funguseliminator.com Open in urlscan Pro
159.89.239.100 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://stripe.rs-2335-a.com/stripe/redirect?cs_email=3bd8f96ad5d9a78b78b1efcbe0f6d0602242763ad054cec3cae305745f874b7a&cs_str...
Effective URL:
https://funguseliminator.com/adv11?utm_source=jeeng&utm_medium=native&utm_campaign=fungus_adv11_desktop_email_jeeng&offid=fun...
Submission: On February 07 via api (February 7th 2022, 12:25:57 pm UTC) from US — Scanned from DE

Summary HTTP 65 Redirects Behaviour Indicators

Summary

This website contacted 34 IPs in 9 countries across 26 domains to perform 65 HTTP transactions. The main IP is 159.89.239.100, located in North Bergen, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is funguseliminator.com. The Cisco Umbrella rank of the primary domain is 195519.
TLS certificate: Issued by R3 on January 10th 2022. Valid for: 3 months.

This is the only time funguseliminator.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	13.84.54.237 13.84.54.237	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	18.193.209.105 18.193.209.105	16509 (AMAZON-02) (AMAZON-02)
4	159.89.239.100 159.89.239.100	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	108.157.4.93 108.157.4.93	16509 (AMAZON-02) (AMAZON-02)
2	76.223.24.123 76.223.24.123	16509 (AMAZON-02) (AMAZON-02)
2	54.145.115.178 54.145.115.178	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	2.20.86.44 2.20.86.44	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	178.250.0.147 178.250.0.147	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2600:9000:224... 2600:9000:224a:4c00:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
2	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
2	2a00:1288:80:... 2a00:1288:80:800::7000	203220 (YAHOO-DEB) (YAHOO-DEB)
1	35.244.130.28 35.244.130.28	15169 (GOOGLE) (GOOGLE)
1	108.156.253.88 108.156.253.88	16509 (AMAZON-02) (AMAZON-02)
2	70.42.32.31 70.42.32.31	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
5	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	2600:1f18:730... 2600:1f18:730:b150:e8d3:c41:b79d:6817	14618 (AMAZON-AES) (AMAZON-AES)
1	35.153.221.88 35.153.221.88	14618 (AMAZON-AES) (AMAZON-AES)
1	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	142.250.74.198 142.250.74.198	15169 (GOOGLE) (GOOGLE)
2	104.19.135.78 104.19.135.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	151.101.12.157 151.101.12.157	() ()
1	104.244.42.131 104.244.42.131	() ()
1	104.244.42.69 104.244.42.69	() ()
65	34

2 13.84.54.237 (San Antonio, United States) 2 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

stripe.rs-2335-a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tr.rev-stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.193.209.105 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-209-105.eu-central-1.compute.amazonaws.com

track.funguseliminator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 159.89.239.100 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: funguseliminator.com

funguseliminator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-93.dus51.r.cloudfront.net

media.go2app.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.24.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: a746f2a683c73ece4.awsglobalaccelerator.com

secure.funguseliminator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.145.115.178 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-145-115-178.compute-1.amazonaws.com

secure2.funguseliminator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.20.86.44 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-86-44.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.147 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:224a:4c00:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:800::7000 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.130.28 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 28.130.244.35.bc.googleusercontent.com

www.ibph4trk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.156.253.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-253-88.dus51.r.cloudfront.net

d9i5ve8f04qxt.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.31 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b150:e8d3:c41:b79d:6817 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.153.221.88 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-153-221-88.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.74.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f6.1e100.net

10720395.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.19.135.78 (None, )

ASN13335 (CLOUDFLARENET, US)

a.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.157 (None, )

ASN- ()

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (None, )

ASN- ()

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (None, )

ASN- ()

