
sc-static.net
Amazon RSA 2048 M03		 2024-11-20 -
2025-12-20		 a year crt.sh
quora.com
WR1		 2024-12-13 -
2025-03-13		 3 months crt.sh
1589314308.rsc.cdn77.org
E5		 2024-10-16 -
2025-01-14		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-12-03 -
2025-03-03		 3 months crt.sh
*.tiktok.com
RapidSSL TLS ECC CA G1		 2024-07-15 -
2025-07-15		 a year crt.sh
p8btrk.com
Starfield Secure Certificate Authority - G2		 2023-11-30 -
2024-12-31		 a year crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-06-25 -
2025-06-24		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2024-07-30 -
2025-07-03		 a year crt.sh
*.liadm.com
Amazon RSA 2048 M02		 2024-10-31 -
2025-11-28		 a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2024-09-04 -
2025-09-04		 a year crt.sh
*.eskimi.com
GeoTrust TLS RSA CA G1		 2024-04-08 -
2025-05-09		 a year crt.sh
*.doubleclick.net
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
*.google.ca
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
*.snap.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-23 -
2025-07-22		 a year crt.sh
t.co
E6		 2024-11-26 -
2025-02-24		 3 months crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-10-07 -
2025-10-06		 a year crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1		 2024-04-05 -
2025-04-30		 a year crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08		 2024-06-23 -
2025-06-18		 a year crt.sh
*.smartadserver.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2024-01-17 -
2025-01-16		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-07-30 -
2025-04-03		 8 months crt.sh
*.adingo.jp
Amazon RSA 2048 M03		 2024-08-14 -
2025-09-13		 a year crt.sh
*.pubmatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-03-19 -
2025-04-19		 a year crt.sh
loopme.com
R11		 2024-11-04 -
2025-02-02		 3 months crt.sh
*.bidswitch.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-11-29 -
2025-02-23		 3 months crt.sh
public-prod-dspcookiematching.dmxleo.com
Amazon ECDSA 256 M02		 2024-08-21 -
2025-09-19		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2024-02-14 -
2025-03-16		 a year crt.sh
service3.purehealthresearch.com
E6		 2024-12-02 -
2025-03-02		 3 months crt.sh
*.taboola.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2024-12-01 -
2025-12-31		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2024-07-02 -
2025-08-01		 a year crt.sh
casalemedia.com
E5		 2024-12-11 -
2025-03-11		 3 months crt.sh
*.stickyadstv.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-01-09 -
2025-02-08		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2024-10-23 -
2025-10-22		 a year crt.sh
exchange.mediavine.com
Amazon RSA 2048 M03		 2024-03-05 -
2025-04-02		 a year crt.sh
www.bing.com
Microsoft Azure RSA TLS Issuing CA 08		 2024-12-15 -
2025-06-13		 6 months crt.sh
*.postrelease.com
Amazon RSA 2048 M03		 2024-07-31 -
2025-08-30		 a year crt.sh
*.outbrain.com
Thawte TLS RSA CA G1		 2024-11-13 -
2025-12-02		 a year crt.sh
*.sharethrough.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2024-07-15 -
2025-08-15		 a year crt.sh
teads.tv
R10		 2024-11-25 -
2025-02-23		 3 months crt.sh
*.tremorhub.com
Amazon RSA 2048 M03		 2024-01-24 -
2025-02-21		 a year crt.sh
colombiaonline.com
R10		 2024-11-18 -
2025-02-16		 3 months crt.sh
*.ads.yieldmo.com
Amazon RSA 2048 M02		 2024-02-24 -
2025-03-23		 a year crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2024-04-15 -
2025-05-17		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2024-06-13 -
2025-07-14		 a year crt.sh
*.shop.pe
GlobeSSL DV CA		 2024-06-13 -
2025-06-13		 a year crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01		 2024-04-22 -
2025-04-07		 a year crt.sh
nytrng.com
Amazon RSA 2048 M03		 2024-02-23 -
2025-03-23		 a year crt.sh
*.safeopt.com
GlobeSSL DV CA		 2024-05-17 -
2025-06-14		 a year crt.sh

This page contains 15 frames:

Primary Page: https://parasiterelief.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=66&oid=109&uid=0&_ef_transaction_id=3283048eda1f4c299a05dfb3753fd411&n=6109
Frame ID: 8B859BBE5C5FCAF55C16A35B76A2C248
Requests: 106 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/3Iqy9rJ0soM?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
Frame ID: 936955CF8D1FB1D574D1AC32B1BD23EC
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fparasiterelief.com
Frame ID: BA906930FAC03F6B22BC5C2F4BFEB6A6
Requests: 1 HTTP requests in this frame

Frame: https://13811400.fls.doubleclick.net/activityi;dc_pre=CNmI5uXBrYoDFTssiAkdu8ANJw;src=13811400;type=nda;cat=cl24_00;ord=1;num=2721080127429;npa=0;auiddc=1939236442.1734394175;ps=1;pcor=1527780946;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4cc1z89138730978za201zb9138730978;gcs=G111;gcd=13v3v3v3v5l1;dma=0;tag_exp=101925629~102067555~102067808~102081485~102198178;epver=2;~oref=https%3A%2F%2Fparasiterelief.com%2Fpresentation%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dcleansevsl%26utm_campaign%3Dcleansecpa%26affid%3D66%26oid%3D109%26uid%3D0%26_ef_transaction_id%3D3283048eda1f4c299a05dfb3753fd411%26n%3D6109
Frame ID: 141C4A4A8DE4757FF1C0E92B6B96A9CF
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=13811400;type=nda;cat=cl24_00;ord=1;num=2721080127429;npa=0;auiddc=1939236442.1734394175;ps=1;pcor=1527780946;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4cc1z89138730978za201zb9138730978;gcs=G111;gcd=13v3v3v3v5l1;dma=0;tag_exp=101925629~102067555~102067808~102081485~102198178;epver=2;~oref=https%3A%2F%2Fparasiterelief.com%2Fpresentation%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dcleansevsl%26utm_campaign%3Dcleansecpa%26affid%3D66%26oid%3D109%26uid%3D0%26_ef_transaction_id%3D3283048eda1f4c299a05dfb3753fd411%26n%3D6109
Frame ID: 2B712A0055183BC4DD093D863C3909DC
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-SSVM2TL5G6&gacid=1848701378.1734394175&gtm=45je4cc1v871036254z89138730978za200zb9138730978&dma=0&gcs=G111&gcd=13v3v3v3v5l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=769785730
Frame ID: 21C3DD37E5220EC0059097983FAB5841
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=14623190;type=invmedia;cat=cl24_0;ord=1028528760483;npa=0;auiddc=1939236442.1734394175;ps=1;pcor=1723115950;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4cc1v9186162005z89138730978za201zb9138730978;gcs=G111;gcd=13v3v3v3v5l1;dma=0;tag_exp=101925629~102067555~102067808~102081485~102198178;epver=2;em=tv.1
Frame ID: 8EFB7BC514C893B661EA95FEE4C9A608
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=f678a30c-e5ae-4cd8-bcad-24f697d75c41&u_scsid=0662fe3f-6479-4671-be33-b3d49cc54ae0&u_sclid=e099c1f9-2b03-4b0c-8644-71e59dd3bf57
Frame ID: 2CB2E21BEDAA8640400327A8508EB2D1
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=21444b75-45eb-4207-bb22-dc5f286db86b&u_scsid=0662fe3f-6479-4671-be33-b3d49cc54ae0&u_sclid=e099c1f9-2b03-4b0c-8644-71e59dd3bf57
Frame ID: A18C55359DFBFB8E573F1CEE277C69DF
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=parasiterelief.com&origin=onetag
Frame ID: 0AA5C1E31132611B097B08468C2B563C
Requests: 1 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/b-00tu?duid=2fd7b255045c--01jf8z5qzywpgbkcpcr2hhj9mx&euns=1&s=&version=v3.6.0&cd=.parasiterelief.com&pv=34ef7074-12c2-4808-b299-70b964639ffd
Frame ID: EEE9A963291D040612D5C51AA4D1EEB4
Requests: 1 HTTP requests in this frame

Frame: https://us.creativecdn.com/ig-membership?ntk=046v1UMuVjdgTDa0sF3sFVyHq8tIlECWxMFK6pduIsGNdxENWuIJUzFgPgz8BEkIz7m0idSSpSetkut3DIfXFm93mB0bJ9BL5vV5EZ0RpMkcVeXe8GxKApYJinVIDq-xpdPMYbCx0FZaLf5fwQd3p_omoW7f2ClFHeWoZq_T8jF5ma8eRGCMpp-d_gRCF0WVYRavnDMbHRNH-2QWysJA_m6TRPCPZNIYCJXe8ztgiAVuAkNtf2WHA4Cvsu7oiJgZWz7Sz4VnJhGcjdr90nva1ISnezio7sCxAyCWLjnGxzALxs30rQ9eb5r4gzL2RXEE2hyInPu7M3jp7_WTTvx79W7R5cfb6CylVDVdyafYjhauWKIqWVSUAIP5EmoQaQcKLMYIj41YbpU_EmuokGXpLTlH3a5cGpakvbPcfz4XeylO65IRF3XUGfB6A6QtcfLlK6ySNC1_odroJUmivvZwsV20jj6-bMWdRe-Ji2gjPhid6exkkr85XYhvNq_C3qtW7plhCRYPCwcYFuafuMHqtg
Frame ID: 6B29402B00E04AF7DB5B083C69B91C43
Requests: 1 HTTP requests in this frame

Frame: https://us.creativecdn.com/topics-membership?ntk=-1SicGontaS8q8RA8YVp94DFtO1a40SQOUecXRoukULn3a8tUTOBVrCOxnI8qYoybm_iwtWQNUBWZiV-0UbUqZaTaB0Zupbnl_p6RbyiCmrU4YYo_lk_YQ_Ag7JoXXm3Cq-Dt7W7_bkwUe85-uWQl5YUUsuHaG-hK2_nAmUxoSu1K7x-o11ScdU-uznhavdiwMdIV0YeIdO0OfWgOoKVA3QklNn2yfHrrlah5m0iBiq-i9_rOpBOHASRaXwWndjgj0DeDxYNyLNKNhwOiP3h7vhccZgXO6e8wKUr0yJwL5GyuSh39A9PoUFyZTLrH2IvMmGlZU9gY26Z6DCXOIrLfx_Ai92XiQnijhhl-ZuYyWrUaEjH68CaG8l8YklBp5MnzEo0FsrM2J55rY54K2tkbord0hgI0q-sXUTRJBQT9Vu-aV5Prsjlk8xCNv_BPsHQ0LLELDGNS8vAs6gYFCaQjtm9C8C3jP3xZmBIxg0IpFv0OnC8XOBsSEpJyziCis-PZ3JyLIAGxbxyXSAa6pNR5g
Frame ID: F785FD8D5A8F2CB7361745C30FD8E557
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-chU8-_Wk-4_V3Re9mPAoWPjNd0bNnIUo5qWMug&google_gid=CAESECiYVI5DrcHE1LRB96ee6rM&google_cver=1&google_ula=913071,0
Frame ID: B781C1B9DF93F9044978B40E84BCF7D3
Requests: 29 HTTP requests in this frame

Frame: https://nytrng.com/iframe?vcp=4dd5h0np&as_id=aad3c25edceb47388e62ee9f42791ffc
Frame ID: 35C77812809A8E9C965DBAB0BA3B76FF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Cleanse24

Page URL History Show full URLs

  1. https://links.easyhealthjournal.com/a/1455/click/9409/1732827/72e7402a24bc82a4177cc81420e1a598e41ab1ad/8abb92183... HTTP 302
    https://www.bg6yrfg.com/3ZW5GR/6DC976/?sub1=liowormcleanse1216 HTTP 302
    https://parasiterelief.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_... Page URL

Detected technologies

Overall confidence: 75%
Detected patterns
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

151
Requests

85 %
HTTPS

23 %
IPv6

66
Domains

95
Subdomains

82
IPs

7
Countries

1561 kB
Transfer

4014 kB
Size

149
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://links.easyhealthjournal.com/a/1455/click/9409/1732827/72e7402a24bc82a4177cc81420e1a598e41ab1ad/8abb9218310e36c19bff77a7600a945bfc412b6a HTTP 302
    https://www.bg6yrfg.com/3ZW5GR/6DC976/?sub1=liowormcleanse1216 HTTP 302
    https://parasiterelief.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=66&oid=109&uid=0&_ef_transaction_id=3283048eda1f4c299a05dfb3753fd411&n=6109 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37
  • https://shop.pe/widget/widget_async.js HTTP 301
  • https://d2mjzob2nc713b.cloudfront.net/widget/widget_async.js
Request Chain 40
  • https://13811400.fls.doubleclick.net/activityi;src=13811400;type=nda;cat=cl24_00;ord=1;num=2721080127429;npa=0;auiddc=1939236442.1734394175;ps=1;pcor=1527780946;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4cc1z89138730978za201zb9138730978;gcs=G111;gcd=13v3v3v3v5l1;dma=0;tag_exp=101925629~102067555~102067808~102081485~102198178;epver=2;~oref=https%3A%2F%2Fparasiterelief.com%2Fpresentation%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dcleansevsl%26utm_campaign%3Dcleansecpa%26affid%3D66%26oid%3D109%26uid%3D0%26_ef_transaction_id%3D3283048eda1f4c299a05dfb3753fd411%26n%3D6109 HTTP 302
  • https://13811400.fls.doubleclick.net/activityi;dc_pre=CNmI5uXBrYoDFTssiAkdu8ANJw;src=13811400;type=nda;cat=cl24_00;ord=1;num=2721080127429;npa=0;auiddc=1939236442.1734394175;ps=1;pcor=1527780946;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4cc1z89138730978za201zb9138730978;gcs=G111;gcd=13v3v3v3v5l1;dma=0;tag_exp=101925629~102067555~102067808~102081485~102198178;epver=2;~oref=https%3A%2F%2Fparasiterelief.com%2Fpresentation%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dcleansevsl%26utm_campaign%3Dcleansecpa%26affid%3D66%26oid%3D109%26uid%3D0%26_ef_transaction_id%3D3283048eda1f4c299a05dfb3753fd411%26n%3D6109
Request Chain 44
  • https://analytics.google.com/g/collect?v=2&tid=G-SSVM2TL5G6&gtm=45je4cc1v871036254z89138730978za200zb9138730978&_p=1734394174596&_gaz=1&gcs=G111&gcd=13v3v3v3v5l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1848701378.1734394175&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1734394175&sct=1&seg=0&dl=https%3A%2F%2Fparasiterelief.com%2Fpresentation%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dcleansevsl%26utm_campaign%3Dcleansecpa%26affid%3D66%26oid%3D109%26uid%3D0%26_ef_transaction_id%3D3283048eda1f4c299a05dfb3753fd411%26n%3D6109&dt=Cleanse24&en=page_view&_fv=1&_nsi=1&_ss=1&_c=1&tfd=1413 HTTP 302
  • https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1848701378.1734394175&dbk=2911087506820142877&dma=0&en=page_view&gcs=G111&gtm=45je4cc1v871036254z89138730978za200zb9138730978&npa=0&tid=G-SSVM2TL5G6&dl=https%3A%2F%2Fparasiterelief.com%3F
Request Chain 49
  • https://ad.doubleclick.net/activity;src=14623190;type=invmedia;cat=cl24_0;ord=1028528760483;npa=0;auiddc=1939236442.1734394175;ps=1;pcor=1723115950;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4cc1v9186162005z89138730978za201zb9138730978;gcs=G111;gcd=13v3v3v3v5l1;dma=0;tag_exp=101925629~102067555~102067808~102081485~102198178;epver=2;em=tv.1 HTTP 302
  • https://ad.doubleclick.net/activity;dc_pre=CJOm5-XBrYoDFdItiAkdE8w6ag;src=14623190;type=invmedia;cat=cl24_0;ord=1028528760483;npa=0;auiddc=1939236442.1734394175;ps=1;pcor=1723115950;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4cc1v9186162005z89138730978za201zb9138730978;gcs=G111;gcd=13v3v3v3v5l1;dma=0;tag_exp=101925629~102067555~102067808~102081485~102198178;epver=2;em=tv.1 HTTP 302
  • https://adservice.google.com/ddm/fls/z/dc_pre=CJOm5-XBrYoDFdItiAkdE8w6ag;src=14623190;type=invmedia;cat=cl24_0;ord=1028528760483;npa=0;auiddc=*;ps=1;pcor=1723115950;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4cc1v9186162005z89138730978za201zb9138730978;gcs=G111;gcd=13v3v3v3v5l1;dma=0;tag_exp=101925629~102067555~102067808~102081485~102198178;epver=2;em=tv.*
Request Chain 57
  • https://sslwidget.criteo.com/event?a=116561&v=5.29.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26tms%3DCriteo%2520GTM%2520Enhanced%2520(Retail)%2520(GA4)%2520-%2520v14%26av%3Dtrue%26p%3D1&adce=1&sc=%7B%22fbp%22%3A%22fb.1.1734394174892.170684383800673746%22%7D&tld=parasiterelief.com&dy=1&fu=https%253A%252F%252Fparasiterelief.com%252Fpresentation%253Futm_source%253Dcpa%2526utm_medium%253Daffiliate%2526utm_content%253Dcleansevsl%2526utm_campaign%253Dcleansecpa%2526affid%253D66%2526oid%253D109%2526uid%253D0%2526_ef_transaction_id%253D3283048eda1f4c299a05dfb3753fd411%2526n%253D6109&ceid=72291997-c640-41b3-8d78-836ebd9f2fd8 HTTP 302
  • https://widget.eu.criteo.com/event?a=116561&v=5.29.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26tms%3DCriteo%2520GTM%2520Enhanced%2520(Retail)%2520(GA4)%2520-%2520v14%26av%3Dtrue%26p%3D1&adce=1&sc=%7B%22fbp%22%3A%22fb.1.1734394174892.170684383800673746%22%7D&tld=parasiterelief.com&dy=1&fu=https%253A%252F%252Fparasiterelief.com%252Fpresentation%253Futm_source%253Dcpa%2526utm_medium%253Daffiliate%2526utm_content%253Dcleansevsl%2526utm_campaign%253Dcleansecpa%2526affid%253D66%2526oid%253D109%2526uid%253D0%2526_ef_transaction_id%253D3283048eda1f4c299a05dfb3753fd411%2526n%253D6109&ceid=72291997-c640-41b3-8d78-836ebd9f2fd8
Request Chain 58
  • https://sslwidget.criteo.com/event?a=116561&v=5.29.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh%26tms%3DCriteo%2520GTM%2520Enhanced%2520(Retail)%2520(GA4)%2520-%2520v14&adce=1&sc=%7B%22fbp%22%3A%22fb.1.1734394174892.170684383800673746%22%7D&tld=parasiterelief.com&dy=1&fu=https%253A%252F%252Fparasiterelief.com%252Fpresentation%253Futm_source%253Dcpa%2526utm_medium%253Daffiliate%2526utm_content%253Dcleansevsl%2526utm_campaign%253Dcleansecpa%2526affid%253D66%2526oid%253D109%2526uid%253D0%2526_ef_transaction_id%253D3283048eda1f4c299a05dfb3753fd411%2526n%253D6109&ceid=bc9e0298-9f2c-443e-8b52-14e76dfdff21 HTTP 302
  • https://widget.eu.criteo.com/event?a=116561&v=5.29.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh%26tms%3DCriteo%2520GTM%2520Enhanced%2520(Retail)%2520(GA4)%2520-%2520v14&adce=1&sc=%7B%22fbp%22%3A%22fb.1.1734394174892.170684383800673746%22%7D&tld=parasiterelief.com&dy=1&fu=https%253A%252F%252Fparasiterelief.com%252Fpresentation%253Futm_source%253Dcpa%2526utm_medium%253Daffiliate%2526utm_content%253Dcleansevsl%2526utm_campaign%253Dcleansecpa%2526affid%253D66%2526oid%253D109%2526uid%253D0%2526_ef_transaction_id%253D3283048eda1f4c299a05dfb3753fd411%2526n%253D6109&ceid=bc9e0298-9f2c-443e-8b52-14e76dfdff21
Request Chain 61
  • https://sslwidget.criteo.com/event?a=%5B116947%5D&v=5.29.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh%26tms%3DCriteo%2520GTM%2520Enhanced%2520(Retail)%2520(GA4)%2520-%2520v14&adce=1&sc=%7B%22fbp%22%3A%22fb.1.1734394174892.170684383800673746%22%7D&tld=parasiterelief.com&dy=1&fu=https%253A%252F%252Fparasiterelief.com%252Fpresentation%253Futm_source%253Dcpa%2526utm_medium%253Daffiliate%2526utm_content%253Dcleansevsl%2526utm_campaign%253Dcleansecpa%2526affid%253D66%2526oid%253D109%2526uid%253D0%2526_ef_transaction_id%253D3283048eda1f4c299a05dfb3753fd411%2526n%253D6109&ceid=28c06dbf-6aec-4504-beeb-d933e10d6b66 HTTP 302
  • https://widget.as.criteo.com/event?a=%5B116947%5D&v=5.29.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh%26tms%3DCriteo%2520GTM%2520Enhanced%2520(Retail)%2520(GA4)%2520-%2520v14&adce=1&sc=%7B%22fbp%22%3A%22fb.1.1734394174892.170684383800673746%22%7D&tld=parasiterelief.com&dy=1&fu=https%253A%252F%252Fparasiterelief.com%252Fpresentation%253Futm_source%253Dcpa%2526utm_medium%253Daffiliate%2526utm_content%253Dcleansevsl%2526utm_campaign%253Dcleansecpa%2526affid%253D66%2526oid%253D109%2526uid%253D0%2526_ef_transaction_id%253D3283048eda1f4c299a05dfb3753fd411%2526n%253D6109&ceid=28c06dbf-6aec-4504-beeb-d933e10d6b66
Request Chain 62
  • https://sslwidget.criteo.com/event?a=%5B116947%5D&v=5.29.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26tms%3DCriteo%2520GTM%2520Enhanced%2520(Retail)%2520(GA4)%2520-%2520v14%26av%3Dtrue%26p%3D1&adce=1&sc=%7B%22fbp%22%3A%22fb.1.1734394174892.170684383800673746%22%7D&tld=parasiterelief.com&dy=1&fu=https%253A%252F%252Fparasiterelief.com%252Fpresentation%253Futm_source%253Dcpa%2526utm_medium%253Daffiliate%2526utm_content%253Dcleansevsl%2526utm_campaign%253Dcleansecpa%2526affid%253D66%2526oid%253D109%2526uid%253D0%2526_ef_transaction_id%253D3283048eda1f4c299a05dfb3753fd411%2526n%253D6109&ceid=7a390590-22d1-4e87-bf0e-2c76a338788b HTTP 302
  • https://widget.as.criteo.com/event?a=%5B116947%5D&v=5.29.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26tms%3DCriteo%2520GTM%2520Enhanced%2520(Retail)%2520(GA4)%2520-%2520v14%26av%3Dtrue%26p%3D1&adce=1&sc=%7B%22fbp%22%3A%22fb.1.1734394174892.170684383800673746%22%7D&tld=parasiterelief.com&dy=1&fu=https%253A%252F%252Fparasiterelief.com%252Fpresentation%253Futm_source%253Dcpa%2526utm_medium%253Daffiliate%2526utm_content%253Dcleansevsl%2526utm_campaign%253Dcleansecpa%2526affid%253D66%2526oid%253D109%2526uid%253D0%2526_ef_transaction_id%253D3283048eda1f4c299a05dfb3753fd411%2526n%253D6109&ceid=7a390590-22d1-4e87-bf0e-2c76a338788b
Request Chain 65
  • https://us.creativecdn.com/tags/v2?type=json HTTP 307
  • https://us.creativecdn.com/tags/v2?type=json&tc=1
Request Chain 81
  • https://rp.liadm.com/j?dtstmp=1734394175662&aid=b-00tu&se=e30&duid=2fd7b255045c--01jf8z5qzywpgbkcpcr2hhj9mx&tv=v3.6.0&pu=https%3A%2F%2Fparasiterelief.com%2Fpresentation%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dcleansevsl%26utm_campaign%3Dcleansecpa%26affid%3D66%26oid%3D109%26uid%3D0%26_ef_transaction_id%3D3283048eda1f4c299a05dfb3753fd411%26n%3D6109&wpn=lc-bundle&wpv=v3.6.0&cd=.parasiterelief.com&c=PHRpdGxlPkNsZWFuc2UyNDwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PGgxIGNsYXNzPSJ2aWRlby1oZWFkbGluZSI-QXdmdWwgR2FzPyBZb3UgUHJvYmFibHkgSGF2ZSBQYXJhc2l0ZXM8L2gxPg&pv=34ef7074-12c2-4808-b299-70b964639ffd HTTP 302
  • https://rp4.liadm.com/j?dtstmp=1734394175662&aid=b-00tu&se=e30&duid=2fd7b255045c--01jf8z5qzywpgbkcpcr2hhj9mx&tv=v3.6.0&pu=https%3A%2F%2Fparasiterelief.com%2Fpresentation%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dcleansevsl%26utm_campaign%3Dcleansecpa%26affid%3D66%26oid%3D109%26uid%3D0%26_ef_transaction_id%3D3283048eda1f4c299a05dfb3753fd411%26n%3D6109&wpn=lc-bundle&wpv=v3.6.0&cd=.parasiterelief.com&c=PHRpdGxlPkNsZWFuc2UyNDwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PGgxIGNsYXNzPSJ2aWRlby1oZWFkbGluZSI-QXdmdWwgR2FzPyBZb3UgUHJvYmFibHkgSGF2ZSBQYXJhc2l0ZXM8L2gxPg&pv=34ef7074-12c2-4808-b299-70b964639ffd&i6=MjYwNzo1MzAwOjYwOjc4Njc6OjU%3D&n3pc=true
Request Chain 91
  • https://eu-u.openx.net/w/1.0/sd?id=539901412&val=6ca46e71-1453-4bc5-a57c-83debff43a60&gdpr=0&gdpr_consent=1 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=539901412&val=6ca46e71-1453-4bc5-a57c-83debff43a60&gdpr=0&gdpr_consent=1&cc=1
Request Chain 92
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=244&external_user_id=6ca46e71-1453-4bc5-a57c-83debff43a60&gdpr=0&gdpr_consent=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=244&external_user_id=6ca46e71-1453-4bc5-a57c-83debff43a60&gdpr=0&gdpr_consent=1&C=1
Request Chain 108
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=39884939C39B470DA6D49E36382BD5E8&RedC=c.clarity.ms&MXFR=364420417286673707D2351976866980 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=39884939C39B470DA6D49E36382BD5E8&MUID=25838FAD258362823D609AF524556332
Request Chain 109
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-chU8-_Wk-4_V3Re9mPAoWPjNd0bNnIUo5qWMug&google_cm&google_hm=ay1jaFU4LV9Xay00X1YzUmU5bVBBb1dQak5kMGJObklVbzVxV011Zw HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-chU8-_Wk-4_V3Re9mPAoWPjNd0bNnIUo5qWMug&google_gid=CAESECiYVI5DrcHE1LRB96ee6rM&google_cver=1&google_ula=913071,0
Request Chain 111
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3064710490559218548
Request Chain 112
  • https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-chU8-_Wk-4_V3Re9mPAoWPjNd0bNnIUo5qWMug&custom=&tag_format=img&tag_action=sync&custom=&cb=872c0c74-8796-4654-ab5f-8a288ffbac92 HTTP 302
  • https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-chU8-_Wk-4_V3Re9mPAoWPjNd0bNnIUo5qWMug&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=872c0c74-8796-4654-ab5f-8a288ffbac92&final=true&reqid=33a50690-bc0b-11ef-b5ee-09e3c0cc8af5&timestamp=2024-12-17T00%3A09%3A36.889Z HTTP 302
  • https://secure.adnxs.com/getuid?https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=$UID&tag_format=img&tag_action=sync HTTP 302
  • https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=3064710490559218548&tag_format=img&tag_action=sync HTTP 302
  • https://sync.crwdcntrl.net/map/c=14717/tp=MWSP/tpid=33ab4820-bc0b-11ef-b1a7-bb0111ff9c37?https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2023%26partner_id%3D2118%26uid%3D%24%7Bprofile_id%7D%26tag_format%3Dimg%26tag_action%3Dsync%26cb%3D%24%7Brandom%7D HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=14717/tp=MWSP/tpid=33ab4820-bc0b-11ef-b1a7-bb0111ff9c37?https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2023%26partner_id%3D2118%26uid%3D%24%7Bprofile_id%7D%26tag_format%3Dimg%26tag_action%3Dsync%26cb%3D%24%7Brandom%7D HTTP 302
  • https://partner.mediawallahscript.com/?account_id=2023&partner_id=2118&uid=e82763fbcd1038f6e42204e933b69dd8&tag_format=img&tag_action=sync&cb=478834456 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vxsrv3i&ttd_tpi=1 HTTP 302
  • https://partner.mediawallahscript.com/?account_id=2027&partner_id=2051&uid=31b08d60-a01b-4c1c-9eb8-ec02515b4b55&tag_format=img&tag_action=sync&cb= HTTP 302
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/mwal?url=https://partner.mediawallahscript.com/?account_id%3D2006%26partner_id%3D2131%26custom%3D%26tag_format%3Dimg%26tag_action%3Dsync HTTP 302
  • https://partner.mediawallahscript.com/?account_id=2006&partner_id=2131&custom=&tag_format=img&tag_action=sync&puid=340ca200-bc0b-11ef-8ef3-a9dc6b402b3a HTTP 302
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D1009%26partner_id%3Dc182f930%26uid%3D%24UID%26custom%3D%26tag_format%3Dimg%26tag_action%3Dsync HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D1009%26partner_id%3Dc182f930%26uid%3D%24UID%26custom%3D%26tag_format%3Dimg%26tag_action%3Dsync&sovrn_retry=true HTTP 307
  • https://partner.mediawallahscript.com/?account_id=1009&partner_id=c182f930&uid=J2AJALZHe-wtpcdvRsOMW0UN&custom=&tag_format=img&tag_action=sync HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2030%26partner_id%3D2147%26uid%3D%23PM_USER_ID%26tag_format%3Dimg%26tag_action%3Dsync HTTP 302
  • https://partner.mediawallahscript.com/?account_id=2030&partner_id=2147&uid=C72D7E19-025E-4569-AB34-76F9D4A3980D&tag_format=img&tag_action=sync HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10103&redirect=https://partner.mediawallahscript.com/?account_id=2036&partner_id=2149&uid=[MM_UUID]&tag_format=img&tag_action=sync HTTP 302
  • https://partner.mediawallahscript.com/?account_id=2036&partner_id=2149&uid=bf7d6760-c142-4300-9796-60ae1aa3dc0b&tag_format=img&tag_action=sync HTTP 302
  • https://match.prod.bidr.io/cookie-sync/mediawallah?dif=1 HTTP 303
  • https://match.prod.bidr.io/cookie-sync/mediawallah?dif=1&_bee_ppp=1 HTTP 303
  • https://partner.mediawallahscript.com/?account_id=2034&partner_id=2079&uid=AAEP2U7OwYMAABjTtykbsQ&tag_format=img&tag_action=sync&cb=31
Request Chain 116
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=TFQ9oQ0V_8VUeACfwXQ8krrwrmpwZhfj
Request Chain 118
  • https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-QhV7dPWk-4_V3Re9mPAoWPjNd0bTJGAXioEZAw HTTP 302
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-QhV7dPWk-4_V3Re9mPAoWPjNd0bTJGAXioEZAw
Request Chain 119
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-PDh4__Wk-4_V3Re9mPAoWPjNd0btXqjt5lagJw HTTP 303
  • https://thrtle.com/sync?vxii_pid=7006&vxii_pdid=28027bdd-b813-444d-9b16-bbc073c6686d&us_privacy=1YN- HTTP 302
  • https://thrtle.com/sync?_reach=1&vxii_pdid=28027bdd-b813-444d-9b16-bbc073c6686d&vxii_pid=12&vxii_pid1=7006&vxii_rcid=f4333d30-53a1-4da2-b44e-1c9fc0c0c70f&vxii_rmax=3 HTTP 302
  • https://cms.analytics.yahoo.com/cms?partner_id=THROTLE HTTP 302
  • https://ups.analytics.yahoo.com/ups/58691/cms?partner_id=THROTLE
Request Chain 133
  • https://eb2.3lift.com/xuid?mid=2711&xuid=k-Nn53kfWk-4_V3Re9mPAoWPjNd0YYQbakk-ztDA&dongle=013b HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-Nn53kfWk-4_V3Re9mPAoWPjNd0YYQbakk-ztDA&dongle=013b&gdpr=0&cmp_cs=&us_privacy=