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	funguseliminator.com 1 redirects track.funguseliminator.com — Cisco Umbrella Rank: 226300 funguseliminator.com — Cisco Umbrella Rank: 195519 secure.funguseliminator.com — Cisco Umbrella Rank: 559645 secure2.funguseliminator.com — Cisco Umbrella Rank: 576089	195 KB
7	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 46 stats.g.doubleclick.net — Cisco Umbrella Rank: 96 10720395.fls.doubleclick.net — Cisco Umbrella Rank: 211736	7 KB
6	google.com www.google.com — Cisco Umbrella Rank: 13 adservice.google.com — Cisco Umbrella Rank: 80	1 KB
5	google.de www.google.de — Cisco Umbrella Rank: 5557	847 B
5	criteo.com 1 redirects dynamic.criteo.com — Cisco Umbrella Rank: 5180 gum.criteo.com — Cisco Umbrella Rank: 369 mug.criteo.com — Cisco Umbrella Rank: 2864	8 KB
4	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 923 trc.taboola.com — Cisco Umbrella Rank: 570 trc-events.taboola.com — Cisco Umbrella Rank: 1857	19 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	586 B
3	liadm.com 1 redirects b-code.liadm.com — Cisco Umbrella Rank: 3664 rp.liadm.com — Cisco Umbrella Rank: 2775 rp4.liadm.com — Cisco Umbrella Rank: 10903	12 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 385	11 KB
3	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 2353 tr.outbrain.com — Cisco Umbrella Rank: 2115	4 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	58 KB
2	mgid.com a.mgid.com — Cisco Umbrella Rank: 17068	16 KB
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 402	7 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 106	30 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	116 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	78 KB
1	t.co t.co	337 B
1	twitter.com analytics.twitter.com
1	ads-twitter.com static.ads-twitter.com	6 KB
1	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 818	713 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 645	13 KB
1	cloudfront.net d9i5ve8f04qxt.cloudfront.net	19 KB
1	ibph4trk.com www.ibph4trk.com — Cisco Umbrella Rank: 224477	18 KB
1	go2app.org media.go2app.org — Cisco Umbrella Rank: 228314	1013 B
1	rev-stripe.com 1 redirects tr.rev-stripe.com — Cisco Umbrella Rank: 57205	678 B
1	rs-2335-a.com 1 redirects stripe.rs-2335-a.com — Cisco Umbrella Rank: 52884	866 B
65	26

	Domain	Requested by
5	www.google.de	funguseliminator.com
5	www.google.com	funguseliminator.com
4	googleads.g.doubleclick.net	www.googleadservices.com
4	funguseliminator.com	funguseliminator.com
3	www.facebook.com	funguseliminator.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com funguseliminator.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	trc-events.taboola.com	cdn.taboola.com
2	a.mgid.com	funguseliminator.com
2	10720395.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	gum.criteo.com	1 redirects static.criteo.net
2	tr.outbrain.com	amplify.outbrain.com funguseliminator.com
2	s.yimg.com	funguseliminator.com s.yimg.com
2	dynamic.criteo.com	www.googletagmanager.com
2	www.googleadservices.com	www.googletagmanager.com
2	connect.facebook.net	funguseliminator.com connect.facebook.net
2	www.googletagmanager.com	funguseliminator.com
2	secure2.funguseliminator.com	funguseliminator.com secure2.funguseliminator.com
2	secure.funguseliminator.com	funguseliminator.com secure.funguseliminator.com
1	t.co
1	analytics.twitter.com	static.ads-twitter.com
1	static.ads-twitter.com	www.googletagmanager.com
1	adservice.google.com	10720395.fls.doubleclick.net
1	trc.taboola.com	cdn.taboola.com
1	mug.criteo.com	funguseliminator.com
1	rp4.liadm.com
1	rp.liadm.com	1 redirects
1	sp.analytics.yahoo.com	funguseliminator.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	static.criteo.net	dynamic.criteo.com
1	d9i5ve8f04qxt.cloudfront.net	www.googletagmanager.com
1	www.ibph4trk.com	www.googletagmanager.com
1	cdn.taboola.com	funguseliminator.com
1	b-code.liadm.com	www.googletagmanager.com
1	amplify.outbrain.com	www.googletagmanager.com
1	media.go2app.org	funguseliminator.com
1	track.funguseliminator.com	1 redirects
1	tr.rev-stripe.com	1 redirects
1	stripe.rs-2335-a.com	1 redirects
65	39

This site contains no links.