151 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request presentation
parasiterelief.com/
Redirect Chain
  • https://links.easyhealthjournal.com/a/1455/click/9409/1732827/72e7402a24bc82a4177cc81420e1a598e41ab1ad/8abb9218310e36c19bff77a7600a945bfc412b6a
  • https://www.bg6yrfg.com/3ZW5GR/6DC976/?sub1=liowormcleanse1216
  • https://parasiterelief.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=66&oid=109&uid=0&_ef_transaction_id=3283048eda1f4c299a05dfb3753fd411...
50 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://parasiterelief.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=66&oid=109&uid=0&_ef_transaction_id=3283048eda1f4c299a05dfb3753fd411&n=6109
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
100.28.91.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-28-91-13.compute-1.amazonaws.com
Software
nginx / Express
Resource Hash
b751dd80e6b39ca90e9db0a383d769ba1d7d1ca174ce37a360408fa0db437c1c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Tue, 17 Dec 2024 00:09:34 GMT
ETag
W/"c7c7-+fD4OkK5BVGRv6kkNpgcSqXOSAs"
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Powered-By
Express

Redirect headers

accept-ch
Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
259
content-type
text/html; charset=utf-8
date
Tue, 17 Dec 2024 00:09:34 GMT
location
https://parasiterelief.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=66&oid=109&uid=0&_ef_transaction_id=3283048eda1f4c299a05dfb3753fd411&n=6109
server
nginx
vary
Origin
via
1.1 google
x-eflow-request-id
6d88b5b1-4049-4baa-a1f5-5920396ce6de
css2
fonts.googleapis.com/ 		19 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Libre+Baskerville:ital,wght@0,400;0,700;1,400&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,700&display=swap
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=66&oid=109&uid=0&_ef_transaction_id=3283048eda1f4c299a05dfb3753fd411&n=6109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
332d979e6f0fa7b45d18cd42551204564cd6a0037f1a63f7e5257854121f6067
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 17 Dec 2024 00:09:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Dec 2024 00:09:34 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Tue, 17 Dec 2024 00:09:34 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
play-img-d.gif
parasiterelief.com/img/video/ 		216 KB
216 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://parasiterelief.com/img/video/play-img-d.gif
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=66&oid=109&uid=0&_ef_transaction_id=3283048eda1f4c299a05dfb3753fd411&n=6109
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
100.28.91.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-28-91-13.compute-1.amazonaws.com
Software
nginx / Express
Resource Hash
405f97b29f07e51f3eeca509f0fcad555a687da609a979fab7d478cb374dd95a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=66&oid=109&uid=0&_ef_transaction_id=3283048eda1f4c299a05dfb3753fd411&n=6109

Response headers

Cache-Control
public, max-age=0
ETag
W/"35efa-18aad29b1d3"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
220922
Date
Tue, 17 Dec 2024 00:09:34 GMT
Content-Type
image/gif
X-Powered-By
Express
Server
nginx
Last-Modified
Tue, 19 Sep 2023 11:18:25 GMT
UCAffiliateNetworkPixel
secure.parasiterelief.com/cgi-bin/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.parasiterelief.com/cgi-bin/UCAffiliateNetworkPixel
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=66&oid=109&uid=0&_ef_transaction_id=3283048eda1f4c299a05dfb3753fd411&n=6109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
174.129.246.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-174-129-246-97.compute-1.amazonaws.com
Software
Apache /
Resource Hash
2a926bde4bb093f62a3297465dd48e0447f5687f36a8a4dcffce2e83a6254e04
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
content-length
855
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Tue, 17 Dec 2024 00:09:34 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
server
Apache
gtm.js
www.googletagmanager.com/ 		458 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NJWJSDLX
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=66&oid=109&uid=0&_ef_transaction_id=3283048eda1f4c299a05dfb3753fd411&n=6109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0675349b897d53d085196f7db8cd66b0c61ee6b856e738996544afe7ce78b7c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Tue, 17 Dec 2024 00:09:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Dec 2024 00:09:34 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
132614
x-xss-protection
0
server
Google Tag Manager
fbevents.js
connect.facebook.net/en_US/ 		239 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=66&oid=109&uid=0&_ef_transaction_id=3283048eda1f4c299a05dfb3753fd411&n=6109
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
240355f4e85792fb5c1e46a942e6d797a078d39f8717dfbab666e4e80cb4dd8d
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-S5kj1wqw' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 17 Dec 2024 00:09:34 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-S5kj1wqw' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=29, rtx=0, c=23, mss=1232, tbw=4488, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
4j/Mmf1TTqtDl4wsPlKqC7LM7UUf+3iPmky8okfqXJdXKpL2ltOhV1AnVvQPJD6x8J7cKFoh+s+UKsgX0xKMzA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-fb-optimizer
0
document-policy
force-load-at-top
content-length
62283
x-xss-protection
0
origin-agent-cluster
?1
3Iqy9rJ0soM
www.youtube-nocookie.com/embed/ Frame 9369 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/embed/3Iqy9rJ0soM?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=66&oid=109&uid=0&_ef_transaction_id=3283048eda1f4c299a05dfb3753fd411&n=6109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::be Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://parasiterelief.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-security-policy
require-trusted-types-for 'script'
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="YOUTUBE_NOCOOKIE_DOMAIN"
cross-origin-resource-policy
cross-origin
date
Tue, 17 Dec 2024 00:09:34 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AsnbWYr3bqK88n/C2BgXPMpBC+msV4jf6vsgnAir+gFnHw3zXZEKmz271E4vhxTja+7SD2q3dr2BxZlHzvj9HA0AAACBeyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUtbm9jb29raWUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"YOUTUBE_NOCOOKIE_DOMAIN","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/YOUTUBE_NOCOOKIE_DOMAIN"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
iframe_api
www.youtube.com/ 		993 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=66&oid=109&uid=0&_ef_transaction_id=3283048eda1f4c299a05dfb3753fd411&n=6109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ee7bad7246ae2d16678993897b1b22a506841cbc03455b1d8fa566c19643b68b
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

content-encoding
br
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
x-content-type-options
nosniff
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
expires
Tue, 17 Dec 2024 00:09:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
date
Tue, 17 Dec 2024 00:09:34 GMT
content-type
text/javascript; charset=utf-8
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
content-security-policy
require-trusted-types-for 'script'
cache-control
private, max-age=0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
x-xss-protection
0
server
ESF
kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2
fonts.gstatic.com/s/librebaskerville/v14/ 		26 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/librebaskerville/v14/kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Libre+Baskerville:ital,wght@0,400;0,700;1,400&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.192.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f94.1e100.net
Software
sffe /
Resource Hash
6c6c9c3fad669c3d32227f5cc3467735c8211ddcf4f8c184c2e62e7f3ef7af44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://parasiterelief.com
Referer
https://fonts.googleapis.com/

Response headers

age
351899
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 12 Dec 2025 22:24:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 12 Dec 2024 22:24:35 GMT
last-modified
Tue, 26 Apr 2022 16:42:07 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
27120
x-xss-protection
0
server
sffe
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Libre+Baskerville:ital,wght@0,400;0,700;1,400&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.192.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f94.1e100.net
Software
sffe /
Resource Hash
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://parasiterelief.com
Referer
https://fonts.googleapis.com/

Response headers

age
383251
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 12 Dec 2025 13:42:03 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 12 Dec 2024 13:42:03 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18588
x-xss-protection
0
server
sffe
kmKiZrc3Hgbbcjq75U4uslyuy4kn0qviTgY3KcA.woff2
fonts.gstatic.com/s/librebaskerville/v14/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/librebaskerville/v14/kmKiZrc3Hgbbcjq75U4uslyuy4kn0qviTgY3KcA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Libre+Baskerville:ital,wght@0,400;0,700;1,400&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.192.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f94.1e100.net
Software
sffe /
Resource Hash
658cbf469e751ade6d30b701fc7ca00b3403329481955d30acb721ca38b45d99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://parasiterelief.com
Referer
https://fonts.googleapis.com/

Response headers

age
200027
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 14 Dec 2025 16:35:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 14 Dec 2024 16:35:47 GMT
last-modified
Tue, 26 Apr 2022 15:45:46 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
27976
x-xss-protection
0
server
sffe
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Libre+Baskerville:ital,wght@0,400;0,700;1,400&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.192.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f94.1e100.net
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://parasiterelief.com
Referer
https://fonts.googleapis.com/

Response headers

age
341533
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 13 Dec 2025 01:17:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 13 Dec 2024 01:17:21 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18536
x-xss-protection
0
server
sffe
lisa-king-d.png
parasiterelief.com/img/featured-on/king/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://parasiterelief.com/img/featured-on/king/lisa-king-d.png
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=66&oid=109&uid=0&_ef_transaction_id=3283048eda1f4c299a05dfb3753fd411&n=6109
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
100.28.91.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-28-91-13.compute-1.amazonaws.com
Software
nginx / Express
Resource Hash
d86dc3454bdf2110a74e7ba300b641a0700839347df9e6d08232dbbcde4fcde4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=66&oid=109&uid=0&_ef_transaction_id=3283048eda1f4c299a05dfb3753fd411&n=6109

Response headers

Cache-Control
public, max-age=0
ETag
W/"f6d8-18e4135a87d"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
63192
Date
Tue, 17 Dec 2024 00:09:34 GMT
Content-Type
image/png
X-Powered-By
Express
Server
nginx
Last-Modified
Fri, 15 Mar 2024 08:23:39 GMT
featured-logo-d.svg
parasiterelief.com/img/featured-on/king/ 		8 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://parasiterelief.com/img/featured-on/king/featured-logo-d.svg
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=66&oid=109&uid=0&_ef_transaction_id=3283048eda1f4c299a05dfb3753fd411&n=6109
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
100.28.91.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-28-91-13.compute-1.amazonaws.com
Software
nginx / Express
Resource Hash
3bb5fdf2030456fac4167dd69ab5137a70fd2bbf29931859454ead1057cb0a71

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=66&oid=109&uid=0&_ef_transaction_id=3283048eda1f4c299a05dfb3753fd411&n=6109

Response headers

Transfer-Encoding
chunked
Cache-Control
public, max-age=0
Content-Encoding
gzip
ETag
W/"1e33-18a9414c193"
Connection
keep-alive
Date
Tue, 17 Dec 2024 00:09:34 GMT
Content-Type
image/svg+xml
Vary
Accept-Encoding
Server
nginx
Last-Modified
Thu, 14 Sep 2023 14:25:02 GMT
X-Powered-By
Express
1564727430697990
connect.facebook.net/signals/config/ 		124 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1564727430697990?v=2.9.179&r=stable&domain=parasiterelief.com&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
318effafbc24ce963eaa484983631881251492728d3f66208828a0d6c4cb15ac
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-rIgbRO6C' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 17 Dec 2024 00:09:34 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-rIgbRO6C' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=29, rtx=0, c=77, mss=1232, tbw=70536, tp=65, tpl=0, uplat=1, ullat=-1
pragma
public
x-fb-debug
HDyJPdlDpBHu6GspzvCYkJnm8W6Kh8eDvFeUA1jCAKLIjm6X8F6T1lvqJ2B0ED5M39ipmlfT7C747Bt2HJJoow==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
25173
x-xss-protection
0
origin-agent-cluster
?1
www-widgetapi.js
www.youtube.com/s/player/2f1832d2/www-widgetapi.vflset/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/2f1832d2/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
14939503c8a97bef459ce94218f0e65933ab569f7b1d726bcb0b3c1031ebccf9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

content-encoding
br
age
5062
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options
nosniff
expires
Tue, 16 Dec 2025 22:45:12 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 16 Dec 2024 22:45:12 GMT
last-modified
Thu, 12 Dec 2024 05:03:26 GMT
content-type
text/javascript
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
content-length
10165
x-xss-protection
0
server
sffe
/
www.facebook.com/tr/ 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1564727430697990&ev=PageView&dl=https%3A%2F%2Fparasiterelief.com&rl=&if=false&ts=1734394174899&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4124&fbp=fb.1.1734394174892.170684383800673746&pm=1&hrl=a8f8dc&ler=empty&cdl=API_unavailable&it=1734394174821&coo=false&cs_cc=1&cas=9036266676424329%2C8363086123759757%2C7838478432919508%2C8310145692356020%2C7808196579309921%2C8291816517541543%2C26747147724898772%2C8091466284283326%2C7682833491828953%2C26354635170818523%2C8555092211170384%2C7943370402412903%2C7380041312118141%2C26332012029719400%2C7537928146268527%2C7569768856423732%2C6956987794406958%2C7643965295683699%2C7016066221832938%2C7034340400026828%2C7499405630081412%2C7849319038452565%2C7531362440252487%2C25098821783099281%2C6719320041512443%2C7102936886501940%2C8276521995696166%2C8802519899781626%2C6962207387217245%2C27429031483411275%2C25483935424583699%2C7553474568045692%2C7283762228396572%2C7421018521278531%2C7915744731874721%2C7458278260953465%2C7341818752581711%2C7638175802899297%2C6915087971930441%2C6641473062599882%2C7491519880884208%2C6070152103082584%2C6229531447108410%2C7346808755354401%2C8574786112581764%2C7383774944992711%2C8770218846327864&rqm=GET
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=66&oid=109&uid=0&_ef_transaction_id=3283048eda1f4c299a05dfb3753fd411&n=6109
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=28, rtx=0, c=23, mss=1232, tbw=4534, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Tue, 17 Dec 2024 00:09:34 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1564727430697990&ev=PageView&dl=https%3A%2F%2Fparasiterelief.com&rl=&if=false&ts=1734394174899&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4124&fbp=fb.1.1734394174892.170684383800673746&pm=1&hrl=a8f8dc&ler=empty&cdl=API_unavailable&it=1734394174821&coo=false&cs_cc=1&cas=9036266676424329%2C8363086123759757%2C7838478432919508%2C8310145692356020%2C7808196579309921%2C8291816517541543%2C26747147724898772%2C8091466284283326%2C7682833491828953%2C26354635170818523%2C8555092211170384%2C7943370402412903%2C7380041312118141%2C26332012029719400%2C7537928146268527%2C7569768856423732%2C6956987794406958%2C7643965295683699%2C7016066221832938%2C7034340400026828%2C7499405630081412%2C7849319038452565%2C7531362440252487%2C25098821783099281%2C6719320041512443%2C7102936886501940%2C8276521995696166%2C8802519899781626%2C6962207387217245%2C27429031483411275%2C25483935424583699%2C7553474568045692%2C7283762228396572%2C7421018521278531%2C7915744731874721%2C7458278260953465%2C7341818752581711%2C7638175802899297%2C6915087971930441%2C6641473062599882%2C7491519880884208%2C6070152103082584%2C6229531447108410%2C7346808755354401%2C8574786112581764%2C7383774944992711%2C8770218846327864&rqm=FGET
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=66&oid=109&uid=0&_ef_transaction_id=3283048eda1f4c299a05dfb3753fd411&n=6109
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7449166256814947857"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 17 Dec 2024 00:09:34 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
+J2DSYoJ48pZYfNBsSmCBoN8H8cQWWeIZlX5jfN2025QAOM088gyFxIZ2pElMyBaHQi1RqFLA5s1mLv/VHC7yg==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7449166256814947857", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=28, rtx=0, c=23, mss=1232, tbw=4854, tp=12, tpl=0, uplat=48, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
collect
www.google.com/ccm/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fparasiterelief.com%2Fpresentation&scrsrc=www.googletagmanager.com&frm=0&rnd=948794898.1734394175&dt=Cleanse24&auid=1939236442.1734394175&navt=n&npa=0&gtm=45He4cc1v9138730978za200&gcs=G111&gcd=13v3v3v3v5l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tft=1734394174968&tfd=1170&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJWJSDLX
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.192.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f99.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers
js
www.googletagmanager.com/gtag/ 		438 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-SSVM2TL5G6&l=dataLayer&cx=c&gtm=45He4cc1v9138730978za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJWJSDLX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
21fb96574f19da090ee5863278d391c136573d307be6ae9fe1aa4e61c5ffa6bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 17 Dec 2024 00:09:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Dec 2024 00:09:34 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
140862
x-xss-protection
0
server
Google Tag Manager
scevent.min.js
sc-static.net/ 		55 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJWJSDLX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.163.245.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
a3d4c1535d563d94e47dfc36fddbd24895428ac102e00b279b363b18cbc8ccb1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

cache-control
private, s-maxage=0, max-age=600
content-encoding
gzip
via
1.1 7211dc525b86f4a3fdf1dbeb59791392.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
23827
x-amz-cf-id
T9rM4UMB72416pB6U5AY19w8nsfkljH98EJ_MEODWVRjrShayvQs2Q==
date
Tue, 17 Dec 2024 00:09:35 GMT
content-type
application/javascript;charset=utf-8
x-amz-cf-pop
YUL62-P1
server
CloudFront
access-control-allow-headers
Content-Type
destination
www.googletagmanager.com/gtag/ 		223 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-13811400&l=dataLayer&cx=c&gtm=45He4cc1v9138730978za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJWJSDLX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d1eebc2e965c8fa58f9a8b4807a673d9a6aa8f677a7561b0c877611bbf12c5c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Tue, 17 Dec 2024 00:09:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Dec 2024 00:09:35 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
82065
x-xss-protection
0
server
Google Tag Manager
qevents.js
a.quora.com/ 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.quora.com/qevents.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJWJSDLX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.153.247 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3b9afdd92edf30d72dd52262c76b75781740b1cb885772194a47529eb1052df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"213a2084d90a782e0ad733a5aa1e3202"
x-amz-version-id
H8.HsgWNgKILi9JR9TiInGCbVTRmJIEG
age
1433208
expires
Tue, 17 Dec 2024 04:09:35 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 17 Dec 2024 00:09:35 GMT
content-type
text/plain
last-modified
Mon, 28 Oct 2024 23:32:34 GMT
vary
Accept-Encoding
x-amz-id-2
6nVEOrwm/qW5nzjZCoUJIVuA6hrTB0iA1riRe/o2IrvrHND6vAXxWxybDdiyDxN3OL5ZRCjT80k=
cache-control
public, max-age=14400
x-amz-meta-s3cmd-attrs
md5:213a2084d90a782e0ad733a5aa1e3202
x-amz-request-id
MQP4GM8A0BMH3BE5
cf-ray
8f32af6a5e5eab72-YYZ
server
cloudflare
x-amz-server-side-encryption
AES256
EuTwXXOV4Sc7dJbpixmK.js
tags.creativecdn.com/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.creativecdn.com/EuTwXXOV4Sc7dJbpixmK.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJWJSDLX
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::53 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
3ca9e609ef3f582aec6955e30de3ea1a0a33186bf6b10105d9e8391c4ba8ad21

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

x-goog-metageneration
1
x-goog-hash
crc32c=Dqq7NA==, md5=TM9Ddx5ISBq82bK8vb0n7Q==
content-encoding
gzip
etag
W/"4ccf43771e48481abcd9b2bcbdbd27ed"
x-77-cache
HIT
x-goog-stored-content-encoding
identity
expires
Mon, 07 Oct 2024 09:29:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
4724
date
Tue, 17 Dec 2024 00:09:35 GMT
content-type
application/javascript
last-modified
Mon, 07 Oct 2024 08:28:03 GMT
x-77-nzt-ray
8705ec34bff3e8323fc16067218fc30a
x-guploader-uploadid
AD-8ljvqeyiGUdNxgQFKzgv2hwNawkXRfEBGkFT279DZ5aRtcaJG5-AaAiyrvs_qfEW0Kp7cQIg
x-77-nzt
EgwBT3/OzgH39gEAAAwBnJI73wG3CAYAAA
cache-control
public, max-age=3600
vary
Accept-Encoding
x-goog-storage-class
STANDARD
x-77-pop
newyorkUSNY
x-goog-generation
1728289683362046
x-77-age
502
server
CDN77-Turbo
destination
www.googletagmanager.com/gtag/ 		233 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-14623190&l=dataLayer&cx=c&gtm=45He4cc1v9138730978za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJWJSDLX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3477b6d88fe386d24b7a547fd2ff7ff17faadeb8a770761529c2f03399e4cd06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Tue, 17 Dec 2024 00:09:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Dec 2024 00:09:35 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
84720
x-xss-protection
0
server
Google Tag Manager
ld.js
dynamic.criteo.com/js/ld/ 		50 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dynamic.criteo.com/js/ld/ld.js?a=116561
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJWJSDLX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a00b::6 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
24073239e3ac46b923845c483e3b9d78690ab97f2849ffcca6950562b5f9c68f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
public,max-age=10800
timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
date
Tue, 17 Dec 2024 00:09:34 GMT
content-type
application/javascript; charset=utf-8
vary
Origin, Accept-Encoding
server
Kestrel
ld.js
dynamic.criteo.com/js/ld/ 		50 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dynamic.criteo.com/js/ld/ld.js?a=116560
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJWJSDLX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a00b::6 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
29ba6e36de180cd0d5661f53fdda56a4d7c07ec1041fff343f3e0a1cc809367d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
public,max-age=10800
timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
date
Tue, 17 Dec 2024 00:09:34 GMT
content-type
application/javascript; charset=utf-8
vary
Origin, Accept-Encoding
server
Kestrel
ld.js
dynamic.criteo.com/js/ld/ 		50 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dynamic.criteo.com/js/ld/ld.js?a=116947
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJWJSDLX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a00b::6 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
1f618b2f23488c29ff95cd8eed34ee254983c0e4a95183400ce87f5b95782452
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
public,max-age=10800
timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
date
Tue, 17 Dec 2024 00:09:34 GMT
content-type
application/javascript; charset=utf-8
vary
Origin, Accept-Encoding
server
Kestrel
ld.js
dynamic.criteo.com/js/ld/ 		50 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dynamic.criteo.com/js/ld/ld.js?a=107998
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJWJSDLX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a00b::6 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
0c622a1fc94fd265a22e9cc52a06a468d0b3d16712d3049c344e0315746ce4c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
public,max-age=10800
timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
date
Tue, 17 Dec 2024 00:09:34 GMT
content-type
application/javascript; charset=utf-8
vary
Origin, Accept-Encoding
server
Kestrel
ld.js
dynamic.criteo.com/js/ld/ 		50 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dynamic.criteo.com/js/ld/ld.js?a=112954
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJWJSDLX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a00b::6 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
3e15f611dbbb35d36addd531e09799d84afd5d48e3b001bf855be432b45244f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
public,max-age=10800
timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
date
Tue, 17 Dec 2024 00:09:34 GMT
content-type
application/javascript; charset=utf-8
vary
Origin, Accept-Encoding
server
Kestrel
events.js
analytics.tiktok.com/i18n/pixel/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CF31TNRC77U6J4TVF330&lib=ttq
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=66&oid=109&uid=0&_ef_transaction_id=3283048eda1f4c299a05dfb3753fd411&n=6109
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.251.27 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-212-251-27.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
84d7857e41f2f7e9d0b9ab1664cf684a5791df69e825524f647b0bb57916d152

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

content-encoding
gzip
x-cache-remote
TCP_MISS from a23-220-106-203.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
expires
Tue, 17 Dec 2024 00:09:35 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=41, origin; dur=27, inner; dur=4
x-cache
TCP_MISS from a23-220-107-15.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date
Tue, 17 Dec 2024 00:09:35 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
x-akamai-request-id
1b654c8.2c97bd9a
x-tt-trace-host
01c6924f8812bfc1a214d7532ab5d94386ccb1997409bb6f8c5605fd648ab44dd9ad19ae25e01678677267ea2b9f95a0f44f58af7b76a240816c7579bba49f267a3056ddf054bf4317bd629bddede04fc70a82d9a5ff9ee71081dbcf970ecfa57c7a2b81035373f9630266ada909903889
x-origin-response-time
27,23.220.106.203
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-241217000935B2BB16114FED09611238-7D3E9E537DD77A67-00
content-length
2279
x-parent-response-time
60,23.220.107.15
x-tt-logid
20241217000935B2BB16114FED09611238
server
nginx
everflow.js
www.p8btrk.com/scripts/sdk/ 		60 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.p8btrk.com/scripts/sdk/everflow.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJWJSDLX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.199.247 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
247.199.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
ff285c3beb06a42b03ce3a8a860f160216bf3c3ea5c0aae96125c23c017c45b4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

cache-control
max-age=14400
content-encoding
gzip
accept-ch
Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
via
1.1 google
x-eflow-request-id
c98c7745-3057-4fee-b966-3f4fe4ab7102
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Dec 2024 00:09:35 GMT
content-type
text/javascript
vary
Origin
server
nginx
uwt.js
static.ads-twitter.com/ 		57 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=66&oid=109&uid=0&_ef_transaction_id=3283048eda1f4c299a05dfb3753fd411&n=6109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.28.157 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d4963b8afebfa0063b5d17b4c80f49bce702a37ea5c9b91bb3c996bb9dea4b60

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

vary
Accept-Encoding,Host
cache-control
no-cache
content-encoding
gzip
etag
"4328e910de583ad53b3a7a76455af005+gzip"
accept-ranges
bytes
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
15926
date
Tue, 17 Dec 2024 00:09:35 GMT
x-tw-cdn
FT
last-modified
Mon, 28 Oct 2024 20:49:35 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-iad-kiad7000066-IAD
x-amz-server-side-encryption
AES256
collect-g.js
d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/ 		105 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/collect-g.js?mid=LHP&channel=secure.parasiterelief.com
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJWJSDLX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.167.64.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-167-64-79.iad61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fbce52394fe6a49b42ec7c3eb2a5146948e786b7a6188502657ba28a062691dd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

content-encoding
gzip
etag
"c8164200b1af114ca9af998ceedb1fc2"
age
230166
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
QmHJZ1nzEruXJiYkGd7Ki8-f9vCkayayCK2eUQOkF9syvp7VvQryMA==
date
Sat, 14 Dec 2024 08:13:30 GMT
content-type
application/x-javascript; charset=UTF-8
last-modified
Fri, 12 Jul 2024 12:32:30 GMT
cache-control
max-age=604800,s-maxage=604800
via
1.1 654fa9454f8823b9a4b408142bde0d6e.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
20382
x-amz-cf-pop
IAD61-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
b-00tu.min.js
b-code.liadm.com/ 		136 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b-code.liadm.com/b-00tu.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJWJSDLX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2509:1a00:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
dab556cad655af64302c883a23b894b096b0f3e1a3b5c6159cf6dbf0840d818b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

cache-control
public,max-age=86400
content-encoding
gzip
age
57951
via
1.1 5e5b56398a1fcf5517d27e383d71ef9a.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
SgICPzJPDE-fOrhsZWQDZwp3biaEFyHbUdKjqAYWr_WOSvxkSrzT-g==
date
Mon, 16 Dec 2024 08:03:44 GMT
content-type
application/javascript
vary
Accept-Encoding
x-amz-cf-pop
IAD12-P2
lk2f3dtvw5
www.clarity.ms/tag/ 		740 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/lk2f3dtvw5?ref=gtm2
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=66&oid=109&uid=0&_ef_transaction_id=3283048eda1f4c299a05dfb3753fd411&n=6109
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cf85c69b2eb4d7f9d7e4961597e21abc0048fd56a416ad28a9b61550503caad5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

cache-control
no-cache, no-store
request-context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
expires
-1
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
740
date
Tue, 17 Dec 2024 00:09:35 GMT
content-type
application/x-javascript
x-azure-ref
20241217T000935Z-176fb8c9d7dgsgljhC1YTO058c0000000bq000000000608b
gtr.min.js
dsp-media.eskimi.com/assets/js/e/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dsp-media.eskimi.com/assets/js/e/gtr.min.js?_=0.0.0.5
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=66&oid=109&uid=0&_ef_transaction_id=3283048eda1f4c299a05dfb3753fd411&n=6109
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.236.105 Chicago, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
169-150-236-105.bunnyinfra.net
Software
BunnyCDN-IL1-1207 /
Resource Hash
2c86bcaebf54969da5081c17c6901cbe19ac041b80a3abda6890708eb545cec3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
"66d71d78-1353"
x-content-type-options
nosniff
expires
Wed, 24 Sep 2025 09:00:23 GMT
date
Tue, 17 Dec 2024 00:09:35 GMT
last-modified
Tue, 03 Sep 2024 14:30:16 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
cdn-cachedat
09/24/2024 09:00:23
cache-control
public, max-age=31536000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
ce2848ff-13c5-49e5-873d-af24ad423612
cdn-requestid
deb753a6e7f1e58d309035664cac8f1e
cdn-pullzone
692289
cdn-proxyver
1.04
access-control-allow-origin
*
cdn-edgestorageid
1029
server
BunnyCDN-IL1-1207
cdn-requestcountrycode
CA
js
www.googletagmanager.com/gtag/ 		233 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-14623190
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJWJSDLX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8f1c6616455c6f5db8e9c3af15e2829d3b5cadaec5f2f8c607a51b68bdc5e7ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 17 Dec 2024 00:09:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Dec 2024 00:09:35 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
84750
x-xss-protection
0
server
Google Tag Manager
widget_async.js
d2mjzob2nc713b.cloudfront.net/widget/
Redirect Chain
  • https://shop.pe/widget/widget_async.js
  • https://d2mjzob2nc713b.cloudfront.net/widget/widget_async.js
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2mjzob2nc713b.cloudfront.net/widget/widget_async.js
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=66&oid=109&uid=0&_ef_transaction_id=3283048eda1f4c299a05dfb3753fd411&n=6109
Protocol
H2
Server
2600:9000:28ac:8600:d:370a:51c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
220fa6b8f0c267c8d1c1be4ddcc1d6a752b585a79d45643dcad03487329066a4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

content-encoding
gzip
etag
"af8e4bc99db59d4e75ca9a8bad75506c"
age
2992
x-amz-meta-mtime
1733850094.02
x-cache
Hit from cloudfront
x-amz-cf-id
3MWUlrG1oAhB2wCl30movtS2CtJ0NKPUhfz5hC5SPoUiRRMoeUz6Aw==
date
Mon, 16 Dec 2024 23:19:44 GMT
content-type
application/javascript; charset=utf-8
vary
accept-encoding
last-modified
Tue, 10 Dec 2024 17:01:35 GMT
cache-control
max-age=3600, public
via
1.1 e0bed00f7c599b055dc1b21ec2ba7e72.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
1194
x-amz-cf-pop
IAD12-P5
server
AmazonS3
x-amz-server-side-encryption
AES256

Redirect headers

access-control-max-age
3000
location
https://d2mjzob2nc713b.cloudfront.net/widget/widget_async.js
access-control-allow-methods
GET
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
162
date
Tue, 17 Dec 2024 00:09:35 GMT
content-type
text/html
server
nginx
pixel
q.quora.com/_/ad/5bc59bb1d0314cfa83330176ba1e7ef3/ 		43 B
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.quora.com/_/ad/5bc59bb1d0314cfa83330176ba1e7ef3/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fparasiterelief.com%2Fpresentation%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dcleansevsl%26utm_campaign%3Dcleansecpa%26affid%3D66%26oid%3D109%26uid%3D0%26_ef_transaction_id%3D3283048eda1f4c299a05dfb3753fd411%26n%3D6109
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=66&oid=109&uid=0&_ef_transaction_id=3283048eda1f4c299a05dfb3753fd411&n=6109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.153.247 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
DYNAMIC
x-q-stat
,4729253d0da6dcc17953b4119554fd86,10.0.0.235,1976,167.114.209.103,,314169659019,1,1734394175.330,0.002,,.,0,0,0.000,0.000,-,0,0,203,150,75,10,34729,,,,,,-,
cf-ray
8f32af6bbfc6ab72-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
date
Tue, 17 Dec 2024 00:09:35 GMT
content-type
image/gif
server
cloudflare
sw_iframe.html
www.googletagmanager.com/static/service_worker/4cc0/ Frame BA90 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fparasiterelief.com
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJWJSDLX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
299534
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Fri, 13 Dec 2024 12:57:21 GMT
expires
Sat, 13 Dec 2025 12:57:21 GMT
last-modified
Thu, 12 Dec 2024 10:18:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
activityi;dc_pre=CNmI5uXBrYoDFTssiAkdu8ANJw;src=13811400;type=nda;cat=cl24_00;ord=1;num=2721080127429;npa=0;auiddc=1939236442.1734394175;ps=1;pcor=1527780946;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=...
13811400.fls.doubleclick.net/ Frame 141C
Redirect Chain
  • https://13811400.fls.doubleclick.net/activityi;src=13811400;type=nda;cat=cl24_00;ord=1;num=2721080127429;npa=0;auiddc=1939236442.1734394175;ps=1;pcor=1527780946;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;ua...
  • https://13811400.fls.doubleclick.net/activityi;dc_pre=CNmI5uXBrYoDFTssiAkdu8ANJw;src=13811400;type=nda;cat=cl24_00;ord=1;num=2721080127429;npa=0;auiddc=1939236442.1734394175;ps=1;pcor=1527780946;ua...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://13811400.fls.doubleclick.net/activityi;dc_pre=CNmI5uXBrYoDFTssiAkdu8ANJw;src=13811400;type=nda;cat=cl24_00;ord=1;num=2721080127429;npa=0;auiddc=1939236442.1734394175;ps=1;pcor=1527780946;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4cc1z89138730978za201zb9138730978;gcs=G111;gcd=13v3v3v3v5l1;dma=0;tag_exp=101925629~102067555~102067808~102081485~102198178;epver=2;~oref=https%3A%2F%2Fparasiterelief.com%2Fpresentation%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dcleansevsl%26utm_campaign%3Dcleansecpa%26affid%3D66%26oid%3D109%26uid%3D0%26_ef_transaction_id%3D3283048eda1f4c299a05dfb3753fd411%26n%3D6109?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-13811400&l=dataLayer&cx=c&gtm=45He4cc1v9138730978za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.148 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f148.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://parasiterelief.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
485
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 Dec 2024 00:09:35 GMT
expires
Tue, 17 Dec 2024 00:09:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 Dec 2024 00:09:35 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://13811400.fls.doubleclick.net/activityi;dc_pre=CNmI5uXBrYoDFTssiAkdu8ANJw;src=13811400;type=nda;cat=cl24_00;ord=1;num=2721080127429;npa=0;auiddc=1939236442.1734394175;ps=1;pcor=1527780946;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4cc1z89138730978za201zb9138730978;gcs=G111;gcd=13v3v3v3v5l1;dma=0;tag_exp=101925629~102067555~102067808~102081485~102198178;epver=2;~oref=https%3A%2F%2Fparasiterelief.com%2Fpresentation%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dcleansevsl%26utm_campaign%3Dcleansecpa%26affid%3D66%26oid%3D109%26uid%3D0%26_ef_transaction_id%3D3283048eda1f4c299a05dfb3753fd411%26n%3D6109?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;fledge=1;src=13811400;type=nda;cat=cl24_00;ord=1;num=2721080127429;npa=0;auiddc=1939236442.1734394175;ps=1;pcor=1527780946;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;...
td.doubleclick.net/td/fls/rul/ Frame 2B71 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=13811400;type=nda;cat=cl24_00;ord=1;num=2721080127429;npa=0;auiddc=1939236442.1734394175;ps=1;pcor=1527780946;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4cc1z89138730978za201zb9138730978;gcs=G111;gcd=13v3v3v3v5l1;dma=0;tag_exp=101925629~102067555~102067808~102081485~102198178;epver=2;~oref=https%3A%2F%2Fparasiterelief.com%2Fpresentation%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dcleansevsl%26utm_campaign%3Dcleansecpa%26affid%3D66%26oid%3D109%26uid%3D0%26_ef_transaction_id%3D3283048eda1f4c299a05dfb3753fd411%26n%3D6109?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-13811400&l=dataLayer&cx=c&gtm=45He4cc1v9138730978za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::9a Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://parasiterelief.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 Dec 2024 00:09:35 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activity;register_conversion=1;src=13811400;type=nda;cat=cl24_00;ord=1;num=2721080127429;npa=0;auiddc=1939236442.1734394175;ps=1;pcor=1527780946;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=...
ad.doubleclick.net/ 		0
0
UCAffiliateNetworkPixel
secure.parasiterelief.com/cgi-bin/ 		0
652 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.parasiterelief.com/cgi-bin/UCAffiliateNetworkPixel?t=0.2721509562343005&r=&u=https%3A%2F%2Fparasiterelief.com%2Fpresentation%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dcleansevsl%26utm_campaign%3Dcleansecpa%26affid%3D66%26oid%3D109%26uid%3D0%26_ef_transaction_id%3D3283048eda1f4c299a05dfb3753fd411%26n%3D6109
Requested by
Host: secure.parasiterelief.com
URL: https://secure.parasiterelief.com/cgi-bin/UCAffiliateNetworkPixel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
174.129.246.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-174-129-246-97.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Tue, 17 Dec 2024 00:09:35 GMT
server
Apache
register-conversion
www.google-analytics.com/privacy-sandbox/
Redirect Chain
  • https://analytics.google.com/g/collect?v=2&tid=G-SSVM2TL5G6&gtm=45je4cc1v871036254z89138730978za200zb9138730978&_p=1734394174596&_gaz=1&gcs=G111&gcd=13v3v3v3v5l1&npa=0&dma=0&tag_exp=101925629~10206...
  • https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1848701378.1734394175&dbk=2911087506820142877&dma=0&en=page_view&gcs=G111&gtm=45je4cc1v871036254z89138730978za200zb9138...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1848701378.1734394175&dbk=2911087506820142877&dma=0&en=page_view&gcs=G111&gtm=45je4cc1v871036254z89138730978za200zb9138730978&npa=0&tid=G-SSVM2TL5G6&dl=https%3A%2F%2Fparasiterelief.com%3F
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=66&oid=109&uid=0&_ef_transaction_id=3283048eda1f4c299a05dfb3753fd411&n=6109
Protocol
H2
Server
2607:f8b0:4004:c21::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgnc:90:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgnc:90:0
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
date
Tue, 17 Dec 2024 00:09:35 GMT
content-type
text/plain
server
Golfe2

Redirect headers

cache-control
no-cache, no-store, must-revalidate
location
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1848701378.1734394175&dbk=2911087506820142877&dma=0&en=page_view&gcs=G111&gtm=45je4cc1v871036254z89138730978za200zb9138730978&npa=0&tid=G-SSVM2TL5G6&dl=https%3A%2F%2Fparasiterelief.com%3F
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
498
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Dec 2024 00:09:35 GMT
content-type
text/html; charset=UTF-8
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
555 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-SSVM2TL5G6&cid=1848701378.1734394175&gtm=45je4cc1v871036254z89138730978za200zb9138730978&aip=1&dma=0&gcs=G111&gcd=13v3v3v3v5l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SSVM2TL5G6&l=dataLayer&cx=c&gtm=45He4cc1v9138730978za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c04::9a Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://parasiterelief.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Dec 2024 00:09:35 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame 21C3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-SSVM2TL5G6&gacid=1848701378.1734394175&gtm=45je4cc1v871036254z89138730978za200zb9138730978&dma=0&gcs=G111&gcd=13v3v3v3v5l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=769785730
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SSVM2TL5G6&l=dataLayer&cx=c&gtm=45He4cc1v9138730978za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::9a Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://parasiterelief.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 Dec 2024 00:09:35 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ga-audiences
www.google.ca/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-SSVM2TL5G6&cid=1848701378.1734394175&gtm=45je4cc1v871036254z89138730978za200zb9138730978&aip=1&dma=0&gcs=G111&gcd=13v3v3v3v5l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tag_exp=101925629~102067555~102067808~102081485~102198178&z=45495900
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=66&oid=109&uid=0&_ef_transaction_id=3283048eda1f4c299a05dfb3753fd411&n=6109
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 17 Dec 2024 00:09:35 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
activityi;fledge=1;src=14623190;type=invmedia;cat=cl24_0;ord=1028528760483;npa=0;auiddc=1939236442.1734394175;ps=1;pcor=1723115950;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gt...
td.doubleclick.net/td/fls/rul/ Frame 8EFB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=14623190;type=invmedia;cat=cl24_0;ord=1028528760483;npa=0;auiddc=1939236442.1734394175;ps=1;pcor=1723115950;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4cc1v9186162005z89138730978za201zb9138730978;gcs=G111;gcd=13v3v3v3v5l1;dma=0;tag_exp=101925629~102067555~102067808~102081485~102198178;epver=2;em=tv.1?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-14623190&l=dataLayer&cx=c&gtm=45He4cc1v9138730978za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::9a Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://parasiterelief.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 Dec 2024 00:09:35 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dc_pre=CJOm5-XBrYoDFdItiAkdE8w6ag;src=14623190;type=invmedia;cat=cl24_0;ord=1028528760483;npa=0;auiddc=*;ps=1;pcor=1723115950;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45f...
adservice.google.com/ddm/fls/z/
Redirect Chain
  • https://ad.doubleclick.net/activity;src=14623190;type=invmedia;cat=cl24_0;ord=1028528760483;npa=0;auiddc=1939236442.1734394175;ps=1;pcor=1723115950;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;psc...
  • https://ad.doubleclick.net/activity;dc_pre=CJOm5-XBrYoDFdItiAkdE8w6ag;src=14623190;type=invmedia;cat=cl24_0;ord=1028528760483;npa=0;auiddc=1939236442.1734394175;ps=1;pcor=1723115950;uaa=;uab=;uafvl...
  • https://adservice.google.com/ddm/fls/z/dc_pre=CJOm5-XBrYoDFdItiAkdE8w6ag;src=14623190;type=invmedia;cat=cl24_0;ord=1028528760483;npa=0;auiddc=*;ps=1;pcor=1723115950;uaa=;uab=;uafvl=;uamb=0;uam=;uap...
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CJOm5-XBrYoDFdItiAkdE8w6ag;src=14623190;type=invmedia;cat=cl24_0;ord=1028528760483;npa=0;auiddc=*;ps=1;pcor=1723115950;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4cc1v9186162005z89138730978za201zb9138730978;gcs=G111;gcd=13v3v3v3v5l1;dma=0;tag_exp=101925629~102067555~102067808~102081485~102198178;epver=2;em=tv.*
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=66&oid=109&uid=0&_ef_transaction_id=3283048eda1f4c299a05dfb3753fd411&n=6109
Protocol
H3
Server
209.85.144.154 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qv-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 17 Dec 2024 00:09:35 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Redirect headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
location
https://adservice.google.com/ddm/fls/z/dc_pre=CJOm5-XBrYoDFdItiAkdE8w6ag;src=14623190;type=invmedia;cat=cl24_0;ord=1028528760483;npa=0;auiddc=*;ps=1;pcor=1723115950;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4cc1v9186162005z89138730978za201zb9138730978;gcs=G111;gcd=13v3v3v3v5l1;dma=0;tag_exp=101925629~102067555~102067808~102081485~102198178;epver=2;em=tv.*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Tue, 17 Dec 2024 00:09:35 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
cafe
activity;register_conversion=1;src=14623190;type=invmedia;cat=cl24_0;ord=1028528760483;npa=0;auiddc=1939236442.1734394175;ps=1;pcor=1723115950;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=no...
ad.doubleclick.net/ 		0
24 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/activity;register_conversion=1;src=14623190;type=invmedia;cat=cl24_0;ord=1028528760483;npa=0;auiddc=1939236442.1734394175;ps=1;pcor=1723115950;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4cc1v9186162005z89138730978za201zb9138730978;gcs=G111;gcd=13v3v3v3v5l1;dma=0;tag_exp=101925629~102067555~102067808~102081485~102198178;epver=2;em=tv.1?
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=66&oid=109&uid=0&_ef_transaction_id=3283048eda1f4c299a05dfb3753fd411&n=6109
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.222.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qi-in-f149.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Tue, 17 Dec 2024 00:09:35 GMT
attribution-reporting-register-trigger
{"aggregatable_deduplication_keys":[{"deduplication_key":"12615098297808296669"}],"aggregatable_trigger_data":[{"filters":[{"14":["105901431"]}],"key_piece":"0x23e7b848ddf8237d","source_keys":["12","13","14","15","16","17","18","19","20","21","30256384","30256385","30256386","30256387","30266496","30266497","30266498","30266499","644012468","644012469","644012470","644012471","644022452","644022453","644022454","644022455"]},{"key_piece":"0x8514b3f3d3c80116","not_filters":{"14":["105901431"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","30256384","30256385","30256386","30256387","30266496","30266497","30266498","30266499","644012468","644012469","644012470","644012471","644022452","644022453","644022454","644022455"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"30256384":50,"30256385":50,"30256386":50,"30256387":4889,"30266496":65,"30266497":65,"30266498":65,"30266499":6356,"644012468":36,"644012469":36,"644012470":36,"644012471":3530,"644022452":34,"644022453":34,"644022454":34,"644022455":3345},"aggregation_coordinator_origin":"https://publickeyservice.msmt.gcp.privacysandboxservices.com","debug_key":"17495048440951195801","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"12615098297808296669","filters":[{"14":["105901431"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"12615098297808296669","filters":[{"14":["105901431"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"12615098297808296669","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"12615098297808296669","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["14623190"]}}
content-type
image/png
x-xss-protection
0
server
cafe
f678a30c-e5ae-4cd8-bcad-24f697d75c41.json
tr.snapchat.com/config/com/ 		116 B
416 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/config/com/f678a30c-e5ae-4cd8-bcad-24f697d75c41.json?v=3.35.0-2412161852
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
1c861c26773390863ae121a67ec84609a45d31dc45c36c13cca0f456b92f53c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
accept
application/json
Referer
https://parasiterelief.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time
39
access-control-allow-credentials
true
observe-browsing-topics
?1
via
1.1 google, 1.1 google
access-control-allow-origin
https://parasiterelief.com
alt-svc
clear, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
116
date
Tue, 17 Dec 2024 00:09:35 GMT
content-type
application/json
server
API Gateway
i
tr.snapchat.com/cm/ Frame 2CB2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/cm/i?pid=f678a30c-e5ae-4cd8-bcad-24f697d75c41&u_scsid=0662fe3f-6479-4671-be33-b3d49cc54ae0&u_sclid=e099c1f9-2b03-4b0c-8644-71e59dd3bf57
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer
https://parasiterelief.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
672
content-type
text/html
date
Tue, 17 Dec 2024 00:09:35 GMT
server
API Gateway
strict-transport-security
max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via
1.1 google, 1.1 google
x-envoy-upstream-service-time
1
21444b75-45eb-4207-bb22-dc5f286db86b.js
tr.snapchat.com/config/com/ 		209 B
284 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/config/com/21444b75-45eb-4207-bb22-dc5f286db86b.js?v=3.35.0-2412161852
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
2584c30cbf17a03b1b14c4da75932e38324e8b7e126420fc69f6c117ff60d132
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://parasiterelief.com
Referer
https://parasiterelief.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time
39
access-control-allow-credentials
true
via
1.1 google, 1.1 google
access-control-allow-origin
https://parasiterelief.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
209
date
Tue, 17 Dec 2024 00:09:35 GMT
content-type
application/javascript
server
API Gateway
i
tr.snapchat.com/cm/ Frame A18C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/cm/i?pid=21444b75-45eb-4207-bb22-dc5f286db86b&u_scsid=0662fe3f-6479-4671-be33-b3d49cc54ae0&u_sclid=e099c1f9-2b03-4b0c-8644-71e59dd3bf57
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer
https://parasiterelief.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
672
content-type
text/html
date
Tue, 17 Dec 2024 00:09:35 GMT
server
API Gateway
strict-transport-security
max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via
1.1 google, 1.1 google
x-envoy-upstream-service-time
0
p
tr.snapchat.com/ 		68 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.snapchat.com/p?pid=f678a30c-e5ae-4cd8-bcad-24f697d75c41&ev=PAGE_VIEW&intg=gtm&pids=f678a30c-e5ae-4cd8-bcad-24f697d75c41&u_c1=084462b0-6033-4a3c-aced-9a9d5feff1a3&cdid=%40-3fddbf43-75bf-4af4-bf05-b3a8bfcc0611&u_sclid=e099c1f9-2b03-4b0c-8644-71e59dd3bf57&u_scsid=0662fe3f-6479-4671-be33-b3d49cc54ae0&bg=false&bt=1d53c387&d_bvs=%5B%5D&df=true&huah=true&m_dcl=925&m_fcps=990&m_pi=925&m_pl=0&m_pv=2&m_rd=1539&m_sh=1200&m_sl=1499&m_sw=1600&pl=https%3A%2F%2Fparasiterelief.com%2Fpresentation%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dcleansevsl%26utm_campaign%3Dcleansecpa%26affid%3D66%26oid%3D109%26uid%3D0%26_ef_transaction_id%3D3283048eda1f4c299a05dfb3753fd411%26n%3D6109&trackId=c1b8123d-7680-4dce-a8d1-dec39d0e9d81&ts=1734394175337&v=3.35.0-2412161852
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=66&oid=109&uid=0&_ef_transaction_id=3283048eda1f4c299a05dfb3753fd411&n=6109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
cache-control
no-cache, no-transform
x-envoy-upstream-service-time
3
via
1.1 google, 1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
date
Tue, 17 Dec 2024 00:09:35 GMT
content-type
image/png
server
API Gateway
p
tr.snapchat.com/ 		68 B
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.snapchat.com/p?pid=21444b75-45eb-4207-bb22-dc5f286db86b&ev=PAGE_VIEW&intg=gtm&pids=21444b75-45eb-4207-bb22-dc5f286db86b&u_c1=084462b0-6033-4a3c-aced-9a9d5feff1a3&cdid=%40-5cbab0da-bebb-43c8-aa70-4667824efc41&u_sclid=e099c1f9-2b03-4b0c-8644-71e59dd3bf57&u_scsid=0662fe3f-6479-4671-be33-b3d49cc54ae0&bg=false&bt=1d53c387&d_bvs=%5B%5D&df=true&huah=true&m_dcl=925&m_fcps=990&m_pi=925&m_pl=0&m_pv=2&m_rd=1543&m_sh=1200&m_sl=1499&m_sw=1600&pl=https%3A%2F%2Fparasiterelief.com%2Fpresentation%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dcleansevsl%26utm_campaign%3Dcleansecpa%26affid%3D66%26oid%3D109%26uid%3D0%26_ef_transaction_id%3D3283048eda1f4c299a05dfb3753fd411%26n%3D6109&trackId=a19b5141-1bbc-499d-95a6-4eaa50fee95e&ts=1734394175341&v=3.35.0-2412161852
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=66&oid=109&uid=0&_ef_transaction_id=3283048eda1f4c299a05dfb3753fd411&n=6109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
cache-control
no-cache, no-transform
x-envoy-upstream-service-time
22
via
1.1 google, 1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
date
Tue, 17 Dec 2024 00:09:35 GMT
content-type
image/png
server
API Gateway
event
widget.eu.criteo.com/
Redirect Chain
  • https://sslwidget.criteo.com/event?a=116561&v=5.29.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26tms%3DCriteo%2520GTM%2520Enhanced%2520(Retail)%2520(GA4)%2520-%2520v14%26av%3Dtrue%26p%3D1&adce=1&s...
  • https://widget.eu.criteo.com/event?a=116561&v=5.29.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26tms%3DCriteo%2520GTM%2520Enhanced%2520(Retail)%2520(GA4)%2520-%2520v14%26av%3Dtrue%26p%3D1&adce=1&s...
2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.eu.criteo.com/event?a=116561&v=5.29.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26tms%3DCriteo%2520GTM%2520Enhanced%2520(Retail)%2520(GA4)%2520-%2520v14%26av%3Dtrue%26p%3D1&adce=1&sc=%7B%22fbp%22%3A%22fb.1.1734394174892.170684383800673746%22%7D&tld=parasiterelief.com&dy=1&fu=https%253A%252F%252Fparasiterelief.com%252Fpresentation%253Futm_source%253Dcpa%2526utm_medium%253Daffiliate%2526utm_content%253Dcleansevsl%2526utm_campaign%253Dcleansecpa%2526affid%253D66%2526oid%253D109%2526uid%253D0%2526_ef_transaction_id%253D3283048eda1f4c299a05dfb3753fd411%2526n%253D6109&ceid=72291997-c640-41b3-8d78-836ebd9f2fd8
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=66&oid=109&uid=0&_ef_transaction_id=3283048eda1f4c299a05dfb3753fd411&n=6109
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
271412ba12757775b904c1c27dc905b0fd563c731477d01b8c294446075b8ecd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache
timing-allow-origin
*
content-encoding
gzip
pragma
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
8089918
expires
0
access-control-allow-origin
*
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
date
Tue, 17 Dec 2024 00:09:35 GMT
content-type
application/x-javascript
server
Kestrel