Subject Issuer	Validity	Valid
funguseliminator.com R3	`2022-01-10` - `2022-04-10`	3 months	crt.sh
media.go2app.org Amazon	`2021-10-06` - `2022-11-04`	a year	crt.sh
secure.funguseliminator.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-07` - `2022-09-07`	a year	crt.sh
secure2.funguseliminator.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-16` - `2022-10-16`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-11-16` - `2022-02-14`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2021-05-25` - `2022-06-01`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2021-12-22` - `2022-06-22`	6 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-04` - `2022-05-03`	3 months	crt.sh
*.liadm.com Amazon	`2022-01-31` - `2023-03-01`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-01-31` - `2022-03-23`	2 months	crt.sh
ibph4trk.com Starfield Secure Certificate Authority - G2	`2022-01-04` - `2022-04-12`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-02` - `2022-05-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-19` - `2022-04-13`	6 months	crt.sh
www.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-06` - `2023-01-05`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2022-01-06` - `2023-01-05`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://funguseliminator.com/adv11?utm_source=jeeng&utm_medium=native&utm_campaign=fungus_adv11_desktop_email_jeeng&offid=fungus&offerurlid=fungus_adv11_desktop_email&trid=%7Btransaction_id%7D&affid=jeeng&affsub=native
Frame ID: 26D1BCCE70D30DF95D074575B9B88C63
Requests: 61 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=funguseliminator.com&origin=onetag
Frame ID: E2886B6DA8D531C5825DB785B041F2E5
Requests: 2 HTTP requests in this frame

Frame: https://10720395.fls.doubleclick.net/activityi;dc_pre=CKnPsJzL7fUCFcZIGwodgIQA-Q;src=10720395;type=allvi000;cat=allvi0;ord=1;num=7803812419112;gtm=2wg220;auiddc=1735173858.1644236751;~oref=https%3A%2F%2Ffunguseliminator.com%2Fadv11%3Futm_source%3Djeeng%26utm_medium%3Dnative%26utm_campaign%3Dfungus_adv11_desktop_email_jeeng%26offid%3Dfungus%26offerurlid%3Dfungus_adv11_desktop_email%26trid%3D%257Btransaction_id%257D%26affid%3Djeeng%26affsub%3Dnative
Frame ID: 8581301ABF0747235BCEF4F05D1E1C3F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Toenail Dr.

Page URL History Show full URLs

http://stripe.rs-2335-a.com/stripe/redirect?cs_email=3bd8f96ad5d9a78b78b1efcbe0f6d0602242763ad054cec3cae... HTTP 301
http://tr.rev-stripe.com/stripe/redirect?cs_email=3bd8f96ad5d9a78b78b1efcbe0f6d0602242763ad054cec3cae... HTTP 303
https://track.funguseliminator.com/46927848-bdde-408c-a148-5d28d53275bc?aff_sub=jeeng&aff_sub3=desktop&s7=2335&... HTTP 302
https://funguseliminator.com/adv11?utm_source=jeeng&utm_medium=native&utm_campaign=fungus_adv11_desktop_e... Page URL

Detected technologies

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//static\.criteo\.net/js/ld/ld\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Page Statistics