Redirect headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache
location
https://widget.eu.criteo.com/event?a=116561&v=5.29.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26tms%3DCriteo%2520GTM%2520Enhanced%2520(Retail)%2520(GA4)%2520-%2520v14%26av%3Dtrue%26p%3D1&adce=1&sc=%7B%22fbp%22%3A%22fb.1.1734394174892.170684383800673746%22%7D&tld=parasiterelief.com&dy=1&fu=https%253A%252F%252Fparasiterelief.com%252Fpresentation%253Futm_source%253Dcpa%2526utm_medium%253Daffiliate%2526utm_content%253Dcleansevsl%2526utm_campaign%253Dcleansecpa%2526affid%253D66%2526oid%253D109%2526uid%253D0%2526_ef_transaction_id%253D3283048eda1f4c299a05dfb3753fd411%2526n%253D6109&ceid=72291997-c640-41b3-8d78-836ebd9f2fd8
content-encoding
gzip
pragma
no-cache
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1600923
expires
0
access-control-allow-origin
*
content-length
0
date
Tue, 17 Dec 2024 00:09:34 GMT
server
Kestrel
event
widget.eu.criteo.com/
Redirect Chain
  • https://sslwidget.criteo.com/event?a=116561&v=5.29.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh%26tms%3DCriteo%2520GTM%2520Enhanced%2520(Retail)%2520(GA4)%2520-%2520v14&adce=1&sc=%7B%22fbp%22%3A%22...
  • https://widget.eu.criteo.com/event?a=116561&v=5.29.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh%26tms%3DCriteo%2520GTM%2520Enhanced%2520(Retail)%2520(GA4)%2520-%2520v14&adce=1&sc=%7B%22fbp%22%3A%22...
2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.eu.criteo.com/event?a=116561&v=5.29.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh%26tms%3DCriteo%2520GTM%2520Enhanced%2520(Retail)%2520(GA4)%2520-%2520v14&adce=1&sc=%7B%22fbp%22%3A%22fb.1.1734394174892.170684383800673746%22%7D&tld=parasiterelief.com&dy=1&fu=https%253A%252F%252Fparasiterelief.com%252Fpresentation%253Futm_source%253Dcpa%2526utm_medium%253Daffiliate%2526utm_content%253Dcleansevsl%2526utm_campaign%253Dcleansecpa%2526affid%253D66%2526oid%253D109%2526uid%253D0%2526_ef_transaction_id%253D3283048eda1f4c299a05dfb3753fd411%2526n%253D6109&ceid=bc9e0298-9f2c-443e-8b52-14e76dfdff21
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=66&oid=109&uid=0&_ef_transaction_id=3283048eda1f4c299a05dfb3753fd411&n=6109
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
dd2d43d37efe6bbf157c8df79b4b88e363bb93532a9694c49aa95efc1bfceb6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache
timing-allow-origin
*
content-encoding
gzip
pragma
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
4853082
expires
0
access-control-allow-origin
*
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
date
Tue, 17 Dec 2024 00:09:35 GMT
content-type
application/x-javascript
server
Kestrel

Redirect headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache
location
https://widget.eu.criteo.com/event?a=116561&v=5.29.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh%26tms%3DCriteo%2520GTM%2520Enhanced%2520(Retail)%2520(GA4)%2520-%2520v14&adce=1&sc=%7B%22fbp%22%3A%22fb.1.1734394174892.170684383800673746%22%7D&tld=parasiterelief.com&dy=1&fu=https%253A%252F%252Fparasiterelief.com%252Fpresentation%253Futm_source%253Dcpa%2526utm_medium%253Daffiliate%2526utm_content%253Dcleansevsl%2526utm_campaign%253Dcleansecpa%2526affid%253D66%2526oid%253D109%2526uid%253D0%2526_ef_transaction_id%253D3283048eda1f4c299a05dfb3753fd411%2526n%253D6109&ceid=bc9e0298-9f2c-443e-8b52-14e76dfdff21
content-encoding
gzip
pragma
no-cache
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1406848
expires
0
access-control-allow-origin
*
content-length
0
date
Tue, 17 Dec 2024 00:09:34 GMT
server
Kestrel
event
sslwidget.criteo.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sslwidget.criteo.com/event?a=%5B116560%5D&v=5.29.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh%26tms%3DCriteo%2520GTM%2520Enhanced%2520(Retail)%2520(GA4)%2520-%2520v14&adce=1&sc=%7B%22fbp%22%3A%22fb.1.1734394174892.170684383800673746%22%7D&tld=parasiterelief.com&dy=1&fu=https%253A%252F%252Fparasiterelief.com%252Fpresentation%253Futm_source%253Dcpa%2526utm_medium%253Daffiliate%2526utm_content%253Dcleansevsl%2526utm_campaign%253Dcleansecpa%2526affid%253D66%2526oid%253D109%2526uid%253D0%2526_ef_transaction_id%253D3283048eda1f4c299a05dfb3753fd411%2526n%253D6109&ceid=26e1defb-d590-4a70-b17c-86c544abdaeb
Requested by
Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=107998
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.117.16 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
1c97d84aa36d1d4e878d0d3832034b99725ddff93ded97d72ae2350ae7c019d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache
timing-allow-origin
*
content-encoding
gzip
pragma
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3753801
expires
0
access-control-allow-origin
*
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
date
Tue, 17 Dec 2024 00:09:35 GMT
content-type
application/x-javascript
server
Kestrel
event
sslwidget.criteo.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sslwidget.criteo.com/event?a=%5B116560%5D&v=5.29.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26tms%3DCriteo%2520GTM%2520Enhanced%2520(Retail)%2520(GA4)%2520-%2520v14%26av%3Dtrue%26p%3D1&adce=1&sc=%7B%22fbp%22%3A%22fb.1.1734394174892.170684383800673746%22%7D&tld=parasiterelief.com&dy=1&fu=https%253A%252F%252Fparasiterelief.com%252Fpresentation%253Futm_source%253Dcpa%2526utm_medium%253Daffiliate%2526utm_content%253Dcleansevsl%2526utm_campaign%253Dcleansecpa%2526affid%253D66%2526oid%253D109%2526uid%253D0%2526_ef_transaction_id%253D3283048eda1f4c299a05dfb3753fd411%2526n%253D6109&ceid=912ac1e5-2f1a-4d07-8af5-34c997e25aef
Requested by
Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=107998
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.117.16 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
afce438457e4ab43de985d62d137f26d2a46f357cc8d94757e4184e8153aa287
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache
timing-allow-origin
*
content-encoding
gzip
pragma
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3887337
expires
0
access-control-allow-origin
*
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
date
Tue, 17 Dec 2024 00:09:35 GMT
content-type
application/x-javascript
server
Kestrel
event
widget.as.criteo.com/
Redirect Chain
  • https://sslwidget.criteo.com/event?a=%5B116947%5D&v=5.29.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh%26tms%3DCriteo%2520GTM%2520Enhanced%2520(Retail)%2520(GA4)%2520-%2520v14&adce=1&sc=%7B%22fbp%22...
  • https://widget.as.criteo.com/event?a=%5B116947%5D&v=5.29.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh%26tms%3DCriteo%2520GTM%2520Enhanced%2520(Retail)%2520(GA4)%2520-%2520v14&adce=1&sc=%7B%22fbp%22...
2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.as.criteo.com/event?a=%5B116947%5D&v=5.29.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh%26tms%3DCriteo%2520GTM%2520Enhanced%2520(Retail)%2520(GA4)%2520-%2520v14&adce=1&sc=%7B%22fbp%22%3A%22fb.1.1734394174892.170684383800673746%22%7D&tld=parasiterelief.com&dy=1&fu=https%253A%252F%252Fparasiterelief.com%252Fpresentation%253Futm_source%253Dcpa%2526utm_medium%253Daffiliate%2526utm_content%253Dcleansevsl%2526utm_campaign%253Dcleansecpa%2526affid%253D66%2526oid%253D109%2526uid%253D0%2526_ef_transaction_id%253D3283048eda1f4c299a05dfb3753fd411%2526n%253D6109&ceid=28c06dbf-6aec-4504-beeb-d933e10d6b66
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=66&oid=109&uid=0&_ef_transaction_id=3283048eda1f4c299a05dfb3753fd411&n=6109
Protocol
H2
Server
182.161.74.16 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
87b21f502704e4562d38b702db98e48ac5967c0575912d537911493676a14da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache
timing-allow-origin
*
content-encoding
gzip
pragma
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
18811619
expires
0
access-control-allow-origin
*
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
date
Tue, 17 Dec 2024 00:09:35 GMT
content-type
application/x-javascript
server
Kestrel

Redirect headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache
location
https://widget.as.criteo.com/event?a=%5B116947%5D&v=5.29.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh%26tms%3DCriteo%2520GTM%2520Enhanced%2520(Retail)%2520(GA4)%2520-%2520v14&adce=1&sc=%7B%22fbp%22%3A%22fb.1.1734394174892.170684383800673746%22%7D&tld=parasiterelief.com&dy=1&fu=https%253A%252F%252Fparasiterelief.com%252Fpresentation%253Futm_source%253Dcpa%2526utm_medium%253Daffiliate%2526utm_content%253Dcleansevsl%2526utm_campaign%253Dcleansecpa%2526affid%253D66%2526oid%253D109%2526uid%253D0%2526_ef_transaction_id%253D3283048eda1f4c299a05dfb3753fd411%2526n%253D6109&ceid=28c06dbf-6aec-4504-beeb-d933e10d6b66
content-encoding
gzip
pragma
no-cache
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2620799
expires
0
access-control-allow-origin
*
content-length
0
date
Tue, 17 Dec 2024 00:09:35 GMT
server
Kestrel
event
widget.as.criteo.com/
Redirect Chain
  • https://sslwidget.criteo.com/event?a=%5B116947%5D&v=5.29.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26tms%3DCriteo%2520GTM%2520Enhanced%2520(Retail)%2520(GA4)%2520-%2520v14%26av%3Dtrue%26p%3D1&ad...
  • https://widget.as.criteo.com/event?a=%5B116947%5D&v=5.29.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26tms%3DCriteo%2520GTM%2520Enhanced%2520(Retail)%2520(GA4)%2520-%2520v14%26av%3Dtrue%26p%3D1&ad...
2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.as.criteo.com/event?a=%5B116947%5D&v=5.29.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26tms%3DCriteo%2520GTM%2520Enhanced%2520(Retail)%2520(GA4)%2520-%2520v14%26av%3Dtrue%26p%3D1&adce=1&sc=%7B%22fbp%22%3A%22fb.1.1734394174892.170684383800673746%22%7D&tld=parasiterelief.com&dy=1&fu=https%253A%252F%252Fparasiterelief.com%252Fpresentation%253Futm_source%253Dcpa%2526utm_medium%253Daffiliate%2526utm_content%253Dcleansevsl%2526utm_campaign%253Dcleansecpa%2526affid%253D66%2526oid%253D109%2526uid%253D0%2526_ef_transaction_id%253D3283048eda1f4c299a05dfb3753fd411%2526n%253D6109&ceid=7a390590-22d1-4e87-bf0e-2c76a338788b
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=66&oid=109&uid=0&_ef_transaction_id=3283048eda1f4c299a05dfb3753fd411&n=6109
Protocol
H2
Server
182.161.74.16 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
2c4cc7b575ccefb06baf63525b6191180272fa26967f1dc87d55735430198fbd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache
timing-allow-origin
*
content-encoding
gzip
pragma
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
4679826
expires
0
access-control-allow-origin
*
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
date
Tue, 17 Dec 2024 00:09:35 GMT
content-type
application/x-javascript
server
Kestrel

Redirect headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache
location
https://widget.as.criteo.com/event?a=%5B116947%5D&v=5.29.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26tms%3DCriteo%2520GTM%2520Enhanced%2520(Retail)%2520(GA4)%2520-%2520v14%26av%3Dtrue%26p%3D1&adce=1&sc=%7B%22fbp%22%3A%22fb.1.1734394174892.170684383800673746%22%7D&tld=parasiterelief.com&dy=1&fu=https%253A%252F%252Fparasiterelief.com%252Fpresentation%253Futm_source%253Dcpa%2526utm_medium%253Daffiliate%2526utm_content%253Dcleansevsl%2526utm_campaign%253Dcleansecpa%2526affid%253D66%2526oid%253D109%2526uid%253D0%2526_ef_transaction_id%253D3283048eda1f4c299a05dfb3753fd411%2526n%253D6109&ceid=7a390590-22d1-4e87-bf0e-2c76a338788b
content-encoding
gzip
pragma
no-cache
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
4179425
expires
0
access-control-allow-origin
*
content-length
0
date
Tue, 17 Dec 2024 00:09:35 GMT
server
Kestrel
event
sslwidget.criteo.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sslwidget.criteo.com/event?a=%5B107998%5D&v=5.29.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh%26tms%3DCriteo%2520GTM%2520Enhanced%2520(Retail)%2520(GA4)%2520-%2520v14&adce=1&sc=%7B%22fbp%22%3A%22fb.1.1734394174892.170684383800673746%22%7D&tld=parasiterelief.com&dy=1&fu=https%253A%252F%252Fparasiterelief.com%252Fpresentation%253Futm_source%253Dcpa%2526utm_medium%253Daffiliate%2526utm_content%253Dcleansevsl%2526utm_campaign%253Dcleansecpa%2526affid%253D66%2526oid%253D109%2526uid%253D0%2526_ef_transaction_id%253D3283048eda1f4c299a05dfb3753fd411%2526n%253D6109&ceid=f4941a84-c56b-4a30-a9af-506cd412f5a8
Requested by
Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=107998
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.117.16 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
3fae700986c3cdf7aa09c919d0f834337ae0da6dbd402894349cb7828a25ddc0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache
timing-allow-origin
*
content-encoding
gzip
pragma
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
4934499
expires
0
access-control-allow-origin
*
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
date
Tue, 17 Dec 2024 00:09:35 GMT
content-type
application/x-javascript
server
Kestrel
event
sslwidget.criteo.com/ 		28 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sslwidget.criteo.com/event?a=%5B107998%5D&v=5.29.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26tms%3DCriteo%2520GTM%2520Enhanced%2520(Retail)%2520(GA4)%2520-%2520v14%26av%3Dtrue%26p%3D1&p2=e%3Ddis%26a%3D%255B116561%252C116560%252C116947%252C107998%255D&adce=1&sc=%7B%22fbp%22%3A%22fb.1.1734394174892.170684383800673746%22%7D&tld=parasiterelief.com&dy=1&fu=https%253A%252F%252Fparasiterelief.com%252Fpresentation%253Futm_source%253Dcpa%2526utm_medium%253Daffiliate%2526utm_content%253Dcleansevsl%2526utm_campaign%253Dcleansecpa%2526affid%253D66%2526oid%253D109%2526uid%253D0%2526_ef_transaction_id%253D3283048eda1f4c299a05dfb3753fd411%2526n%253D6109&ceid=34af01a8-5da5-4985-995b-5bc2408a69dc
Requested by
Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=107998
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.117.16 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
bea4a0aca08ce4e1787559b48e7b6827d520eed7d47515b7addecd1ee1b88d0f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache
timing-allow-origin
*
content-encoding
gzip
pragma
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
42460699
expires
0
access-control-allow-origin
*
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
date
Tue, 17 Dec 2024 00:09:35 GMT
content-type
application/x-javascript
server
Kestrel
v2
us.creativecdn.com/tags/
Redirect Chain
  • https://us.creativecdn.com/tags/v2?type=json
  • https://us.creativecdn.com/tags/v2?type=json&tc=1
1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://us.creativecdn.com/tags/v2?type=json&tc=1
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=66&oid=109&uid=0&_ef_transaction_id=3283048eda1f4c299a05dfb3753fd411&n=6109
Protocol
H2
Server
185.184.10.30 , Cyprus, ASN203690 (RTB-HOUSE-ASH RTB Marketing and Tech Services Ltd, CY),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash
dba303637973b3ce971a1ff30f641a180271a541d410418020a3cfb0d6beece8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=66&oid=109&uid=0&_ef_transaction_id=3283048eda1f4c299a05dfb3753fd411&n=6109

Response headers

access-control-max-age
3600
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
GET, POST
expires
Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin
https://parasiterelief.com
content-length
1019
date
Tue, 17 Dec 2024 00:09:36 GMT, Tue, 17 Dec 2024 00:09:36 GMT
content-type
application/json;charset=utf-8
vary
Origin

Redirect headers

access-control-max-age
3600
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
location
https://us.creativecdn.com/tags/v2?type=json&tc=1
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
GET, POST
expires
Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin
https://parasiterelief.com
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-length
0
date
Tue, 17 Dec 2024 00:09:36 GMT, Tue, 17 Dec 2024 00:09:36 GMT
vary
Origin
adsct
t.co/1/i/ 		43 B
629 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/1/i/adsct?bci=4&dv=America%2FVancouver%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2648%2624%261600%261200%260%26na&eci=3&event=%7B%7D&event_id=0bbbafd6-ec6b-480f-80f5-a7626829436f&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=8adc8194-7147-43bd-ad7c-2a067e4cda20&tw_document_href=https%3A%2F%2Fparasiterelief.com%2Fpresentation%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dcleansevsl%26utm_campaign%3Dcleansecpa%26affid%3D66%26oid%3D109%26uid%3D0%26_ef_transaction_id%3D3283048eda1f4c299a05dfb3753fd411%26n%3D6109&tw_iframe_status=0&txn_id=omgp6&type=javascript&version=2.3.31
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=66&oid=109&uid=0&_ef_transaction_id=3283048eda1f4c299a05dfb3753fd411&n=6109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.140.229 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

strict-transport-security
max-age=0
x-transaction-id
13c15dcd1a824057
cache-control
no-cache, no-store, max-age=0
x-connection-hash
6314c34b065ad5dfed8dd38d2681a30d999fd8c0915332a27ea0deb6b5097854
cf-cache-status
DYNAMIC
cf-ray
8f32af6e1ceaaad3-YYZ
x-response-time
5
content-length
43
date
Tue, 17 Dec 2024 00:09:35 GMT
content-type
image/gif;charset=utf-8
perf
7402827104
server
cloudflare tsa_b
adsct
analytics.twitter.com/1/i/ 		43 B
723 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&dv=America%2FVancouver%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2648%2624%261600%261200%260%26na&eci=3&event=%7B%7D&event_id=0bbbafd6-ec6b-480f-80f5-a7626829436f&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=8adc8194-7147-43bd-ad7c-2a067e4cda20&tw_document_href=https%3A%2F%2Fparasiterelief.com%2Fpresentation%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dcleansevsl%26utm_campaign%3Dcleansecpa%26affid%3D66%26oid%3D109%26uid%3D0%26_ef_transaction_id%3D3283048eda1f4c299a05dfb3753fd411%26n%3D6109&tw_iframe_status=0&txn_id=omgp6&type=javascript&version=2.3.31
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=66&oid=109&uid=0&_ef_transaction_id=3283048eda1f4c299a05dfb3753fd411&n=6109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.3 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

strict-transport-security
max-age=631138519
x-transaction-id
de03c2fc819af176
cache-control
no-cache, no-store, max-age=0
x-connection-hash
402d07c32ac8648942e192fd8c310517e7353a3dc7b6f675c6ae2fe515caf713
x-response-time
77
content-length
43
date
Tue, 17 Dec 2024 00:09:35 GMT
perf
7402827104
content-type
image/gif;charset=utf-8
server
tsa_b
adsct
t.co/1/i/ 		43 B
471 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/1/i/adsct?bci=4&dv=America%2FVancouver%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2648%2624%261600%261200%260%26na&eci=4&event=%7B%7D&event_id=6d3a95f1-54b3-45ae-827a-205d9e31c581&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=8adc8194-7147-43bd-ad7c-2a067e4cda20&tw_document_href=https%3A%2F%2Fparasiterelief.com%2Fpresentation%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dcleansevsl%26utm_campaign%3Dcleansecpa%26affid%3D66%26oid%3D109%26uid%3D0%26_ef_transaction_id%3D3283048eda1f4c299a05dfb3753fd411%26n%3D6109&tw_iframe_status=0&txn_id=tw-omgp6-omgpb&type=javascript&version=2.3.31
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=66&oid=109&uid=0&_ef_transaction_id=3283048eda1f4c299a05dfb3753fd411&n=6109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.140.229 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

strict-transport-security
max-age=0
x-transaction-id
4b70cf82ee3b9714
cache-control
no-cache, no-store, max-age=0
x-connection-hash
89da1a0c7756c48d73d350288c93aa55a7be7c9dbb5de49d8917b3625259ee85
cf-cache-status
DYNAMIC
cf-ray
8f32af6e1cebaad3-YYZ
x-response-time
81
content-length
43
date
Tue, 17 Dec 2024 00:09:35 GMT
content-type
image/gif;charset=utf-8
perf
7402827104
server
cloudflare tsa_b
adsct
analytics.twitter.com/1/i/ 		43 B
546 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&dv=America%2FVancouver%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2648%2624%261600%261200%260%26na&eci=4&event=%7B%7D&event_id=6d3a95f1-54b3-45ae-827a-205d9e31c581&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=8adc8194-7147-43bd-ad7c-2a067e4cda20&tw_document_href=https%3A%2F%2Fparasiterelief.com%2Fpresentation%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dcleansevsl%26utm_campaign%3Dcleansecpa%26affid%3D66%26oid%3D109%26uid%3D0%26_ef_transaction_id%3D3283048eda1f4c299a05dfb3753fd411%26n%3D6109&tw_iframe_status=0&txn_id=tw-omgp6-omgpb&type=javascript&version=2.3.31
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=66&oid=109&uid=0&_ef_transaction_id=3283048eda1f4c299a05dfb3753fd411&n=6109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.3 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

strict-transport-security
max-age=631138519
x-transaction-id
c27750b7fcc62b71
cache-control
no-cache, no-store, max-age=0
x-connection-hash
402d07c32ac8648942e192fd8c310517e7353a3dc7b6f675c6ae2fe515caf713
x-response-time
83
content-length
43
date
Tue, 17 Dec 2024 00:09:35 GMT
perf
7402827104
content-type
image/gif;charset=utf-8
server
tsa_b
main.MWZiM2ZlMGNjMQ.js
analytics.tiktok.com/i18n/pixel/static/ 		351 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CF31TNRC77U6J4TVF330&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.251.27 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-212-251-27.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
da2d5cc7a936d3108413875e85969ff2e0a1bc79e4c9df4fabadb1ec9198e215