65
Requests

97 %
HTTPS

41 %
IPv6

26
Domains

39
Subdomains

34
IPs

9
Countries

617 kB
Transfer

1702 kB
Size

29
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://stripe.rs-2335-a.com/stripe/redirect?cs_email=3bd8f96ad5d9a78b78b1efcbe0f6d0602242763ad054cec3cae305745f874b7a&cs_stripeid=118136&cs_sendid=fd35f34af54a2622a20d053a2e148bf8&cs_offset=0&cs_esp=sendgrid&dfp_ppid=c90cfbf302de41498c6fdaa7f5eb05d8&dfp_uf_0=CS&dfp_uf_1=1S72&dfp_uf_2=CA&dfp_uf_3=CF&dfp_uf_4=CJ&dfp_uf_5=CR&dfp_uf_6=1S84&dfp_uf_12=1S9D&dfp_uf_7=49&dfp_uf_8=1&dfp_uf_23=13&dfp_uf_10=TT&dfp_uf_11=1TJI&dfp_uf_20=1HXD&dfp_uf_21=None&dfp_uf_22=None&dfp_pg_holdout_nf=false&dfp_ad_holdout_digest=false&dfp_nde=false&dfp_ca=7069715878 HTTP 301
http://tr.rev-stripe.com/stripe/redirect?cs_email=3bd8f96ad5d9a78b78b1efcbe0f6d0602242763ad054cec3cae305745f874b7a&cs_stripeid=118136&cs_sendid=fd35f34af54a2622a20d053a2e148bf8&cs_offset=0&cs_esp=sendgrid&dfp_ppid=c90cfbf302de41498c6fdaa7f5eb05d8&dfp_uf_0=CS&dfp_uf_1=1S72&dfp_uf_2=CA&dfp_uf_3=CF&dfp_uf_4=CJ&dfp_uf_5=CR&dfp_uf_6=1S84&dfp_uf_12=1S9D&dfp_uf_7=49&dfp_uf_8=1&dfp_uf_23=13&dfp_uf_10=TT&dfp_uf_11=1TJI&dfp_uf_20=1HXD&dfp_uf_21=None&dfp_uf_22=None&dfp_pg_holdout_nf=false&dfp_ad_holdout_digest=false&dfp_nde=false&dfp_ca=7069715878 HTTP 303
https://track.funguseliminator.com/46927848-bdde-408c-a148-5d28d53275bc?aff_sub=jeeng&aff_sub3=desktop&s7=2335&s5=793676&s6=[TargetCointainerType]&cost=0.451&pi_adid=793676&pi_clickid=70fd1e04a23e4f629fa7f8e41b25fcdd&pi_creativeid=834930 HTTP 302
https://funguseliminator.com/adv11?utm_source=jeeng&utm_medium=native&utm_campaign=fungus_adv11_desktop_email_jeeng&offid=fungus&offerurlid=fungus_adv11_desktop_email&trid=%7Btransaction_id%7D&affid=jeeng&affsub=native Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42