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

x-cache
TCP_MEM_HIT from a23-220-107-15.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=95
x-tt-trace-id
00-24121013344185C5F6E4E826C6B53617-740288946B65D1D5-00
content-length
98599
date
Tue, 17 Dec 2024 00:09:35 GMT
content-type
application/javascript; charset=UTF-8
x-tt-logid
2024121013344185C5F6E4E826C6B53617
server
nginx
x-akamai-request-id
2c97c023
x-tt-trace-host
012f35baac929792a8b382f96022366be9ab9dc3ca2abe0007b90ef3ba09372bbe2648af37adcf865dda22e178691ab97807492aabb97bb597b99fb0a2aa83a7159ced826bc0a49abc5007ce532a6ec1642db8398e139d949175159e3c84684151
v2
us.creativecdn.com/tags/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://us.creativecdn.com/tags/v2?type=json
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Cyprus, ASN203690 (RTB-HOUSE-ASH RTB Marketing and Tech Services Ltd, CY),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://parasiterelief.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET, POST
access-control-allow-origin
https://parasiterelief.com
access-control-max-age
3600
content-length
0
date
Tue, 17 Dec 2024 00:09:35 GMT
vary
Origin
id
d1pqvb2h9xgm7r.cloudfront.net/v1/ 		29 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d1pqvb2h9xgm7r.cloudfront.net/v1/id?channel=secure.parasiterelief.com
Requested by
Host: d9i5ve8f04qxt.cloudfront.net
URL: https://d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/collect-g.js?mid=LHP&channel=secure.parasiterelief.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.37.222 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-37-222.iad55.r.cloudfront.net
Software
/
Resource Hash
630ef75933cbef2fdf3fdde781bc4d10c28eaec98197ce655fe82dbba494bb19

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

access-control-expose-headers
date, x-api-id
via
1.1 965a8e3a7cc0b0dabf91fcd2f78a55da.cloudfront.net (CloudFront)
apigw-requestid
C6Mh_j1uIAMEaEA=
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
29
alt-svc
h3=":443"; ma=86400
date
Tue, 17 Dec 2024 00:09:35 GMT
content-type
text/plain; charset=utf-8
x-amz-cf-pop
IAD55-P1
x-amz-cf-id
PZLbRejEQuyuZWjONRElAy_lrGrg3BM0eU1-nbNbXnW3sbFJER2k8A==
syncframe
gum.criteo.com/ Frame 0AA5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=parasiterelief.com&origin=onetag
Requested by
Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=107998
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a00b::12 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://parasiterelief.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 17 Dec 2024 00:09:34 GMT
server
Kestrel
server-processing-duration-in-ticks
708783
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
cssession
dsp-trk.eskimi.com/tracking/ 		2 B
457 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dsp-trk.eskimi.com/tracking/cssession?tst&id=33152&url=https%3A%2F%2Fparasiterelief.com%2Fpresentation%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dcleansevsl%26utm_campaign%3Dcleansecpa%26affid%3D66%26oid%3D109%26uid%3D0%26_ef_transaction_id%3D3283048eda1f4c299a05dfb3753fd411%26n%3D6109&t=1734394175425
Requested by
Host: dsp-media.eskimi.com
URL: https://dsp-media.eskimi.com/assets/js/e/gtr.min.js?_=0.0.0.5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.42.63.49 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

Transfer-Encoding
chunked
Access-Control-Allow-Origin
https://parasiterelief.com
Date
Tue, 17 Dec 2024 00:09:35 GMT
Content-Type
text/plain; charset=UTF-8
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
gtr
dsp-ap.eskimi.com/v2/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dsp-ap.eskimi.com/v2/gtr?id=33152&event=page%20visitors%3A0&url=https%3A%2F%2Fparasiterelief.com%2Fpresentation%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dcleansevsl%26utm_campaign%3Dcleansecpa%26affid%3D66%26oid%3D109%26uid%3D0%26_ef_transaction_id%3D3283048eda1f4c299a05dfb3753fd411%26n%3D6109&t=1734394175426
Requested by
Host: dsp-media.eskimi.com
URL: https://dsp-media.eskimi.com/assets/js/e/gtr.min.js?_=0.0.0.5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.42.63.48 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
42064c2e10b0a51182be42b920a4ef7dfb35ed9f805fa858d9f37a12fb0efe7d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

Transfer-Encoding
chunked
Cache-Control
no-cache
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://parasiterelief.com
Date
Tue, 17 Dec 2024 00:09:35 GMT
Content-Type
application/json
Server
nginx
clarity.js
www.clarity.ms/s/0.7.59/ 		67 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.59/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/lk2f3dtvw5?ref=gtm2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
83146c62110f911cbc9e66daa824d1f4e1d8f8aa6508aa45fe061932db65fa27

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

x-azure-ref
20241217T000935Z-176fb8c9d7dgsgljhC1YTO058c0000000bq000000000608c
cache-control
public, max-age=86400
x-ms-version
2018-03-28
content-encoding
br
etag
W/"0x8DD1CF2DB0ECDD3"
x-fd-int-roxy-purgeid
79034942
x-ms-request-id
e0dfe31c-701e-003e-57de-4eb9a4000000
access-control-allow-origin
*
x-cache
TCP_HIT
date
Tue, 17 Dec 2024 00:09:35 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
last-modified
Sun, 15 Dec 2024 10:25:53 GMT
b-00tu
i.liadm.com/s/c/ Frame EEE9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://i.liadm.com/s/c/b-00tu?duid=2fd7b255045c--01jf8z5qzywpgbkcpcr2hhj9mx&euns=1&s=&version=v3.6.0&cd=.parasiterelief.com&pv=34ef7074-12c2-4808-b299-70b964639ffd
Requested by
Host: b-code.liadm.com
URL: https://b-code.liadm.com/b-00tu.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.202.190.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-190-25.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://parasiterelief.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-Control
private, no-cache, max-age=0
Connection
keep-alive
Content-Encoding
gzip
Content-Length
694
Content-Type
text/html; charset=UTF-8
Date
Tue, 17 Dec 2024 00:09:35 GMT
Request-Time
14
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
trace-id
f0ecffdd1f11eaef
triggerRunner.js
d2mjzob2nc713b.cloudfront.net/widget/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2mjzob2nc713b.cloudfront.net/widget/triggerRunner.js?v=53f4a9a
Requested by
Host: shop.pe
URL: https://shop.pe/widget/widget_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:28ac:8600:d:370a:51c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
45fdcedbeb833ea40206c98dfcbfa73842f72d53f166a26b47ecc3b01a55286d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

content-encoding
gzip
etag
"4be5eb6562afd4107663277d2ba2f77c"
age
544063
x-amz-meta-mtime
1733850093.99
x-cache
Hit from cloudfront
x-amz-cf-id
Zdwn5Ng8Anw4tPZj6tPoQApmq_yBUHU0vEqbpD69hcrHTmkgWoTLPw==
date
Tue, 10 Dec 2024 17:01:53 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 10 Dec 2024 17:01:35 GMT
cache-control
max-age=2592000, public
via
1.1 e0bed00f7c599b055dc1b21ec2ba7e72.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
3876
x-amz-cf-pop
IAD12-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
rt
d1pqvb2h9xgm7r.cloudfront.net/v1/ 		514 B
885 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d1pqvb2h9xgm7r.cloudfront.net/v1/rt
Requested by
Host: d9i5ve8f04qxt.cloudfront.net
URL: https://d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/collect-g.js?mid=LHP&channel=secure.parasiterelief.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.37.222 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-37-222.iad55.r.cloudfront.net
Software
/
Resource Hash
af11c81c146ac61f82ad5818872731bedd5e2e5461cbdc5c2ab5e734ca937485

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type
application/json
Referer
https://parasiterelief.com/

Response headers

access-control-expose-headers
date, x-api-id
x-amzn-requestid
abf46e38-10ba-508e-8d21-31e2d3c56e6f
via
1.1 965a8e3a7cc0b0dabf91fcd2f78a55da.cloudfront.net (CloudFront)
apigw-requestid
C6MiAh7wIAMEaxg=
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
514
alt-svc
h3=":443"; ma=86400
date
Tue, 17 Dec 2024 00:09:35 GMT
content-type
text/xml
x-amz-cf-pop
IAD55-P1
x-amz-cf-id
RU9kvfrd4RS5YiEK2E5c4QEuHHSZTCsO3WwSJBp8Df2X5I8--6JUyA==
rt
d1pqvb2h9xgm7r.cloudfront.net/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://d1pqvb2h9xgm7r.cloudfront.net/v1/rt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.37.222 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-37-222.iad55.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://parasiterelief.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
300
age
59497
alt-svc
h3=":443"; ma=86400
apigw-requestid
C37RggS7oAMEYjw=
date
Mon, 16 Dec 2024 07:37:58 GMT
via
1.1 965a8e3a7cc0b0dabf91fcd2f78a55da.cloudfront.net (CloudFront)
x-amz-cf-id
pgn3O765AIJP3G_JbZR7vWBf9Qj6J-H7klJRqIO71-ElP0o545Yhgg==
x-amz-cf-pop
IAD55-P1
x-cache
Hit from cloudfront
j
rp4.liadm.com/
Redirect Chain
  • https://rp.liadm.com/j?dtstmp=1734394175662&aid=b-00tu&se=e30&duid=2fd7b255045c--01jf8z5qzywpgbkcpcr2hhj9mx&tv=v3.6.0&pu=https%3A%2F%2Fparasiterelief.com%2Fpresentation%3Futm_source%3Dcpa%26utm_med...
  • https://rp4.liadm.com/j?dtstmp=1734394175662&aid=b-00tu&se=e30&duid=2fd7b255045c--01jf8z5qzywpgbkcpcr2hhj9mx&tv=v3.6.0&pu=https%3A%2F%2Fparasiterelief.com%2Fpresentation%3Futm_source%3Dcpa%26utm_me...
13 B
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rp4.liadm.com/j?dtstmp=1734394175662&aid=b-00tu&se=e30&duid=2fd7b255045c--01jf8z5qzywpgbkcpcr2hhj9mx&tv=v3.6.0&pu=https%3A%2F%2Fparasiterelief.com%2Fpresentation%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dcleansevsl%26utm_campaign%3Dcleansecpa%26affid%3D66%26oid%3D109%26uid%3D0%26_ef_transaction_id%3D3283048eda1f4c299a05dfb3753fd411%26n%3D6109&wpn=lc-bundle&wpv=v3.6.0&cd=.parasiterelief.com&c=PHRpdGxlPkNsZWFuc2UyNDwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PGgxIGNsYXNzPSJ2aWRlby1oZWFkbGluZSI-QXdmdWwgR2FzPyBZb3UgUHJvYmFibHkgSGF2ZSBQYXJhc2l0ZXM8L2gxPg&pv=34ef7074-12c2-4808-b299-70b964639ffd&i6=MjYwNzo1MzAwOjYwOjc4Njc6OjU%3D&n3pc=true
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=66&oid=109&uid=0&_ef_transaction_id=3283048eda1f4c299a05dfb3753fd411&n=6109
Protocol
H2
Server
34.231.172.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-172-117.compute-1.amazonaws.com
Software
/
Resource Hash
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

x-pixel-event-id
4d1d5d6e-ef45-4a2b-bd1d-063fd690202f
access-control-max-age
86400
access-control-expose-headers
*
access-control-allow-credentials
true
access-control-allow-methods
GET
access-control-allow-origin
null
content-length
13
date
Tue, 17 Dec 2024 00:09:36 GMT
content-type
application/json

Redirect headers

access-control-max-age
86400
access-control-expose-headers
*
location
https://rp4.liadm.com/j?dtstmp=1734394175662&aid=b-00tu&se=e30&duid=2fd7b255045c--01jf8z5qzywpgbkcpcr2hhj9mx&tv=v3.6.0&pu=https%3A%2F%2Fparasiterelief.com%2Fpresentation%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dcleansevsl%26utm_campaign%3Dcleansecpa%26affid%3D66%26oid%3D109%26uid%3D0%26_ef_transaction_id%3D3283048eda1f4c299a05dfb3753fd411%26n%3D6109&wpn=lc-bundle&wpv=v3.6.0&cd=.parasiterelief.com&c=PHRpdGxlPkNsZWFuc2UyNDwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PGgxIGNsYXNzPSJ2aWRlby1oZWFkbGluZSI-QXdmdWwgR2FzPyBZb3UgUHJvYmFibHkgSGF2ZSBQYXJhc2l0ZXM8L2gxPg&pv=34ef7074-12c2-4808-b299-70b964639ffd&i6=MjYwNzo1MzAwOjYwOjc4Njc6OjU%3D&n3pc=true
access-control-allow-credentials
true
access-control-allow-methods
GET
access-control-allow-origin
https://parasiterelief.com
content-length
0
date
Tue, 17 Dec 2024 00:09:35 GMT
collect
e.clarity.ms/ 		0
282 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.59/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.57.85.160 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://parasiterelief.com/

Response headers

Request-Context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
Access-Control-Allow-Origin
https://parasiterelief.com
Date
Tue, 17 Dec 2024 00:09:35 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
widget.js
d2mjzob2nc713b.cloudfront.net/widget/ 		193 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2mjzob2nc713b.cloudfront.net/widget/widget.js?v=86a09eb
Requested by
Host: shop.pe
URL: https://shop.pe/widget/widget_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:28ac:8600:d:370a:51c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9083e070260049b56bf2c0133dd0c6f97e769abf1844df7878f1805fc6860f42

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

content-encoding
gzip
etag
"a7794e3ab98a7f7b7a73cf4c3a4133ca"
age
544063
x-amz-meta-mtime
1733850092.12
x-cache
Hit from cloudfront
x-amz-cf-id
9pxfP6prIipXW-z_ceWFAr2256xZM1XY60Ev4heX_WCnP5VMJsJ4_w==
date
Tue, 10 Dec 2024 17:01:53 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 10 Dec 2024 17:01:35 GMT
cache-control
max-age=2592000, public
via
1.1 e0bed00f7c599b055dc1b21ec2ba7e72.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
50155
x-amz-cf-pop
IAD12-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
click
www.p8btrk.com/sdk/ 		87 B
427 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.p8btrk.com/sdk/click?effp=538797b3fac6a6e4b5e1868bb164566e&sec_ch_ua_platform=&sec_ch_ua_platform_version=&sec_ch_ua_model=&_ef_transaction_id=3283048eda1f4c299a05dfb3753fd411&oid=109&affid=66&__cc=&async=json&uid=0&__qp=utm_source%7Cutm_medium%7Cutm_content%7Cutm_campaign%7Caffid%7Coid%7Cuid%7C_ef_transaction_id%7Cn&__rf=&__efckuq=68
Requested by
Host: www.p8btrk.com
URL: https://www.p8btrk.com/scripts/sdk/everflow.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.199.247 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
247.199.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
37194ac6e1637efb0fb71153ff2105077e014b64051c290011d6bc2229a5506a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

accept-ch
Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
access-control-allow-credentials
true
via
1.1 google
x-eflow-request-id
d25a2f7f-2401-4df1-8ec0-131160b1a25e
access-control-allow-origin
https://parasiterelief.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
87
date
Tue, 17 Dec 2024 00:09:35 GMT
content-type
application/json; charset=utf-8
vary
Origin
server
nginx
p
tr6.snapchat.com/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr6.snapchat.com/p
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://parasiterelief.com/

Response headers

via
1.1 google, 1.1 google
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
alt-svc
clear, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Tue, 17 Dec 2024 00:09:35 GMT
x-envoy-upstream-service-time
0
server
API Gateway
identify_45dd5971.js
analytics.tiktok.com/i18n/pixel/static/ 		146 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_45dd5971.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.251.27 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-212-251-27.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
2adcf9fd70c1c834f4b13d732b66f4900cec9a6bbdc587b85dbc68cdd9a34be4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

x-cache
TCP_MEM_HIT from a23-220-107-15.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
x-tt-trace-id
00-24111505024497C041E7630B74133A00-3B6BCAAE6C5DB6DB-00
content-length
39364
date
Tue, 17 Dec 2024 00:09:35 GMT
content-type
application/javascript; charset=UTF-8
x-tt-logid
2024111505024497C041E7630B74133A00
server
nginx
x-akamai-request-id
2c97c408
x-tt-trace-host
0142821e461e423bd8be453b6473e823f1589134bfe58036dd30fd44fea4e52ba47f106dd2f512bbacd11c1497a88fdd44b43f64163e8760cdfde5c4366deac7d4b1c839cad7a9d3cca95b90d328f611834f019da73c60dece32fb8e00dd329378
pixel
analytics.tiktok.com/api/v2/ 		0
880 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.251.27 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-212-251-27.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://parasiterelief.com/

Response headers

x-cache-remote
TCP_MISS from a23-220-105-86.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Tue, 17 Dec 2024 00:09:35 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=35, origin; dur=30, inner; dur=25
x-cache
TCP_MISS from a23-220-107-15.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date
Tue, 17 Dec 2024 00:09:35 GMT
x-akamai-request-id
99cc896e.2c97c409
access-control-allow-headers
Authorization,*
x-tt-trace-host
01c6924f8812bfc1a214d7532ab5d94386ccb1997409bb6f8c5605fd648ab44dd9f07a934e8fdbef51763d792c1c2de75edfa3b5701394347bfeff617cb2ae730c713696e4f5b5e07cd084bd5e48d65181e8398ee35446a73e8e581f5945c6cabed1df016805b2b2de13ffd63dd4168ec6
x-origin-response-time
30,23.220.105.86
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-241217000935C892EFEC7585A915B04A-31B2FD6A3FC0B498-00
content-length
0
x-parent-response-time
51,23.220.107.15
x-tt-logid
20241217000935C892EFEC7585A915B04A
server
nginx
pixel
analytics.tiktok.com/api/v2/ 		0
878 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.251.27 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-212-251-27.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://parasiterelief.com/

Response headers

x-cache-remote
TCP_MISS from a23-220-105-85.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Tue, 17 Dec 2024 00:09:35 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=16, origin; dur=27, inner; dur=24
x-cache
TCP_MISS from a23-220-107-15.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date
Tue, 17 Dec 2024 00:09:35 GMT
x-akamai-request-id
7d277c0.2c97c40a
access-control-allow-headers
Authorization,*
x-tt-trace-host
01c6924f8812bfc1a214d7532ab5d94386ccb1997409bb6f8c5605fd648ab44dd93b5f09db0fec52f2807a74360f4670950faebff0dc36f961585eb26256e3949668a5338196aba1d5b30e970c21dfd6c5546488f6a5b09b0999581a8f1beb29e31eeda9a23e9bc03beb630887787afbc5
x-origin-response-time
27,23.220.105.85
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-2412170009352E33717032D9DB4A12BE-708D3A8AA1BE72B1-00
content-length
0
x-parent-response-time
33,23.220.107.15
x-tt-logid
202412170009352E33717032D9DB4A12BE
server
nginx
pixel
analytics.tiktok.com/api/v2/ 		0
878 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.251.27 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-212-251-27.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://parasiterelief.com/

Response headers

x-cache-remote
TCP_MISS from a23-48-200-178.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Tue, 17 Dec 2024 00:09:36 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=58, origin; dur=36, inner; dur=33
x-cache
TCP_MISS from a23-220-107-15.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date
Tue, 17 Dec 2024 00:09:36 GMT
x-akamai-request-id
ad9efd78.2c97c40b
access-control-allow-headers
Authorization,*
x-tt-trace-host
01c6924f8812bfc1a214d7532ab5d94386ccb1997409bb6f8c5605fd648ab44dd91a727b86e814fcfcf2e6d854956429be0866af5a8788db7c8471136ccaf7d2278dba7ef122e96284dd88246938fd12febd5cc6aa0f5231cb48cebfba8ea2d80f644063982192d5117085a93261fd1184
x-origin-response-time
36,23.48.200.178
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-24121700093596E88879051A3156B068-0A54F88E6D25412A-00
content-length
0
x-parent-response-time
40,23.220.107.15
x-tt-logid
2024121700093596E88879051A3156B068
server
nginx
/
rtb-csync.smartadserver.com/redir/ 		43 B
584 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=156&partneruserid=6ca46e71-1453-4bc5-a57c-83debff43a60&gdpr=0&gdpr_consent=1
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=66&oid=109&uid=0&_ef_transaction_id=3283048eda1f4c299a05dfb3753fd411&n=6109
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
216.22.16.9 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date
Tue, 17 Dec 2024 00:09:35 GMT
pragma
no-cache
content-type
image/gif
sd
eu-u.openx.net/w/1.0/
Redirect Chain
  • https://eu-u.openx.net/w/1.0/sd?id=539901412&val=6ca46e71-1453-4bc5-a57c-83debff43a60&gdpr=0&gdpr_consent=1
  • https://eu-u.openx.net/w/1.0/sd?id=539901412&val=6ca46e71-1453-4bc5-a57c-83debff43a60&gdpr=0&gdpr_consent=1&cc=1
43 B
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=539901412&val=6ca46e71-1453-4bc5-a57c-83debff43a60&gdpr=0&gdpr_consent=1&cc=1
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=66&oid=109&uid=0&_ef_transaction_id=3283048eda1f4c299a05dfb3753fd411&n=6109
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

cache-control
private, max-age=0, no-cache
pragma
no-cache
x-forwarded-for
167.114.209.103
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 17 Dec 2024 00:09:35 GMT
content-type
image/gif
vary
Accept

Redirect headers

location
https://eu-u.openx.net/w/1.0/sd?id=539901412&val=6ca46e71-1453-4bc5-a57c-83debff43a60&gdpr=0&gdpr_consent=1&cc=1
x-forwarded-for
167.114.209.103
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 17 Dec 2024 00:09:34 GMT
content-type
text/plain; charset=utf-8
vary
Origin
rum
dsum-sec.casalemedia.com/
Redirect Chain
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=244&external_user_id=6ca46e71-1453-4bc5-a57c-83debff43a60&gdpr=0&gdpr_consent=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=244&external_user_id=6ca46e71-1453-4bc5-a57c-83debff43a60&gdpr=0&gdpr_consent=1&C=1
43 B
767 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=244&external_user_id=6ca46e71-1453-4bc5-a57c-83debff43a60&gdpr=0&gdpr_consent=1&C=1
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=66&oid=109&uid=0&_ef_transaction_id=3283048eda1f4c299a05dfb3753fd411&n=6109
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rmoyqw4F6HmS0ThgQMDEp9m%2Fumb7rxqZTfYItegmnZMd8PIRgCQico1YNQELOlbMyn8MHaJYjw8EPUYJ5GlKxIDYziJ440aRNl%2BSpB4dghivDsy%2ByqIDlEmVzbBUajN83CwbK4%2F9gg%2BC5w%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date
Tue, 17 Dec 2024 00:09:36 GMT
content-type
image/gif
vary
Accept-Encoding
priority
u=3,i
cache-control
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
cf-ray
8f32af6fbfc6ac28-YYZ
content-length
43
server
cloudflare