https://rp.liadm.com/j?dtstmp=1644236751707&aid=a-076h&se=e30&duid=497ad39143c8--01fva2bgq7dv986w0h2d9x2qeq&tna=v2.3.0&pu=https%3A%2F%2Ffunguseliminator.com%2Fadv11%3Futm_source%3Djeeng%26utm_medium%3Dnative%26utm_campaign%3Dfungus_adv11_desktop_email_jeeng%26offid%3Dfungus%26offerurlid%3Dfungus_adv11_desktop_email%26trid%3D%257Btransaction_id%257D%26affid%3Djeeng%26affsub%3Dnative&wpn=lc-bundle&c=PHRpdGxlPlRvZW5haWwgRHIuPC90aXRsZT48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iUmVtZWR5IHRvZW5haWwgaW5mZWN0aW9ucyBhdCB0aGUgcm9vdHMsIHNvIHlvdSBjYW4gZGl0Y2ggdGhlIHNvY2tzIGFuZCB3ZWFyIHNhbmRhbHMgYWdhaW4gb3IgZXZlbiBnbyBiYXJlZm9vdCEiPjxoMSBjbGFzcz0iY29sb3Itd2hpdGUiPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBBcmUgWW91IE1ha2luZyBBbnkgb2YgVGhlc2UgNyBUb2VuYWlsIEZ1bmd1cyBNaXN0YWtlcz8KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L2gxPg HTTP 302
https://rp4.liadm.com/j?dtstmp=1644236751707&aid=a-076h&se=e30&duid=497ad39143c8--01fva2bgq7dv986w0h2d9x2qeq&tna=v2.3.0&pu=https%3A%2F%2Ffunguseliminator.com%2Fadv11%3Futm_source%3Djeeng%26utm_medium%3Dnative%26utm_campaign%3Dfungus_adv11_desktop_email_jeeng%26offid%3Dfungus%26offerurlid%3Dfungus_adv11_desktop_email%26trid%3D%257Btransaction_id%257D%26affid%3Djeeng%26affsub%3Dnative&wpn=lc-bundle&c=PHRpdGxlPlRvZW5haWwgRHIuPC90aXRsZT48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iUmVtZWR5IHRvZW5haWwgaW5mZWN0aW9ucyBhdCB0aGUgcm9vdHMsIHNvIHlvdSBjYW4gZGl0Y2ggdGhlIHNvY2tzIGFuZCB3ZWFyIHNhbmRhbHMgYWdhaW4gb3IgZXZlbiBnbyBiYXJlZm9vdCEiPjxoMSBjbGFzcz0iY29sb3Itd2hpdGUiPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBBcmUgWW91IE1ha2luZyBBbnkgb2YgVGhlc2UgNyBUb2VuYWlsIEZ1bmd1cyBNaXN0YWtlcz8KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L2gxPg&i6=MjAwMTphYzg6MjA6M2MwMDoxMDExOjZlNDA6ODJkNDpjOGVm&n3pc=true

Request Chain 44

https://gum.criteo.com/sid/json?origin=onetag&domain=funguseliminator.com&sn=ChromeSyncframe&so=0&topUrl=funguseliminator.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=2b5m6nxqRjJpTXF2Q0g2VGJTSHEyRWRCOWF5Tkt0YVpRQXF0YW9CTkFxZEhsWDBYU3hGWENFdE9rVHRNRzhZVXZWOGdSY2llMFptRzU3L3g5Q09SOHRrSVpUNVNyVUs3OWNxbFJFTmo1ODFaZS9IcXZGaXJacXV6cTJjOVNhUm80ekhNMXNEL1dBY1oxKzFWR3kwbEQxMmZNWGN5K3oxLzZqRnhIZmpWWjIzTFB5QnFTbURvUU9zaHlRSzVmZldGRm5haHVtdmF3Z0U4a1cvU2JBaU5OY2gvejJpYS9XUTd0ZFNyMTQ5RkdFSzZSWi9wYVNoQ1VvdzlMdDF1U0VYQjZCSUpxcXNVTy9QdXA4elJsZjk3MkpkVVdIcU00dEg4MWI5cngvSXhVcWJ5SkxZWT18&cppv=2

Request Chain 49

https://10720395.fls.doubleclick.net/activityi;src=10720395;type=allvi000;cat=allvi0;ord=1;num=7803812419112;gtm=2wg220;auiddc=1735173858.1644236751;~oref=https%3A%2F%2Ffunguseliminator.com%2Fadv11%3Futm_source%3Djeeng%26utm_medium%3Dnative%26utm_campaign%3Dfungus_adv11_desktop_email_jeeng%26offid%3Dfungus%26offerurlid%3Dfungus_adv11_desktop_email%26trid%3D%257Btransaction_id%257D%26affid%3Djeeng%26affsub%3Dnative HTTP 302
https://10720395.fls.doubleclick.net/activityi;dc_pre=CKnPsJzL7fUCFcZIGwodgIQA-Q;src=10720395;type=allvi000;cat=allvi0;ord=1;num=7803812419112;gtm=2wg220;auiddc=1735173858.1644236751;~oref=https%3A%2F%2Ffunguseliminator.com%2Fadv11%3Futm_source%3Djeeng%26utm_medium%3Dnative%26utm_campaign%3Dfungus_adv11_desktop_email_jeeng%26offid%3Dfungus%26offerurlid%3Dfungus_adv11_desktop_email%26trid%3D%257Btransaction_id%257D%26affid%3Djeeng%26affsub%3Dnative