Redirect headers

cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U2oUuZn%2FvchBE4FNe5KF8OWrniCRJb05V15McujVVzfD7AVrmxZHH%2FdS8eDKx%2BqbyFbvTxbMwLAG6X32FVohByte8ioiJfMA8tmx9%2F7tdFJgVxRl1a%2FiLkJa16Ct9hYNagtUSyRijkbORw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date
Tue, 17 Dec 2024 00:09:35 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
no-cache
location
/rum?cm_dsp_id=244&external_user_id=6ca46e71-1453-4bc5-a57c-83debff43a60&gdpr=0&gdpr_consent=1&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
cf-ray
8f32af6f4efcac28-YYZ
content-length
0
server
cloudflare
pixel
cm.g.doubleclick.net/ 		170 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=eskimi&google_hm=6ca46e71-1453-4bc5-a57c-83debff43a60&gdpr=0&gdpr_consent=1
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=66&oid=109&uid=0&_ef_transaction_id=3283048eda1f4c299a05dfb3753fd411&n=6109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.66.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
date
Tue, 17 Dec 2024 00:09:35 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)
tap.php
pixel.rubiconproject.com/ 		42 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=103804&nid=3846&put=6ca46e71-1453-4bc5-a57c-83debff43a60&expires=30&gdpr=0&gdpr_consent=1
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=66&oid=109&uid=0&_ef_transaction_id=3283048eda1f4c299a05dfb3753fd411&n=6109
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.146.5 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
1c34e56f66d325760e494cbb7a93f50f
Pragma
no-cache
content-length
42
Content-Type
image/gif
/
cs.adingo.jp/sync/ 		43 B
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.adingo.jp/sync/?from=eskimi&id=6ca46e71-1453-4bc5-a57c-83debff43a60
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=66&oid=109&uid=0&_ef_transaction_id=3283048eda1f4c299a05dfb3753fd411&n=6109
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.160.149.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-160-149-172.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

expires
Wed, 17 Sep 1975 21:32:10 GMT
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
date
Tue, 17 Dec 2024 00:09:35 GMT
pragma
no-cache
content-type
image/gif
server
nginx
Pug
image2.pubmatic.com/AdServer/ 		42 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM3MDcmdGw9MjAxNjA=&piggybackCookie=6ca46e71-1453-4bc5-a57c-83debff43a60&gdpr=0&gdpr_consent=1
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=66&oid=109&uid=0&_ef_transaction_id=3283048eda1f4c299a05dfb3753fd411&n=6109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.37.184 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

cache-control
no-store, no-cache, private
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 17 Dec 2024 00:09:35 GMT
content-type
image/gif; charset=utf-8
server
nginx
/
csync.loopme.me/ 		0
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csync.loopme.me/?partner_id=324&uid=6ca46e71-1453-4bc5-a57c-83debff43a60&gdpr=0&gdpr_consent=1
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=66&oid=109&uid=0&_ef_transaction_id=3283048eda1f4c299a05dfb3753fd411&n=6109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.233.111 Groningen, Netherlands, ASN19527 (GOOGLE-2, US),
Reverse DNS
111.233.214.35.bc.googleusercontent.com
Software
_ /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

date
Tue, 17 Dec 2024 00:09:36 GMT
server
_
sync
x.bidswitch.net/ 		43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=364&user_id=6ca46e71-1453-4bc5-a57c-83debff43a60&expires=30&gdpr=0&gdpr_consent=1&us_privacy=
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=66&oid=109&uid=0&_ef_transaction_id=3283048eda1f4c299a05dfb3753fd411&n=6109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.211.202.130 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
130.202.211.35.bc.googleusercontent.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
date
Tue, 17 Dec 2024 00:09:36 GMT
content-type
image/gif
dspreply
public-prod-dspcookiematching.dmxleo.com/ 		0
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=2806&dspUserId=6ca46e71-1453-4bc5-a57c-83debff43a60&gdpr=0&gdpr_consent=1
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=66&oid=109&uid=0&_ef_transaction_id=3283048eda1f4c299a05dfb3753fd411&n=6109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.167.69.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-167-69-43.iad61.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 94c162a3cf560de9030f33fa36e19624.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
NvUYx_Klhy9U2ehbkv7yexcrjua6FBMJWJyymqkTfCEvdE611rT3zA==
date
Tue, 17 Dec 2024 00:09:36 GMT
x-amz-cf-pop
IAD61-P6
p
tr.snapchat.com/ 		0
94 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/p
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://parasiterelief.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time
1
access-control-allow-credentials
true
via
1.1 google, 1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-origin
https://parasiterelief.com
content-length
0
date
Tue, 17 Dec 2024 00:09:35 GMT
server
API Gateway
v2
us.creativecdn.com/tags/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://us.creativecdn.com/tags/v2?type=json&tc=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Cyprus, ASN203690 (RTB-HOUSE-ASH RTB Marketing and Tech Services Ltd, CY),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://parasiterelief.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET, POST
access-control-allow-origin
https://parasiterelief.com
access-control-max-age
3600
content-length
0
date
Tue, 17 Dec 2024 00:09:36 GMT
vary
Origin
act
analytics.tiktok.com/api/v2/pixel/ 		0
878 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.251.27 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-212-251-27.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://parasiterelief.com/

Response headers

x-cache-remote
TCP_MISS from a23-48-200-175.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Tue, 17 Dec 2024 00:09:36 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=272, origin; dur=17, inner; dur=13
x-cache
TCP_MISS from a23-220-107-15.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date
Tue, 17 Dec 2024 00:09:36 GMT
x-akamai-request-id
6610b55e.2c97c6e4
access-control-allow-headers
Authorization,*
x-tt-trace-host
01c6924f8812bfc1a214d7532ab5d94386ccb1997409bb6f8c5605fd648ab44dd91177c76972ab4bb84b192c15f1715ae83dc4c33ac6ba3714d162668225cd2a87a0e58a1e868077790e4bbba7f0b5c0808e2a83741c7c454939238fbac926e6eba96501756ba8280787d499ceb4d02500
x-origin-response-time
17,23.48.200.175
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-241217000936FADD82FAA823342425E1-3460C9AB5BBE9DD7-00
content-length
0
x-parent-response-time
90,23.220.107.15
x-tt-logid
20241217000936FADD82FAA823342425E1
server
nginx
rt
d1pqvb2h9xgm7r.cloudfront.net/v1/ 		514 B
812 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d1pqvb2h9xgm7r.cloudfront.net/v1/rt
Requested by
Host: d9i5ve8f04qxt.cloudfront.net
URL: https://d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/collect-g.js?mid=LHP&channel=secure.parasiterelief.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.160.37.222 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-37-222.iad55.r.cloudfront.net
Software
/
Resource Hash
93ffb74038741ade6087dd94059b36ac82c53c6317b400db525dbad3e16b714d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type
application/json
Referer
https://parasiterelief.com/

Response headers

access-control-expose-headers
date, x-api-id
x-amzn-requestid
5797e49e-41d2-50d5-bdfb-bb44825251e3
via
1.1 eb30892e0d329aead17e943e1b1cc5ae.cloudfront.net (CloudFront)
apigw-requestid
C6MiGiY1oAMEaxA=
alt-svc
h3=":443"; ma=86400
access-control-allow-origin
*
content-length
514
x-amz-cf-id
G2DSbBB-FXbrxNVpAXmjB1kauVytMjK7lAhc_hdah-LQchOONqj2qg==
date
Tue, 17 Dec 2024 00:09:36 GMT
content-type
text/xml
x-cache
Miss from cloudfront
x-amz-cf-pop
IAD55-P1
ig-membership
us.creativecdn.com/ Frame 6B29 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.creativecdn.com/ig-membership?ntk=046v1UMuVjdgTDa0sF3sFVyHq8tIlECWxMFK6pduIsGNdxENWuIJUzFgPgz8BEkIz7m0idSSpSetkut3DIfXFm93mB0bJ9BL5vV5EZ0RpMkcVeXe8GxKApYJinVIDq-xpdPMYbCx0FZaLf5fwQd3p_omoW7f2ClFHeWoZq_T8jF5ma8eRGCMpp-d_gRCF0WVYRavnDMbHRNH-2QWysJA_m6TRPCPZNIYCJXe8ztgiAVuAkNtf2WHA4Cvsu7oiJgZWz7Sz4VnJhGcjdr90nva1ISnezio7sCxAyCWLjnGxzALxs30rQ9eb5r4gzL2RXEE2hyInPu7M3jp7_WTTvx79W7R5cfb6CylVDVdyafYjhauWKIqWVSUAIP5EmoQaQcKLMYIj41YbpU_EmuokGXpLTlH3a5cGpakvbPcfz4XeylO65IRF3XUGfB6A6QtcfLlK6ySNC1_odroJUmivvZwsV20jj6-bMWdRe-Ji2gjPhid6exkkr85XYhvNq_C3qtW7plhCRYPCwcYFuafuMHqtg
Requested by
Host: tags.creativecdn.com
URL: https://tags.creativecdn.com/EuTwXXOV4Sc7dJbpixmK.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Cyprus, ASN203690 (RTB-HOUSE-ASH RTB Marketing and Tech Services Ltd, CY),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash

Request headers

Referer
https://parasiterelief.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
content-length
924
content-type
text/html;charset=utf-8
date
Tue, 17 Dec 2024 00:09:36 GMT Tue, 17 Dec 2024 00:09:36 GMT
expires
Wed, 18 Dec 2024 00:09:36 GMT
vary
Accept-Encoding
topics-membership
us.creativecdn.com/ Frame F785 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.creativecdn.com/topics-membership?ntk=-1SicGontaS8q8RA8YVp94DFtO1a40SQOUecXRoukULn3a8tUTOBVrCOxnI8qYoybm_iwtWQNUBWZiV-0UbUqZaTaB0Zupbnl_p6RbyiCmrU4YYo_lk_YQ_Ag7JoXXm3Cq-Dt7W7_bkwUe85-uWQl5YUUsuHaG-hK2_nAmUxoSu1K7x-o11ScdU-uznhavdiwMdIV0YeIdO0OfWgOoKVA3QklNn2yfHrrlah5m0iBiq-i9_rOpBOHASRaXwWndjgj0DeDxYNyLNKNhwOiP3h7vhccZgXO6e8wKUr0yJwL5GyuSh39A9PoUFyZTLrH2IvMmGlZU9gY26Z6DCXOIrLfx_Ai92XiQnijhhl-ZuYyWrUaEjH68CaG8l8YklBp5MnzEo0FsrM2J55rY54K2tkbord0hgI0q-sXUTRJBQT9Vu-aV5Prsjlk8xCNv_BPsHQ0LLELDGNS8vAs6gYFCaQjtm9C8C3jP3xZmBIxg0IpFv0OnC8XOBsSEpJyziCis-PZ3JyLIAGxbxyXSAa6pNR5g
Requested by
Host: tags.creativecdn.com
URL: https://tags.creativecdn.com/EuTwXXOV4Sc7dJbpixmK.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Cyprus, ASN203690 (RTB-HOUSE-ASH RTB Marketing and Tech Services Ltd, CY),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash

Request headers

Referer
https://parasiterelief.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
content-length
837
content-type
text/html;charset=utf-8
date
Tue, 17 Dec 2024 00:09:36 GMT Tue, 17 Dec 2024 00:09:36 GMT
expires
Wed, 18 Dec 2024 00:09:36 GMT
vary
Accept-Encoding
setuid
ib.adnxs.com/ 		0
524 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=315&code=Jq_oZeC1Vdj03DPsugcp762q20TsafFrFIqQMm_vows&consent=1
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=66&oid=109&uid=0&_ef_transaction_id=3283048eda1f4c299a05dfb3753fd411&n=6109
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.184 Colonia, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
x-proxy-origin
167.114.209.103; 167.114.209.103; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid
e6b2f4a1-46e3-471d-96c2-1c8f24ba587c
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Tue, 17 Dec 2024 00:09:36 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.23.4
adnypeu
service3.purehealthresearch.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://service3.purehealthresearch.com/adnypeu
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=66&oid=109&uid=0&_ef_transaction_id=3283048eda1f4c299a05dfb3753fd411&n=6109
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
134.209.162.206 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

Access-Control-Allow-Origin
*
Content-Length
0
Date
Tue, 17 Dec 2024 00:09:36 GMT
Server
nginx
Connection
keep-alive
Access-Control-Allow-Methods
GET
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=39884939C39B470DA6D49E36382BD5E8&RedC=c.clarity.ms&MXFR=364420417286673707D2351976866980
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=39884939C39B470DA6D49E36382BD5E8&MUID=25838FAD258362823D609AF524556332
42 B
441 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=39884939C39B470DA6D49E36382BD5E8&MUID=25838FAD258362823D609AF524556332
Protocol
H2
Server
20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

cache-control
private, no-cache, proxy-revalidate, no-store
pragma
no-cache
etag
"9270eb7934bdb1:0"
accept-ranges
bytes
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length
42
date
Tue, 17 Dec 2024 00:09:36 GMT
content-type
image/gif
last-modified
Tue, 10 Dec 2024 13:00:24 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET

Redirect headers

cache-control
private, no-cache, proxy-revalidate, no-store
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=39884939C39B470DA6D49E36382BD5E8&MUID=25838FAD258362823D609AF524556332
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 8BE10BB04BC545FF873A2B43C6B07606 Ref B: YMQ01EDGE0416 Ref C: 2024-12-17T00:09:37Z
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length
0
date
Tue, 17 Dec 2024 00:09:36 GMT
x-powered-by
ASP.NET
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame B781
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-chU8-_Wk-4_V3Re9mPAoWPjNd0bNnIUo5qWMug&google_cm&google_hm=ay1jaFU4LV9Xay00X1YzUmU5bVBBb1dQak5kMGJObklVb...
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-chU8-_Wk-4_V3Re9mPAoWPjNd0bNnIUo5qWMug&google_gid=CAESECiYVI5DrcHE1LRB96ee6rM&google_cver=1&google_ula=913071,0
43 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-chU8-_Wk-4_V3Re9mPAoWPjNd0bNnIUo5qWMug&google_gid=CAESECiYVI5DrcHE1LRB96ee6rM&google_cver=1&google_ula=913071,0
Protocol
H2
Server
74.119.117.16 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2669449
expires
Mon, 26 Jul 1997 05:00:00 GMT
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
date
Tue, 17 Dec 2024 00:09:35 GMT
content-type
image/gif
server
Kestrel

Redirect headers

cache-control
no-cache, must-revalidate
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-chU8-_Wk-4_V3Re9mPAoWPjNd0bNnIUo5qWMug&google_gid=CAESECiYVI5DrcHE1LRB96ee6rM&google_cver=1&google_ula=913071,0
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
398
date
Tue, 17 Dec 2024 00:09:36 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
sync
x.bidswitch.net/ Frame B781 		43 B
92 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=46&user_id=k-M5Zop_Wk-4_V3Re9mPAoWPjNd0b6qdsbDSiMYA&expires=30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.211.202.130 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
130.202.211.35.bc.googleusercontent.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
date
Tue, 17 Dec 2024 00:09:36 GMT
content-type
image/gif
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame B781
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3064710490559218548
43 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3064710490559218548
Protocol
H2
Server
74.119.117.16 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1280883
expires
Mon, 26 Jul 1997 05:00:00 GMT
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
date
Tue, 17 Dec 2024 00:09:36 GMT
content-type
image/gif
server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3064710490559218548
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
167.114.209.103; 167.114.209.103; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
7c5e618c-0b65-497e-b1e3-5371d1d84cee
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Tue, 17 Dec 2024 00:09:36 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.23.4
/
partner.mediawallahscript.com/ Frame B781
Redirect Chain
  • https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-chU8-_Wk-4_V3Re9mPAoWPjNd0bNnIUo5qWMug&custom=&tag_format=img&tag_action=sync&custom=&cb=872c0c74-8796-4654-ab5f-8a288ff...
  • https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-chU8-_Wk-4_V3Re9mPAoWPjNd0bNnIUo5qWMug&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=872c0c74-8796-465...
  • https://secure.adnxs.com/getuid?https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=$UID&tag_format=img&tag_action=sync
  • https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=3064710490559218548&tag_format=img&tag_action=sync
  • https://sync.crwdcntrl.net/map/c=14717/tp=MWSP/tpid=33ab4820-bc0b-11ef-b1a7-bb0111ff9c37?https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2023%26partner_id%3D2118%26uid%3D%24%7Bprofile...
  • https://sync.crwdcntrl.net/map/ct=y/c=14717/tp=MWSP/tpid=33ab4820-bc0b-11ef-b1a7-bb0111ff9c37?https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2023%26partner_id%3D2118%26uid%3D%24%7Bpr...
  • https://partner.mediawallahscript.com/?account_id=2023&partner_id=2118&uid=e82763fbcd1038f6e42204e933b69dd8&tag_format=img&tag_action=sync&cb=478834456
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vxsrv3i&ttd_tpi=1
  • https://partner.mediawallahscript.com/?account_id=2027&partner_id=2051&uid=31b08d60-a01b-4c1c-9eb8-ec02515b4b55&tag_format=img&tag_action=sync&cb=
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/mwal?url=https://partner.mediawallahscript.com/?account_id%3D2006%26partner_id%3D2131%26custom%3D%26tag_format%3Dimg%26tag_action%3Dsync
  • https://partner.mediawallahscript.com/?account_id=2006&partner_id=2131&custom=&tag_format=img&tag_action=sync&puid=340ca200-bc0b-11ef-8ef3-a9dc6b402b3a
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D1009%26partner_id%3Dc182f930%26uid%3D%24UID%26custom%3D%26tag_format%3Dimg%26tag_action%3Dsync
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D1009%26partner_id%3Dc182f930%26uid%3D%24UID%26custom%3D%26tag_format%3Dimg%26tag_action%3Dsync&sovrn_r...
  • https://partner.mediawallahscript.com/?account_id=1009&partner_id=c182f930&uid=J2AJALZHe-wtpcdvRsOMW0UN&custom=&tag_format=img&tag_action=sync
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2030%26partner_id%3D2147%26uid%3D%23PM_USER_ID%26tag_format%3Dimg%26tag_action%3D...
  • https://partner.mediawallahscript.com/?account_id=2030&partner_id=2147&uid=C72D7E19-025E-4569-AB34-76F9D4A3980D&tag_format=img&tag_action=sync
  • https://sync.mathtag.com/sync/img?mt_exid=10103&redirect=https://partner.mediawallahscript.com/?account_id=2036&partner_id=2149&uid=[MM_UUID]&tag_format=img&tag_action=sync
  • https://partner.mediawallahscript.com/?account_id=2036&partner_id=2149&uid=bf7d6760-c142-4300-9796-60ae1aa3dc0b&tag_format=img&tag_action=sync
  • https://match.prod.bidr.io/cookie-sync/mediawallah?dif=1
  • https://match.prod.bidr.io/cookie-sync/mediawallah?dif=1&_bee_ppp=1
  • https://partner.mediawallahscript.com/?account_id=2034&partner_id=2079&uid=AAEP2U7OwYMAABjTtykbsQ&tag_format=img&tag_action=sync&cb=31
0
0
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame B781 		0
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-gEM62fWk-4_V3Re9mPAoWPjNd0Y4k6Y-WviVpQ
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

x-fastly-to-nlb-rtt
28488
date
Tue, 17 Dec 2024 00:09:36 GMT
server
nginx
access-control-allow-credentials
true
sync
visitor.omnitagjs.com/visitor/ Frame B781 		49 B
428 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-rAtjIPWk-4_V3Re9mPAoWPjNd0a1AjOkuIGsAg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.245.40.102 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
102.40.245.35.bc.googleusercontent.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
x-kong-request-id
235a6008218ab2474f0152287ad30f4f
pragma
no-cache
x-content-type-options
nosniff
via
kong/3.6.1
expires
0
x-kong-upstream-latency
1
x-kong-proxy-latency
0
content-length
49
p3p
CP="CAO PSA OUR"
date
Tue, 17 Dec 2024 00:09:36 GMT
content-type
image/gif
vary
Accept-Encoding
rum
r.casalemedia.com/ Frame B781 		43 B
759 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-sI8-3_Wk-4_V3Re9mPAoWPjNd0ZP_zwfuvZG0A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kH7oQMTSUU04baGICwGeuhi12AOZXNHrSF4ZN7B3g6S%2FxK2EODDPgo0EWEDpOBAkimXhsXTy5r%2BaC3rWMwwmpEQ%2F7SF8mjvUFj6i9J5mIA9IhD8SJCfpFyvUdKWL9clBrWIG"}],"group":"cf-nel","max_age":604800}
cf-ray
8f32af75885ba232-YYZ
expires
0
alt-svc
h3=":443"; ma=86400
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date
Tue, 17 Dec 2024 00:09:36 GMT
content-type
image/gif
vary
Accept-Encoding
server
cloudflare
ibs:dpid=28645&dpuuid=TFQ9oQ0V_8VUeACfwXQ8krrwrmpwZhfj
dpm.demdex.net/ Frame B781
Redirect Chain
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=TFQ9oQ0V_8VUeACfwXQ8krrwrmpwZhfj
42 B
719 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=TFQ9oQ0V_8VUeACfwXQ8krrwrmpwZhfj
Protocol
H2
Server
50.19.69.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-19-69-177.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs
dcs-prod-va6-2-v068-0dfe0d3e0.edge-va6.demdex.com 2 ms
content-encoding
gzip
pragma
no-cache
x-content-type-options
nosniff
x-tid
bjx9nHHKQkk=
expires
Thu, 01 Jan 1970 00:00:00 UTC
content-length
59
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date
Tue, 17 Dec 2024 00:09:36 GMT
content-type
image/gif

Redirect headers

strict-transport-security
max-age=31536000; preload;
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
location
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=TFQ9oQ0V_8VUeACfwXQ8krrwrmpwZhfj
content-length
0
date
Tue, 17 Dec 2024 00:09:36 GMT
server
Kestrel
server-processing-duration-in-ticks
638443
user-registering
ads.stickyadstv.com/ Frame B781 		43 B
661 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-uJQ4O_Wk-4_V3Re9mPAoWPjNd0YfnZgAJOe4oA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.230 Secaucus, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Transfer-Encoding
chunked
Cache-Control
no-cache
Pragma
no-cache
x-sticky-vk
1734394176918009-278
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Date
Tue, 17 Dec 2024 00:09:36 GMT
Content-Type
image/gif
Server
nginx
match
ad.360yield.com/ul_cb/ Frame B781
Redirect Chain
  • https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-QhV7dPWk-4_V3Re9mPAoWPjNd0bTJGAXioEZAw
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-QhV7dPWk-4_V3Re9mPAoWPjNd0bTJGAXioEZAw
43 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-QhV7dPWk-4_V3Re9mPAoWPjNd0bTJGAXioEZAw
Protocol
H2
Server
3.217.222.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-222-187.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-allow-origin
*
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date
Tue, 17 Dec 2024 00:09:36 GMT
content-type
image/gif

Redirect headers

access-control-allow-origin
*
location
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-QhV7dPWk-4_V3Re9mPAoWPjNd0bTJGAXioEZAw
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date
Tue, 17 Dec 2024 00:09:36 GMT
content-type
text/plain
cms
ups.analytics.yahoo.com/ups/58691/ Frame B781
Redirect Chain
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-PDh4__Wk-4_V3Re9mPAoWPjNd0btXqjt5lagJw
  • https://thrtle.com/sync?vxii_pid=7006&vxii_pdid=28027bdd-b813-444d-9b16-bbc073c6686d&us_privacy=1YN-
  • https://thrtle.com/sync?_reach=1&vxii_pdid=28027bdd-b813-444d-9b16-bbc073c6686d&vxii_pid=12&vxii_pid1=7006&vxii_rcid=f4333d30-53a1-4da2-b44e-1c9fc0c0c70f&vxii_rmax=3
  • https://cms.analytics.yahoo.com/cms?partner_id=THROTLE
  • https://ups.analytics.yahoo.com/ups/58691/cms?partner_id=THROTLE
0
160 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58691/cms?partner_id=THROTLE
Protocol
H2
Server
2001:4998:60:807::2 , United States, ASN14196 (YAHOO-CHA, US),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
date
Tue, 17 Dec 2024 00:09:37 GMT
age
0
content-type
text/html
server
ATS
referrer-policy
no-referrer-when-downgrade

Redirect headers

strict-transport-security
max-age=31536000
cache-control
no-store
location
https://ups.analytics.yahoo.com/ups/58691/cms?partner_id=THROTLE
content-length
257
date
Tue, 17 Dec 2024 00:09:37 GMT
content-type
text/html
content-language
en
server
ATS
cksync.php
contextual.media.net/ Frame B781 		59 B
834 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-vCC0k_Wk-4_V3Re9mPAoWPjNd0ZyEdt_wlTcwA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.62.172.23 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-62-172-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
bd95e8a7f7c6225934f3f14a6cdc3876566284966667fc32f88fe141e3713da6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=0, no-cache, no-store
timing-allow-origin
*
pragma
no-cache
expires
Tue, 17 Dec 2024 00:09:37 GMT
x-mnet-hl2
E
alt-svc
h3=":443"; ma=93600
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-length
59
date
Tue, 17 Dec 2024 00:09:37 GMT
content-type
image/gif
server
Apache
push
exchange.mediavine.com/usersync/ Frame B781 		0
966 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-uUU75PWk-4_V3Re9mPAoWPjNd0afA1ffjHmj5A
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.200.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-200-160.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
private, no-cache
content-encoding
gzip
date
Tue, 17 Dec 2024 00:09:37 GMT
content-type
text/html; charset=utf-8
vary
Origin, Accept-Encoding
access-control-allow-credentials
true
c.gif
c.bing.com/ Frame B781 		42 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=k-K1F3QPWk-4_V3Re9mPAoWPjNd0bYQUv_Kdg9wQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
private, no-cache, proxy-revalidate, no-store
pragma
no-cache
etag
"9270eb7934bdb1:0"
x-msedge-ref
Ref A: 0E2818C45C994B36928040FF47678C3C Ref B: YMQ01EDGE0416 Ref C: 2024-12-17T00:09:37Z
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
42
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date
Tue, 17 Dec 2024 00:09:36 GMT
content-type
image/gif
last-modified
Tue, 10 Dec 2024 13:00:24 GMT
x-powered-by
ASP.NET
1017
jadserve.postrelease.com/suid/ Frame B781 		43 B
534 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/1017?vk=k-un6vyvWk-4_V3Re9mPAoWPjNd0aERmNigeVuQA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.21.100.53 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-100-21-100-53.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
expires
Mon, 1 Jan 1990 12:00:00 GMT
access-control-allow-origin
*
content-length
43
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Tue, 17 Dec 2024 00:09:37 GMT
content-type
image/gif
server
nginx
cookie-sync
sync.outbrain.com/ Frame B781 		0
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-EcO5PvWk-4_V3Re9mPAoWPjNd0YJCf6c_DHr9A&initiator=partner
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
70.42.32.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache
content-length
0
date
Tue, 17 Dec 2024 00:09:37 GMT
x-traceid
a87d4335845dcb64f8bb8a031b15d069
Pug
simage2.pubmatic.com/AdServer/ Frame B781 		42 B
579 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-4sjP3vWk-4_V3Re9mPAoWPjNd0bUpZ812To3kA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-store, no-cache, private
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 16 Dec 2024 23:44:18 GMT
content-type
image/gif; charset=utf-8
server
nginx
pixel_sync
trends.revcontent.com/cm/ Frame B781 		0
0
tap.php
pixel.rubiconproject.com/ Frame B781 		42 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-cBQdhvWk-4_V3Re9mPAoWPjNd0b-SahDEa0IJQ&expires=30
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.146.5 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
1c34e56f66d325760e494cbb7a93f50f
Pragma
no-cache
content-length
42
Content-Type
image/gif
v1
match.sharethrough.com/sync/ Frame B781 		68 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-bPTR7fWk-4_V3Re9mPAoWPjNd0ahbOPporp09A
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.211.170.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-211-170-34.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
cache-control
no-cache
content-length
68
content-type
image/png
/
s.ad.smaato.net/c/ Frame B781 		0
0
um
criteo-sync.teads.tv/ Frame B781 		23 B
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-GMh99PWk-4_V3Re9mPAoWPjNd0ZC0bDQF9PIQg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.205.47 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-205-47.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.1 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

expires
Tue, 17 Dec 2024 00:09:37 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
pragma
no-cache
date
Tue, 17 Dec 2024 00:09:37 GMT
content-type
image/gif
server
pekko-http/1.0.1
sync
criteo-partners.tremorhub.com/ Frame B781 		43 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-partners.tremorhub.com/sync?UICR=k-UGfdFfWk-4_V3Re9mPAoWPjNd0baj50UOM9AGg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:32bf:c12c:81c0:4994 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Tue, 17 Dec 2024 00:09:37 GMT
content-type
image/gif
server
nginx
sync.htm
ade.clmbtech.com/uid/ Frame B781 		68 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.clmbtech.com/uid/sync.htm?pid=13079&cuid=k-tLziLPWk-4_V3Re9mPAoWPjNd0YGLVzRP4J3kw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:5400:1d::173d:b95 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
Bhoot /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=25920000; includeSubdomains
x-content-type-options
nosniff
content-length
68
x-xss-protection
1; mode=block
date
Tue, 17 Dec 2024 00:09:37 GMT
content-type
image/jpeg
server
Bhoot
x-upstream
172.29.17.245:80
x-frame-options
sameorigin
xuid
eb2.3lift.com/ Frame B781
Redirect Chain
  • https://eb2.3lift.com/xuid?mid=2711&xuid=k-Nn53kfWk-4_V3Re9mPAoWPjNd0YYQbakk-ztDA&dongle=013b
  • https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-Nn53kfWk-4_V3Re9mPAoWPjNd0YYQbakk-ztDA&dongle=013b&gdpr=0&cmp_cs=&us_privacy=
37 B
476 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-Nn53kfWk-4_V3Re9mPAoWPjNd0YYQbakk-ztDA&dongle=013b&gdpr=0&cmp_cs=&us_privacy=
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
date
Tue, 17 Dec 2024 00:09:37 GMT
content-type
image/gif

Redirect headers

cache-control
no-cache, no-store, must-revalidate
location
/xuid?ld=1&mid=2711&xuid=k-Nn53kfWk-4_V3Re9mPAoWPjNd0YYQbakk-ztDA&dongle=013b&gdpr=0&cmp_cs=&us_privacy=
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
date
Tue, 17 Dec 2024 00:09:37 GMT
sync
sync-criteo.ads.yieldmo.com/ Frame B781 		43 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-criteo.ads.yieldmo.com/sync?id=k-mB_iYfWk-4_V3Re9mPAoWPjNd0Y8wDYZgG3hfg&pn_id=criteo&ext=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.18.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-18-91.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

pragma
no-cache
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
content-length
43
date
Tue, 17 Dec 2024 00:09:37 GMT
content-type
image/gif;charset=utf-8
access-control-allow-headers
Cache-Control, Pragma, *
put
e1.emxdgt.com/ Frame B781 		43 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d53&uid=k-sE1nR_Wk-4_V3Re9mPAoWPjNd0aH2Ye9pxvzkA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.210.56.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-56-21.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

x-nosync
emp
content-length
43
date
Tue, 17 Dec 2024 00:09:37 GMT
content-type
image/gif
k-OoZ6bvWk-4_V3Re9mPAoWPjNd0aOXbDPHZGRjA
sync.1rx.io/usersync/criteodsp/ Frame B781 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync/criteodsp/k-OoZ6bvWk-4_V3Re9mPAoWPjNd0aOXbDPHZGRjA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.194.240.13 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

expires
0
cache-control
no-store, no-cache, must-revalidate
date
Tue, 17 Dec 2024 00:09:31 GMT
pragma
no-cache
params
shop.pe/widget/main/init/ 		260 B
835 B 		Script
General
Check archive.org
Download Go to
Full URL
https://shop.pe/widget/main/init/params?siteid=668e49da95ece80ee3243747&product=Cleanse24&product_url=https%3A%2F%2Fparasiterelief.com%2Fpresentation&image=&price=&currency=undefined&rating=0&rating_count=0&review_count=0&stock_status=&description=&update_product=true&subcategory=&url=https%3A%2F%2Fparasiterelief.com%2Fpresentation%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dcleansevsl%26utm_campaign%3Dcleansecpa%26affid%3D66%26oid%3D109%26uid%3D0%26_ef_transaction_id%3D3283048eda1f4c299a05dfb3753fd411%26n%3D6109&callback=AddShoppersWidget.load_widget&no_cookie_callback=AddShoppersWidget.load_no_cookie&sos=false&rand=84663&cookie=&referer=
Requested by
Host: d2mjzob2nc713b.cloudfront.net
URL: https://d2mjzob2nc713b.cloudfront.net/widget/widget.js?v=86a09eb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.244.1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
1.244.227.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
c8820edb0697c92f16ae3c6f57967e9a44e645a430fe53c68fa4d6a93011fca5
Security Headers
Name Value
Content-Security-Policy frame-ancestors none;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options deny

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

content-encoding
gzip
etag
W/"9e3a124d4776d0991194417f3721e2518f005fa1"
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PATCH
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="/w3c/p3p.xml", CP="CAO PSA OUR"
date
Tue, 17 Dec 2024 00:09:36 GMT
content-type
text/javascript
x-frame-options
deny
access-control-allow-headers
X-Requested-With, Content-Type, X-XSRFToken
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors none;
data-regulation-gdpr-enforced
false
access-control-allow-credentials
true
referrer-policy
no-referrer-when-downgrade
via
1.1 google
access-control-allow-origin
https://my.addshoppers.com
backend-version
47
server
nginx
favicon.png
parasiterelief.com/img/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://parasiterelief.com/img/favicon.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
100.28.91.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-28-91-13.compute-1.amazonaws.com
Software
nginx / Express
Resource Hash
20d1160d4baa8eb4c0ad192f9497de3a531a2a2d4357006ea7d5bb29f8b0d838

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=66&oid=109&uid=0&_ef_transaction_id=3283048eda1f4c299a05dfb3753fd411&n=6109

Response headers

Cache-Control
public, max-age=0
ETag
W/"788-18a9414c193"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1928
Date
Tue, 17 Dec 2024 00:09:36 GMT
Content-Type
image/png
X-Powered-By
Express
Server
nginx
Last-Modified
Thu, 14 Sep 2023 14:25:02 GMT
collect
e.clarity.ms/ 		0
282 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.59/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.57.85.160 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://parasiterelief.com/

Response headers

Request-Context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
Access-Control-Allow-Origin
https://parasiterelief.com
Date
Tue, 17 Dec 2024 00:09:36 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
params
shop.pe/widget/main/init/ 		1 KB
652 B 		Script
General
Check archive.org
Download Go to
Full URL
https://shop.pe/widget/main/init/params?siteid=668e49da95ece80ee3243747&product=Cleanse24&product_url=https%3A%2F%2Fparasiterelief.com%2Fpresentation&image=&price=&currency=undefined&rating=0&rating_count=0&review_count=0&stock_status=&description=&update_product=true&subcategory=&url=https%3A%2F%2Fparasiterelief.com%2Fpresentation%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dcleansevsl%26utm_campaign%3Dcleansecpa%26affid%3D66%26oid%3D109%26uid%3D0%26_ef_transaction_id%3D3283048eda1f4c299a05dfb3753fd411%26n%3D6109&callback=AddShoppersWidget.load_widget&rand=51034&cookie=2%7C1%3A0%7C10%3A1734394176%7C15%3Aaddshoppers.com%7C44%3AYWFkM2MyNWVkY2ViNDczODhlNjJlZTlmNDI3OTFmZmM%3D%7C0b32d060c6efe8bc44ab894657c0b2cde6e28f37282425f26436a5bbba2f4b5f&referer=
Requested by
Host: d2mjzob2nc713b.cloudfront.net
URL: https://d2mjzob2nc713b.cloudfront.net/widget/widget.js?v=86a09eb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.244.1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
1.244.227.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
6cde37e91cfb77d3ce2a7193273f44e68ac49381f23c331dbbe1ec27cc61706c
Security Headers
Name Value
Content-Security-Policy frame-ancestors none;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options deny

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

content-encoding
gzip
etag
W/"076cee118057a2d02faaa182067665ca3daa8934"
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PATCH
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="/w3c/p3p.xml", CP="CAO PSA OUR"
date
Tue, 17 Dec 2024 00:09:36 GMT
content-type
text/javascript
x-frame-options
deny
access-control-allow-headers
X-Requested-With, Content-Type, X-XSRFToken
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors none;
data-regulation-gdpr-enforced
false
access-control-allow-credentials
true
referrer-policy
no-referrer-when-downgrade
via
1.1 google
access-control-allow-origin
https://my.addshoppers.com
backend-version
47
server
nginx
setuid
ib.adnxs.com/ Frame B781 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=52&code=k-0cJLf_Wk-4_V3Re9mPAoWPjNd0Y05Wk4XmNPKg
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.184 Colonia, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin
167.114.209.103; 167.114.209.103; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid
69b86865-78bb-4113-84b9-c22c5e811837
content-length
43
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Tue, 17 Dec 2024 00:09:36 GMT
x-xss-protection
0
content-type
image/gif
server
nginx/1.23.4
641a046f610c4ab0a7fc83bea7a7825f.js
addshoppers.s3.amazonaws.com/customize/668e49da95ece80ee3243747/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://addshoppers.s3.amazonaws.com/customize/668e49da95ece80ee3243747/641a046f610c4ab0a7fc83bea7a7825f.js?_t=1732544339
Requested by
Host: d2mjzob2nc713b.cloudfront.net
URL: https://d2mjzob2nc713b.cloudfront.net/widget/widget.js?v=86a09eb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.216.49.113 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
a5ead07253f5d4cf3ee1ffe784ea11adc732da2fcb8a5f0e81c2cdc42233f796

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

x-amz-id-2
lXWFoR5SMa/Lo+O8opR6lHA4pohdbhzzgbfBllrcwsAspQUdVtfzGUp0vW9RLNfADbkQbKWvoEE=
Cache-Control
max-age=2592000, public
Content-Encoding
gzip
ETag
"0b0aa931535435ca2c5d61485c429156"
x-amz-version-id
R.9E8BYWcX1kKwLsWufkak6jSLQ9ckZ6
x-amz-request-id
C0SX760WEE3VJT87
Accept-Ranges
bytes
Content-Length
1315
Date
Tue, 17 Dec 2024 00:09:38 GMT
Last-Modified
Mon, 25 Nov 2024 14:19:00 GMT
Content-Type
application/javascript; charset=utf-8
Server
AmazonS3
x-amz-server-side-encryption
AES256
input.js
shopper.shop.pe/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shopper.shop.pe/input.js
Requested by
Host: shop.pe
URL: https://shop.pe/widget/widget_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.54.17 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
17.54.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
620a97911c6964bfc7cfacf4df74b3ba598ef728f2117675d171e4c62d500add

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

x-goog-metageneration
2
access-control-expose-headers
Access-Control-Allow-Origin
content-encoding
gzip
x-goog-hash
crc32c=mi0bhQ==, md5=0xF0XoMHewePpWbHehXZtQ==
etag
"d311745e83077b078fa566c77a15d9b5"
age
8687
x-goog-stored-content-encoding
gzip
expires
Tue, 17 Dec 2024 01:44:50 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
8831
date
Mon, 16 Dec 2024 21:44:50 GMT
last-modified
Tue, 13 Feb 2024 16:47:53 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
x-guploader-uploadid
AFiumC5tpktbVDdyswxaki13b5RRdnpLzEAL_bHejPEg3P1jaIhdyycpfVcvWT5rUwJ4cW2i
cache-control
public, max-age=14400
x-goog-storage-class
STANDARD
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1707842873418606
content-length
8831
server
UploadServer
status
app.shop.pe/app/datapartners/ 		34 B
500 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.shop.pe/app/datapartners/status?usersite_id=668e49da95ece80ee3243747
Requested by
Host: d2mjzob2nc713b.cloudfront.net
URL: https://d2mjzob2nc713b.cloudfront.net/widget/widget.js?v=86a09eb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.244.1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
1.244.227.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
b4435b5ac2f1916ed1135fb1738a1cef87cb666f4356a6678fb1c77e1273f9e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options deny

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
etag
W/"0467ba22658b680d6de72dc567071b5bc495547f"
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PATCH
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="/w3c/p3p.xml", CP="CAO PSA OUR"
date
Tue, 17 Dec 2024 00:09:37 GMT
content-type
application/json; charset=UTF-8
server
nginx
access-control-allow-headers
X-Requested-With, Content-Type, X-XSRFToken
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Libre+Baskerville:ital,wght@0,400;0,700;1,400&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.192.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f94.1e100.net
Software
sffe /
Resource Hash
4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://parasiterelief.com
Referer
https://fonts.googleapis.com/

Response headers

age
201651
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 14 Dec 2025 16:08:45 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 14 Dec 2024 16:08:45 GMT
last-modified
Thu, 01 Aug 2024 20:41:19 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18492
x-xss-protection
0
server
sffe
iframe
nytrng.com/ Frame 35C7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://nytrng.com/iframe?vcp=4dd5h0np&as_id=aad3c25edceb47388e62ee9f42791ffc
Requested by
Host: d2mjzob2nc713b.cloudfront.net
URL: https://d2mjzob2nc713b.cloudfront.net/widget/widget.js?v=86a09eb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.128.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a954c1fc80b8251dc.awsglobalaccelerator.com
Software
gunicorn /
Resource Hash

Request headers

Referer
https://parasiterelief.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-length
417
content-type
text/html; charset=utf-8
date
Tue, 17 Dec 2024 00:09:37 GMT
server
gunicorn
consent
manage.safeopt.com/ 		0
836 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://manage.safeopt.com/consent
Requested by
Host: shopper.shop.pe
URL: https://shopper.shop.pe/input.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.244.1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
1.244.227.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options deny

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

access-control-expose-headers
Data-Regulation-Gdpr-Enforced
etag
"da39a3ee5e6b4b0d3255bfef95601890afd80709"
access-control-allow-methods
HEAD, GET, POST
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="/w3c/p3p.xml", CP="CAO PSA OUR"
date
Tue, 17 Dec 2024 00:09:37 GMT
content-type
text/html; charset=UTF-8
x-frame-options
deny
access-control-allow-headers
X-Requested-With, Content-Type, Data-Regulation-Gdpr-Enforced
strict-transport-security
max-age=31536000; includeSubDomains
data-regulation-gdpr-enforced
false
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
*
content-length
0
server
nginx
collect
e.clarity.ms/ 		0
282 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.59/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.57.85.160 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://parasiterelief.com/

Response headers

Request-Context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
Access-Control-Allow-Origin
https://parasiterelief.com
Date
Tue, 17 Dec 2024 00:09:38 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-SSVM2TL5G6&gtm=45je4cc1v871036254za200zb9138730978&_p=1734394174596&gcs=G111&gcd=13v3v3v3v5l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1848701378.1734394175&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1734394175&sct=1&seg=0&dl=https%3A%2F%2Fparasiterelief.com%2Fpresentation%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dcleansevsl%26utm_campaign%3Dcleansecpa%26affid%3D66%26oid%3D109%26uid%3D0%26_ef_transaction_id%3D3283048eda1f4c299a05dfb3753fd411%26n%3D6109&dt=Cleanse24&en=scroll&epn.percent_scrolled=90&_et=109&tfd=6528
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SSVM2TL5G6&l=dataLayer&cx=c&gtm=45He4cc1v9138730978za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://parasiterelief.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Dec 2024 00:09:40 GMT
content-type
text/plain
server
Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ad.doubleclick.net
URL
https://ad.doubleclick.net/activity;register_conversion=1;src=13811400;type=nda;cat=cl24_00;ord=1;num=2721080127429;npa=0;auiddc=1939236442.1734394175;ps=1;pcor=1527780946;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4cc1z89138730978za201zb9138730978;gcs=G111;gcd=13v3v3v3v5l1;dma=0;tag_exp=101925629~102067555~102067808~102081485~102198178;epver=2;~oref=https%3A%2F%2Fparasiterelief.com%2Fpresentation%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dcleansevsl%26utm_campaign%3Dcleansecpa%26affid%3D66%26oid%3D109%26uid%3D0%26_ef_transaction_id%3D3283048eda1f4c299a05dfb3753fd411%26n%3D6109?
Domain
partner.mediawallahscript.com
URL
https://partner.mediawallahscript.com/?account_id=2034&partner_id=2079&uid=AAEP2U7OwYMAABjTtykbsQ&tag_format=img&tag_action=sync&cb=31
Domain
trends.revcontent.com
URL
https://trends.revcontent.com/cm/pixel_sync?bidder=151&bidder_uid=k-MuAmtvWk-4_V3Re9mPAoWPjNd0ZdP0d8MKQ_SQ
Domain
s.ad.smaato.net
URL
https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-rm2vPvWk-4_V3Re9mPAoWPjNd0bZipAAT0nw_A

Verdicts & Comments Add Verdict or Comment

123 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| dataLayer function| fbq function| _fbq object| lazySizesConfig object| lazySizes function| init function| adjustVideoPlayerSize function| onYouTubeIframeAPIReady function| getVideoStartTime function| onProgress function| updateTime function| setTapImageSource function| showTapImage function| hideTapImage function| showNextStepButton function| videoChangeGo function| handleKeyboardEvent function| isFacebookApp function| smoothScrollTo function| calculateScrollTopPosition function| showCookiesBanner function| acceptCookies function| setCookie function| getCookie function| toOrderForm object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| google_tag_manager object| google_tag_data function| snaptr function| qp string| qpGtm object| rtbhEvents object| criteo_q string| TiktokAnalyticsObject object| ttq function| twq function| clarity function| esk function| ___esk object| AddShoppersWidgetOptions function| ucAnpFailback function| ucRemoveBadMacros function| ucAnpCallback object| gaGlobal object| qevents object| _scPxHelper object| _scPxTeller object| Criteo object| regeneratorRuntime object| twttr object| EF object| TimeMe boolean| _ucaloaded string| _ucav function| ucGetCssSelectorShort function| ucParentsCalc function| ucCalculateSelector function| ucaPushPageEvent object| _uca function| ucaEvent boolean| ucaInit function| _b64dec object| LI object| liQHub object| liQ function| gtag object| AddShoppersLoader object| AddShoppersLoaderErrorHandlers object| liQ_instances function| AddShoppersTriggerRunner object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks function| as_cleanse_field function| as_detect_cc function| as_gaPageView function| as_gaSocial function| as_gaEvent function| as_gaSet function| as_logMessage function| DataPartnerStatusGeo function| as_logError function| as_resolveEnvironmentURL function| asConsoleLog function| asShopifyCPTag function| asShopifyCPCartUpdate function| asShopifyParseImageSrc function| asShopifyCPProductBrowsed function| asShopifyCMPushCart function| asShopifyCPConversion function| asShopifyCPCartAddItem object| _mag object| AddShoppersWidget function| AddShoppersWidget_plus_one object| SchemaParser object| _add number| ieVer object| obj number| AddShoppersWidgetLoaded object| AddShoppersWidgetLang object| result function| asIsProductPage function| asCartRows function| asCartItems function| asCart

149 Cookies

Domain/Path Name / Value
sc-static.net/scevent.min.js Name: X-AB
Value: 49c899aa23974ef3a3863a2944d923ca
.liadm.com/j Name: lidid
Value: 28027bdd-b813-444d-9b16-bbc073c6686d
i.liadm.com/s Name: _li_ss
Value: Cj4KBQgKEM4ZCgYI3QEQzhkKBgilARDOGQoGCIEBEM4ZCgYI9QEQzhkKBgiiARDOGQoGCNIBEM4ZCgUIfhDOGQ
links.easyhealthjournal.com/ Name: _session_id
Value: ea420c3942f0a3e6ed99511d1ddabfd7
www.bg6yrfg.com/ Name: uniqueClick_6DC976
Value: 88f9b08a-1428-4f78-af1c-7867b078ceea:1734394174
www.bg6yrfg.com/ Name: transaction_id
Value: 3283048eda1f4c299a05dfb3753fd411
.youtube.com/ Name: YSC
Value: rPaFi3CMUdw
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: FihTDPVRWZg
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJDQRIEGgAgSg%3D%3D
.youtube.com/ Name: __Secure-ROLLOUT_TOKEN
Value: COT9_PqrgK-8JhC_x8Hlwa2KAxi_x8Hlwa2KAw%3D%3D
.parasiterelief.com/ Name: _fbp
Value: fb.1.1734394174892.170684383800673746
.parasiterelief.com/ Name: _gcl_au
Value: 1.1.1939236442.1734394175
secure.parasiterelief.com/ Name: AWSALB
Value: L9RqZVXwU97FLPF+9rMHZpbdZhoIfjgN9e8fEYZVq4PUdhJNtQuGmDBk89q6B1enL6xUyVnzNUpyiM3PKExBEWTYkOHyW6RESk2qkAUaEnmOZP3gPxdKJYl841Ea
secure.parasiterelief.com/ Name: AWSALBCORS
Value: L9RqZVXwU97FLPF+9rMHZpbdZhoIfjgN9e8fEYZVq4PUdhJNtQuGmDBk89q6B1enL6xUyVnzNUpyiM3PKExBEWTYkOHyW6RESk2qkAUaEnmOZP3gPxdKJYl841Ea
.secure.parasiterelief.com/ Name: LHP-ANP
Value: 9044
secure.parasiterelief.com/ Name: JSESSIONID
Value: abcaZwywwDPbbJvZIHB1I
secure.parasiterelief.com/ Name: LBJSESSIONID
Value: abcaZwywwDPbbJvZIHB1I.n432
.parasiterelief.com/ Name: _ga
Value: GA1.1.1848701378.1734394175
.tiktok.com/ Name: _ttp
Value: 2qJwqLPSLhulViGqymB4GaAvNLa
.parasiterelief.com/ Name: _scid
Value: 8J4IRGKwYDMxPETtmp1f7_GjxM9A4ILu
.parasiterelief.com/ Name: _scid_r
Value: 8J4IRGKwYDMxPETtmp1f7_GjxM9A4ILu
.parasiterelief.com/ Name: _ga_SSVM2TL5G6
Value: GS1.1.1734394175.1.0.1734394175.60.0.0
parasiterelief.com/ Name: __rtbh.lid
Value: %7B%22eventType%22%3A%22lid%22%2C%22id%22%3A%22F2bQX94ddT4iLfmmhhuU%22%2C%22expiryDate%22%3A%222025-12-17T00%3A09%3A35.358Z%22%7D
.doubleclick.net/ Name: ar_debug
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUlNfzBx3PJgnDwn4_b2ccOk48i0DutbXQi09YbuKYGg2o4Z8Z5iFFATfJBO
www.clarity.ms/ Name: CLID
Value: 5e744a1edccb411b82164826879bc2aa.20241217.20251217
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.parasiterelief.com/ Name: _li_dcdm_c
Value: .parasiterelief.com
.criteo.com/ Name: uid
Value: 6d98dfc5-50e6-4f80-b91d-e6781615c66d
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.parasiterelief.com/ Name: _lc2_fpi
Value: 2fd7b255045c--01jf8z5qzywpgbkcpcr2hhj9mx
.parasiterelief.com/ Name: _clck
Value: 1w98gnj%7C2%7Cfrs%7C0%7C1812
.parasiterelief.com/ Name: ucacid
Value: 272270463.873214
.parasiterelief.com/ Name: cto_bundle
Value: 1I2ODV9QJTJGR1prdFlxWDhoN0N0R0tOU2c4bmpjNWJpYlVsMzFrd0JuZnZRUkNSb3ZiUjR0RUluS0JGZGFVb0NJRlgzYU5qeFVLblNlYnpxeXhTZWpzSFN6ZnVKM2VMRjVwWHRDMkN5Q25mMUVuVmclMkJRJTJGVFpvblhTdWJVR2xENlgxZTB4UVVhcktIZHpXcVIlMkZZZ1dkR0Z2eXNpcllOY1NObGElMkJ1bCUyRjFBWEdZbkdPdXMlM0Q
.parasiterelief.com/ Name: _ScCbts
Value: %5B%5D
.eskimi.com/ Name: __eConsent
Value: 1
.eskimi.com/ Name: __eDId
Value: 6ca46e71-1453-4bc5-a57c-83debff43a60
.eskimi.com/ Name: __eP
Value: 1
.parasiterelief.com/ Name: _tt_enable_cookie
Value: 1
.parasiterelief.com/ Name: _ttp
Value: 5weby6wP37ZwTi6R3UG6u0Dq40q.tt.1
.twitter.com/ Name: guest_id_marketing
Value: v1%3A173439417571484203
.twitter.com/ Name: guest_id_ads
Value: v1%3A173439417571484203
.twitter.com/ Name: personalization_id
Value: "v1_a0hZ4syNwvjj/4unzaOqFQ=="
.twitter.com/ Name: guest_id
Value: v1%3A173439417571484203
.t.co/ Name: muc_ads
Value: 162403e7-e5c7-4ac6-b3c3-2891866bba5f
.t.co/ Name: __cf_bm
Value: _CoXJ_Hxrp9FrTdwgPO1jCpiuTlQqZ8vfVrL9opah8s-1734394175-1.0.1.1-v7llqWYzfOc89ERfe07Q8jrZBl6ch71_9Q6KZS6FCW71dRPYFCY5pAGdf5J4kd9QxKcCP_PSHmS8qQI0r9bXZA
www.p8btrk.com/ Name: uniqueClick
Value: 10cfb322-6a7f-4d76-9889-04cb2ca4deed:1734394175
www.p8btrk.com/ Name: transaction_id
Value: 3283048eda1f4c299a05dfb3753fd411
parasiterelief.com/ Name: ef_witness
Value: 1
parasiterelief.com/ Name: ef_affid
Value: 66
parasiterelief.com/ Name: ef_tid_c_o_109
Value: 3283048eda1f4c299a05dfb3753fd411
parasiterelief.com/ Name: ef_tid_c_a_6
Value: 3283048eda1f4c299a05dfb3753fd411
.liadm.com/ Name: lidid
Value: 28027bdd-b813-444d-9b16-bbc073c6686d
.tapad.com/ Name: TapAd_TS
Value: 1734394175902
.tapad.com/ Name: TapAd_DID
Value: 43ba8451-8e5c-484e-a8ed-fde109044854
.openx.net/ Name: i
Value: f92da7b6-9284-42a7-9da9-c3bce58b25a1|1734394175
.casalemedia.com/ Name: CMID
Value: Z2DBP9HM6WMAAFXqAf.MeQAA
.casalemedia.com/ Name: CMPS
Value: 3527
.casalemedia.com/ Name: CMPRO
Value: 3527
.parasiterelief.com/ Name: _clsk
Value: 1us8wjr%7C1734394175950%7C1%7C1%7Ce.clarity.ms%2Fcollect
.adingo.jp/ Name: eskimi
Value: 6ca46e71-1453-4bc5-a57c-83debff43a60
.pubmatic.com/ Name: KRTBCOOKIE_1473
Value: 23607-6ca46e71-1453-4bc5-a57c-83debff43a60&KRTB&23613-6ca46e71-1453-4bc5-a57c-83debff43a60
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.rubiconproject.com/ Name: khaos
Value: M4RPIF2X-B-4GDP
.rubiconproject.com/ Name: khaos_p
Value: M4RPIF2X-B-4GDP
.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.adsrvr.org/ Name: TDID
Value: 31b08d60-a01b-4c1c-9eb8-ec02515b4b55
.rkdms.com/ Name: sc
Value: 13%3A122376
.rkdms.com/ Name: sessionid
Value: h-1986a124eaa0456db9e834c9d1ca1534_t-1734394175
.demdex.net/ Name: demdex
Value: 05564444686563594484462673356755185657
.zemanta.com/ Name: zuid
Value: 5p3imca5Cyb65tCilRnm
.turn.com/ Name: uid
Value: 7508303963750894484
.creativecdn.com/ Name: g
Value: joxLKhjctHtUUMjjqpKy_1734394176011
.creativecdn.com/ Name: c
Value: joxLKhjctHtUUMjjqpKy_EuTwXXOV4Sc7dJbpixmK_1734394176011
.creativecdn.com/ Name: ts
Value: 1734394176
.snapchat.com/ Name: sc_at
Value: v2|H4sIAAAAAAAAAE3GuQ0AMQgEwIqQQKx5XM76qcLFX3oTDVfusBjCBQr2VSGrhNf95IiuzmfQaenwhmW8X/UDgD/STEAAAAA=
.parasiterelief.com/ Name: _sctr
Value: 1%7C1734336000000
.smartadserver.com/ Name: pid
Value: 8401124119484074457
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 156:6ca46e71-1453-4bc5-a57c-83debff43a60
.dpm.demdex.net/ Name: dpm
Value: 05564444686563594484462673356755185657
.rezync.com/ Name: zync-uuid
Value: 18b40d5e-ca43-4d0b-b803-f8939cc43bd7:1734394176.0901854
.csync.loopme.me/ Name: viewer_token
Value: dfe74f39-82c2-4ba6-8b42-91fec702203d
.creativecdn.com/ Name: ar_debug
Value: 1
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_13IsRGAMAgF0AmsMgcehB8BtwmJDmRp6aSW3lm-dxUTT_BsB40OJUxOSmel00NjDGhO28UUGhDbVg4Wb7jL8mWt_vz8AoJkTqNaAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjS3NDeysDA0MTA0MzWxMDAzshDiM9TVrSrJCYky9XTzzykEAOWm2wIlAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjS3NDeysDA0MTA0MzWxMDAzshDiM9TVrSrJCYky9XTzzykEAOWm2wIlAAAA
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_wXBwRGAMAgEwI_t4MDcRcBuBGIhVu7ud7hFUWdt6YcQjpZUKOSNRHYTNX6bg0iaX6emWiz-4k9ogzoAAAA
live.rezync.com/ Name: sd-session-id
Value: .eJwVylEOgyAMANC79FuWYgsULmMEuoRsukX0Z8a7b_t8yTtheuu2zKuuO6R9O3SA8mw_dUgn9PZZ9AEJbIhhFLGM1jsW9KPANUDX3ttrnVr9H8mM1akpM5PhitlkQTJ3iRRLYco1JBuIKbIN_oYRrTiG6wu5BiXO.Z2DBQA.5ZwkRVUtytsH8hI_QLl78vgtLzk
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.rlcdn.com/ Name: rlas3
Value: 60r3pOfGnAq2itzEkQZrBThUt+AnRD2GHa4eIFdnD1g=
.rlcdn.com/ Name: pxrc
Value: CMCCg7sGEgUI6AcQABIGCLrqARAA
parasiterelief.com/ Name: /presentation:watchVideoTime:3Iqy9rJ0soM
Value: 0
.adnxs.com/ Name: XANDR_PANID
Value: 3v3r_8IemhDuniqs8AZjWq8XOp9s0Qp3nJFlyXKQ-9m4SFKj_r4wGCYfHX4gDzOWL16IRsHYSh_gNRONzlocJgXb5tg049CfuzAEdOGREoQ.
.adnxs.com/ Name: uuid2
Value: 3064710490559218548
shop.pe/ Name: addshoppers
Value: "2|1:0|10:1734394176|11:addshoppers|44:YWFkM2MyNWVkY2ViNDczODhlNjJlZTlmNDI3OTFmZmM=|15f3d5682a99c4aab71fe4f3b33a2e8622bf9ce814c4f4b418fec51794184071"
parasiterelief.com/ Name: addshoppers.com
Value: 2%7C1%3A0%7C10%3A1734394176%7C15%3Aaddshoppers.com%7C44%3AYWFkM2MyNWVkY2ViNDczODhlNjJlZTlmNDI3OTFmZmM%3D%7C0b32d060c6efe8bc44ab894657c0b2cde6e28f37282425f26436a5bbba2f4b5f
.criteo.com/ Name: cto_bundle
Value: MS_gGF84clBqVVRudGclMkJQYzltVWlER1Y0MiUyRjd6NEZPQ3lIelJnbmNJdkVkbzh3aTNaN1hTeUlXWDN1NEplZ3dIS0QlMkJwJTJCQlFtbm5PQTNrU2s3ZzQlMkI0cFAxZkh2aDREdTROTzRuNXpaUHFqU3VGQW12SWpzSHBnd0JZZVdObTNlazdxM3I
.adnxs.com/ Name: anj
Value: dTM7k!M4/rCxrEQF']wIg2HbWlDlPwN6f94BJFNE<2_HbEIy0_LmoNZPQ/vEe1t6<Z0@!h6=Kz%EKR(A9qQKMF>H@QvC?/E%URmumX`Ge(EWos>wL5L!!#9@*v=TK
.360yield.com/ Name: tuuid
Value: 830f58d2-a1d3-43c0-ba0a-08ceb164b8bf
.360yield.com/ Name: tuuid_lu
Value: 1734394176
.taboola.com/ Name: t_gid
Value: b93879f0-367e-4c2c-b0a3-d9fe67cd0b31-tucte5a46c0
.taboola.com/ Name: t_pt_gid
Value: b93879f0-367e-4c2c-b0a3-d9fe67cd0b31-tucte5a46c0
.omnitagjs.com/ Name: ayl_visitor
Value: 95693909d96cafe059d24b041c796bbe
.ads.stickyadstv.com/ Name: UID
Value: 727879a4ef6c8146c3378f4f824e3e
.ads.stickyadstv.com/ Name: uid-bp-11554
Value: k-uJQ4O_Wk-4_V3Re9mPAoWPjNd0YfnZgAJOe4oA
.mediawallahscript.com/ Name: mCookie
Value: 33ab4820-bc0b-11ef-b1a7-bb0111ff9c37
.mediawallahscript.com/ Name: mUserCookie
Value: %7B%7D
.360yield.com/ Name: um
Value: !38,LmIf-hIL.uyjfEkTuvy4Sece1pRdVQlRLLb.aA9DUKuhSK-d0XqEYFQ3j6i9zrdtpdpzGqfS,1742170176
.360yield.com/ Name: umeh
Value: !38,0,1796602176,-1
.pubmatic.com/ Name: KRTBCOOKIE_97
Value: 3385-uid:k-4sjP3vWk-4_V3Re9mPAoWPjNd0bUpZ812To3kA&KRTB&23037-uid:k-4sjP3vWk-4_V3Re9mPAoWPjNd0bUpZ812To3kA&KRTB&23144-uid:k-4sjP3vWk-4_V3Re9mPAoWPjNd0bUpZ812To3kA&KRTB&23286-uid:k-4sjP3vWk-4_V3Re9mPAoWPjNd0bUpZ812To3kA
.pubmatic.com/ Name: PugT
Value: 1734392658
exchange.mediavine.com/ Name: mv_tokens
Value: %7B%22mv_uuid%22%3A%2233bf9370-bc0b-11ef-a4b5-93e05de953c5%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/ Name: mv_tokens_invalidate-verizon-pushes
Value: %7B%22mv_uuid%22%3A%2233bf9370-bc0b-11ef-a4b5-93e05de953c5%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/ Name: am_tokens
Value: %7B%22mv_uuid%22%3A%2233bf9370-bc0b-11ef-a4b5-93e05de953c5%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/ Name: am_tokens_invalidate-verizon-pushes
Value: %7B%22mv_uuid%22%3A%2233bf9370-bc0b-11ef-a4b5-93e05de953c5%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/ Name: criteo
Value: %7B%22id%22%3A%22k-uUU75PWk-4_V3Re9mPAoWPjNd0afA1ffjHmj5A%22%2C%22version%22%3A%22criteo%22%7D
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 25838FAD258362823D609AF524556332
.bing.com/ Name: MUID
Value: 2644A2C81E3E664F111BB7901FE8678F
.thrtle.com/ Name: mc
Value: eyJpZCI6ImY0MzMzZDMwLTUzYTEtNGRhMi1iNDRlLTFjOWZjMGMwYzcwZiIsImwiOjE3MzQzOTQxNzcwODcsInQiOjF9
.thrtle.com/ Name: sc
Value: eyJpIjoiZjQzMzNkMzAtNTNhMS00ZGEyLWI0NGUtMWM5ZmMwYzBjNzBmIiwic2lkIjoic2lkLTMzYzM0NTcyLWJjMGItMTFlZi05ZjY2LTAyNDIwYTAwMDQ2YiIsIm1zIjoyLCJ0cyI6MSwicHMiOjEsInNwIjo1MDM4LCJwcCI6MSwidHNlIjoxLCJpciI6dHJ1ZSwibHRzZSI6MTczNDM5NDE3NzA4NywiXyI6dHJ1ZX0=
.rubiconproject.com/ Name: audit_p
Value: 1|UWDP08TtRl8cMKtjG+SwpqUSkHi/oPJhnW9VZpbi9UY3Sds8s51Nz2GXlcXpzU1bru/nUgWh452M1KxoLazIt4cp5TmoRJxlXjuCfDKLtOY5ImqfzwkX6laljHWnqh60l7WnPVCH0Fu3DznaypRhTlJzdeFPUArJIYv80SAbHT+bsJo3an40G3CIA43RpoQF2VjNQwH8cwgbi4pXvzrjAioZtVM+4NZa/whqk4bOR7U=
.rubiconproject.com/ Name: audit
Value: 1|UWDP08TtRl8cMKtjG+SwpqUSkHi/oPJhnW9VZpbi9UY3Sds8s51Nz2GXlcXpzU1bru/nUgWh452M1KxoLazIt4cp5TmoRJxlXjuCfDKLtOY5ImqfzwkX6laljHWnqh60l7WnPVCH0Fu3DznaypRhTlJzdeFPUArJIYv80SAbHT+bsJo3an40G3CIA43RpoQF2VjNQwH8cwgbi4pXvzrjAioZtVM+4NZa/whqk4bOR7U=
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 25838FAD258362823D609AF524556332
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
.media.net/ Name: visitor-id
Value: 3773957771978306000V10
.media.net/ Name: data-c-ts
Value: 1734394177
.media.net/ Name: data-c
Value: k-vCC0k_Wk-4_V3Re9mPAoWPjNd0ZyEdt_wlTcwA~~3
.tremorhub.com/ Name: tvid
Value: 9db81745f2e54cf8b921bac405a8cf6f
.tremorhub.com/ Name: tv_UICR
Value: k-UGfdFfWk-4_V3Re9mPAoWPjNd0baj50UOM9AGg
.3lift.com/ Name: tluidp
Value: 2462737648086857541953
.3lift.com/ Name: tluid
Value: 2462737648086857541953
.teads.tv/ Name: tt_viewer
Value: 786627bc-33ae-40ad-be57-352097d9ac82
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: e82763fbcd1038f6e42204e933b69dd8
.postrelease.com/ Name: visitor
Value: 496b10c1-7152-4b43-978c-c035ac464a39
.postrelease.com/ Name: status
Value: 0
.adsrvr.org/ Name: TDCPM
Value: CAESGQoKbGl2ZWludGVudBILCPzE4_mjjs89EAUYASABKAIyCwiShqy0uo7PPRAFOAFaB3Z4c3J2M2lgAg..
.yieldmo.com/ Name: yieldmo_id
Value: VzMPvDHbVPH3Mu16uG4O%7C1734393600000%7C0
.ads.yieldmo.com/ Name: ptrcriteo
Value: k-mB_iYfWk-4_V3Re9mPAoWPjNd0Y8wDYZgG3hfg
.lijit.com/ Name: ljt_reader
Value: J2AJALZHe-wtpcdvRsOMW0UN
.pubmatic.com/ Name: KADUSERCOOKIE
Value: C72D7E19-025E-4569-AB34-76F9D4A3980D
.mathtag.com/ Name: uuid
Value: bf7d6760-c142-4300-9796-60ae1aa3dc0b
.bidr.io/ Name: bito
Value: AAEP2U7OwYMAABjTtykbsQ
.bidr.io/ Name: bitoIsSecure
Value: ok
.mediawallahscript.com/ Name: mRemnantVisitedCookie_d41d8cd98f00b204e9800998ecf8427e_12_2024
Value: %7B%2226W1vI%22%3A1%7D

5 Console Messages

Source Level URL
Text
rendering warning URL: https://parasiterelief.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=66&oid=109&uid=0&_ef_transaction_id=3283048eda1f4c299a05dfb3753fd411&n=6109
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0C02C04EC1A0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://parasiterelief.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=66&oid=109&uid=0&_ef_transaction_id=3283048eda1f4c299a05dfb3753fd411&n=6109
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0F02C04EC1A0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://parasiterelief.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=66&oid=109&uid=0&_ef_transaction_id=3283048eda1f4c299a05dfb3753fd411&n=6109
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0A0A602EC1A0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://parasiterelief.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=66&oid=109&uid=0&_ef_transaction_id=3283048eda1f4c299a05dfb3753fd411&n=6109
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A040A602EC1A0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
network error URL: https://partner.mediawallahscript.com/?account_id=2034&partner_id=2079&uid=AAEP2U7OwYMAABjTtykbsQ&tag_format=img&tag_action=sync&cb=31
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

13811400.fls.doubleclick.net
a.quora.com
ad.360yield.com
ad.doubleclick.net
addshoppers.s3.amazonaws.com
ade.clmbtech.com
ads.stickyadstv.com
adservice.google.com
analytics.google.com
analytics.tiktok.com
analytics.twitter.com
app.shop.pe
b-code.liadm.com
c.bing.com
c.clarity.ms
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
cs.adingo.jp
csync.loopme.me
d1pqvb2h9xgm7r.cloudfront.net
d2mjzob2nc713b.cloudfront.net
d9i5ve8f04qxt.cloudfront.net
dis.criteo.com
dpm.demdex.net
dsp-ap.eskimi.com
dsp-media.eskimi.com
dsp-trk.eskimi.com
dsum-sec.casalemedia.com
dynamic.criteo.com
e.clarity.ms
e1.emxdgt.com
eb2.3lift.com
eu-u.openx.net
exchange.mediavine.com
fonts.googleapis.com
fonts.gstatic.com
gum.criteo.com
i.liadm.com
ib.adnxs.com
image2.pubmatic.com
jadserve.postrelease.com
links.easyhealthjournal.com
manage.safeopt.com
match.sharethrough.com
nytrng.com
parasiterelief.com
partner.mediawallahscript.com
pixel.rubiconproject.com
public-prod-dspcookiematching.dmxleo.com
q.quora.com
r.casalemedia.com
rp.liadm.com
rp4.liadm.com
rtb-csync.smartadserver.com
s.ad.smaato.net
sc-static.net
secure.parasiterelief.com
service3.purehealthresearch.com
shop.pe
shopper.shop.pe
simage2.pubmatic.com
sslwidget.criteo.com
static.ads-twitter.com
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.1rx.io
sync.outbrain.com
t.co
tags.creativecdn.com
td.doubleclick.net
thrtle.com
tr.snapchat.com
tr6.snapchat.com
trends.revcontent.com
ups.analytics.yahoo.com
us.creativecdn.com
visitor.omnitagjs.com
widget.as.criteo.com
widget.eu.criteo.com
www.bg6yrfg.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.p8btrk.com
www.youtube-nocookie.com
www.youtube.com
x.bidswitch.net
ad.doubleclick.net
partner.mediawallahscript.com
s.ad.smaato.net
trends.revcontent.com
100.21.100.53
100.28.91.13
104.18.27.193
104.244.42.3
134.209.162.206
141.226.224.48
142.251.167.148
142.251.167.94
146.75.28.157
162.159.140.229
162.159.153.247
169.150.236.105
172.217.222.149
173.194.66.157
174.129.246.97
178.250.1.9
18.160.37.222
182.161.74.16
185.184.10.30
188.42.63.48
188.42.63.49
20.110.205.119
20.57.85.160
2001:4860:4802:38::181
2001:4998:14:800::1000
2001:4998:60:807::2
207.65.37.184
209.85.144.154
216.22.16.9
23.21.74.44
23.212.251.27
23.55.205.47
23.62.172.23
2600:1408:5400:1d::173d:b95
2600:1f18:612b:4232:32bf:c12c:81c0:4994
2600:1f18:730:b150:daed:5d92:e571:5d73
2600:9000:2509:1a00:8:8845:1500:93a1
2600:9000:28ac:8600:d:370a:51c0:93a1
2607:f8b0:4004:c08::5d
2607:f8b0:4004:c08::5f
2607:f8b0:4004:c19::be
2607:f8b0:4004:c1b::61
2607:f8b0:4004:c21::8b
2607:f8b0:400d:c04::9a
2607:f8b0:400d:c07::9a
2620:100:a00b::12
2620:100:a00b::6
2620:1ec:29:1::40
2620:1ec:c11::237
2a02:6ea0:c400::53
3.163.245.4
3.167.64.79
3.167.69.43
3.210.56.21
3.217.222.187
3.218.55.33
3.220.18.91
31.13.66.19
31.13.66.35
34.107.199.247
34.231.172.117
35.190.43.134
35.190.54.17
35.211.202.130
35.214.233.111
35.227.244.1
35.238.129.105
35.244.159.8
35.245.40.102
50.19.69.177
52.202.190.25
52.21.200.160
52.216.49.113
52.223.22.214
54.160.149.172
54.211.170.34
63.251.28.230
68.67.160.184
69.173.146.5
69.194.240.13
70.42.32.63
74.119.117.16
74.125.192.94
74.125.192.99
8.28.7.83
99.83.128.14
0675349b897d53d085196f7db8cd66b0c61ee6b856e738996544afe7ce78b7c1
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c622a1fc94fd265a22e9cc52a06a468d0b3d16712d3049c344e0315746ce4c8
14939503c8a97bef459ce94218f0e65933ab569f7b1d726bcb0b3c1031ebccf9
1c861c26773390863ae121a67ec84609a45d31dc45c36c13cca0f456b92f53c2
1c97d84aa36d1d4e878d0d3832034b99725ddff93ded97d72ae2350ae7c019d5
1f618b2f23488c29ff95cd8eed34ee254983c0e4a95183400ce87f5b95782452
20d1160d4baa8eb4c0ad192f9497de3a531a2a2d4357006ea7d5bb29f8b0d838
21fb96574f19da090ee5863278d391c136573d307be6ae9fe1aa4e61c5ffa6bf
220fa6b8f0c267c8d1c1be4ddcc1d6a752b585a79d45643dcad03487329066a4
240355f4e85792fb5c1e46a942e6d797a078d39f8717dfbab666e4e80cb4dd8d
24073239e3ac46b923845c483e3b9d78690ab97f2849ffcca6950562b5f9c68f
2584c30cbf17a03b1b14c4da75932e38324e8b7e126420fc69f6c117ff60d132
271412ba12757775b904c1c27dc905b0fd563c731477d01b8c294446075b8ecd
29ba6e36de180cd0d5661f53fdda56a4d7c07ec1041fff343f3e0a1cc809367d
2a926bde4bb093f62a3297465dd48e0447f5687f36a8a4dcffce2e83a6254e04
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2adcf9fd70c1c834f4b13d732b66f4900cec9a6bbdc587b85dbc68cdd9a34be4
2c4cc7b575ccefb06baf63525b6191180272fa26967f1dc87d55735430198fbd
2c86bcaebf54969da5081c17c6901cbe19ac041b80a3abda6890708eb545cec3
318effafbc24ce963eaa484983631881251492728d3f66208828a0d6c4cb15ac
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
332d979e6f0fa7b45d18cd42551204564cd6a0037f1a63f7e5257854121f6067
3477b6d88fe386d24b7a547fd2ff7ff17faadeb8a770761529c2f03399e4cd06
37194ac6e1637efb0fb71153ff2105077e014b64051c290011d6bc2229a5506a
3bb5fdf2030456fac4167dd69ab5137a70fd2bbf29931859454ead1057cb0a71
3ca9e609ef3f582aec6955e30de3ea1a0a33186bf6b10105d9e8391c4ba8ad21
3e15f611dbbb35d36addd531e09799d84afd5d48e3b001bf855be432b45244f3
3fae700986c3cdf7aa09c919d0f834337ae0da6dbd402894349cb7828a25ddc0
405f97b29f07e51f3eeca509f0fcad555a687da609a979fab7d478cb374dd95a
42064c2e10b0a51182be42b920a4ef7dfb35ed9f805fa858d9f37a12fb0efe7d
45fdcedbeb833ea40206c98dfcbfa73842f72d53f166a26b47ecc3b01a55286d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
620a97911c6964bfc7cfacf4df74b3ba598ef728f2117675d171e4c62d500add
630ef75933cbef2fdf3fdde781bc4d10c28eaec98197ce655fe82dbba494bb19
658cbf469e751ade6d30b701fc7ca00b3403329481955d30acb721ca38b45d99
6c6c9c3fad669c3d32227f5cc3467735c8211ddcf4f8c184c2e62e7f3ef7af44
6cde37e91cfb77d3ce2a7193273f44e68ac49381f23c331dbbe1ec27cc61706c
83146c62110f911cbc9e66daa824d1f4e1d8f8aa6508aa45fe061932db65fa27
84d7857e41f2f7e9d0b9ab1664cf684a5791df69e825524f647b0bb57916d152
87b21f502704e4562d38b702db98e48ac5967c0575912d537911493676a14da8
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8f1c6616455c6f5db8e9c3af15e2829d3b5cadaec5f2f8c607a51b68bdc5e7ea
9083e070260049b56bf2c0133dd0c6f97e769abf1844df7878f1805fc6860f42
93ffb74038741ade6087dd94059b36ac82c53c6317b400db525dbad3e16b714d
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a3b9afdd92edf30d72dd52262c76b75781740b1cb885772194a47529eb1052df
a3d4c1535d563d94e47dfc36fddbd24895428ac102e00b279b363b18cbc8ccb1
a5ead07253f5d4cf3ee1ffe784ea11adc732da2fcb8a5f0e81c2cdc42233f796
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
af11c81c146ac61f82ad5818872731bedd5e2e5461cbdc5c2ab5e734ca937485
afce438457e4ab43de985d62d137f26d2a46f357cc8d94757e4184e8153aa287
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4435b5ac2f1916ed1135fb1738a1cef87cb666f4356a6678fb1c77e1273f9e1
b751dd80e6b39ca90e9db0a383d769ba1d7d1ca174ce37a360408fa0db437c1c
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd95e8a7f7c6225934f3f14a6cdc3876566284966667fc32f88fe141e3713da6
bea4a0aca08ce4e1787559b48e7b6827d520eed7d47515b7addecd1ee1b88d0f
c8820edb0697c92f16ae3c6f57967e9a44e645a430fe53c68fa4d6a93011fca5
cf85c69b2eb4d7f9d7e4961597e21abc0048fd56a416ad28a9b61550503caad5
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d1eebc2e965c8fa58f9a8b4807a673d9a6aa8f677a7561b0c877611bbf12c5c6
d4963b8afebfa0063b5d17b4c80f49bce702a37ea5c9b91bb3c996bb9dea4b60
d86dc3454bdf2110a74e7ba300b641a0700839347df9e6d08232dbbcde4fcde4
da2d5cc7a936d3108413875e85969ff2e0a1bc79e4c9df4fabadb1ec9198e215
dab556cad655af64302c883a23b894b096b0f3e1a3b5c6159cf6dbf0840d818b
dba303637973b3ce971a1ff30f641a180271a541d410418020a3cfb0d6beece8
dd2d43d37efe6bbf157c8df79b4b88e363bb93532a9694c49aa95efc1bfceb6f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee7bad7246ae2d16678993897b1b22a506841cbc03455b1d8fa566c19643b68b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
fbce52394fe6a49b42ec7c3eb2a5146948e786b7a6188502657ba28a062691dd
ff285c3beb06a42b03ce3a8a860f160216bf3c3ea5c0aae96125c23c017c45b4