65 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request adv11 Show response
funguseliminator.com/
Redirect Chain

http://stripe.rs-2335-a.com/stripe/redirect?cs_email=3bd8f96ad5d9a78b78b1efcbe0f6d0602242763ad054cec3cae305745f874b7a&cs_stripeid=118136&cs_sendid=fd35f34af54a2622a20d053a2e148bf8&cs_offset=0&cs_es...
http://tr.rev-stripe.com/stripe/redirect?cs_email=3bd8f96ad5d9a78b78b1efcbe0f6d0602242763ad054cec3cae305745f874b7a&cs_stripeid=118136&cs_sendid=fd35f34af54a2622a20d053a2e148bf8&cs_offset=0&cs_esp=s...
https://track.funguseliminator.com/46927848-bdde-408c-a148-5d28d53275bc?aff_sub=jeeng&aff_sub3=desktop&s7=2335&s5=793676&s6=[TargetCointainerType]&cost=0.451&pi_adid=793676&pi_clickid=70fd1e04a23e4...
https://funguseliminator.com/adv11?utm_source=jeeng&utm_medium=native&utm_campaign=fungus_adv11_desktop_email_jeeng&offid=fungus&offerurlid=fungus_adv11_desktop_email&trid=%7Btransaction_id%7D&affi...

245 KB
42 KB

584ms
213ms

Document
text/html

159.89.239.100
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://funguseliminator.com/adv11?utm_source=jeeng&utm_medium=native&utm_campaign=fungus_adv11_desktop_email_jeeng&offid=fungus&offerurlid=fungus_adv11_desktop_email&trid=%7Btransaction_id%7D&affid=jeeng&affsub=native
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.89.239.100 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: funguseliminator.com
Software: nginx / Express
Resource Hash: a282a96e13d05786cd2102829f88aa7a9df6377eb77bab126d8e853a19750598

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx
Date: Mon, 07 Feb 2022 12:25:51 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: Express
ETag: W/"3d57e-dzzK4jJmrMjPbExW6lqzutYFzCA"
Content-Encoding: gzip

Redirect headers

server: nginx
date: Mon, 07 Feb 2022 12:25:50 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://funguseliminator.com/adv11?utm_source=jeeng&utm_medium=native&utm_campaign=fungus_adv11_desktop_email_jeeng&offid=fungus&offerurlid=fungus_adv11_desktop_email&trid=%7Btransaction_id%7D&affid=jeeng&affsub=native
pragma: no-cache

GET
H/1.1 200
OK custom-logo.png
funguseliminator.com/assets/images/ 22 KB
22 KB 98ms
98ms Image
image/png 159.89.239.100
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://funguseliminator.com/assets/images/custom-logo.png
Requested by: Host: funguseliminator.com
URL: https://funguseliminator.com/adv11?utm_source=jeeng&utm_medium=native&utm_campaign=fungus_adv11_desktop_email_jeeng&offid=fungus&offerurlid=fungus_adv11_desktop_email&trid=%7Btransaction_id%7D&affid=jeeng&affsub=native
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.89.239.100 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: funguseliminator.com
Software: nginx /
Resource Hash: 2340e62a4fe55531a77bbee847bde81d6e1959afc4189f8106bb1992d3ca1523

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/adv11?utm_source=jeeng&utm_medium=native&utm_campaign=fungus_adv11_desktop_email_jeeng&offid=fungus&offerurlid=fungus_adv11_desktop_email&trid=%7Btransaction_id%7D&affid=jeeng&affsub=native
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 07 Feb 2022 12:25:51 GMT
Last-Modified: Thu, 22 Jul 2021 07:10:44 GMT
Server: nginx
ETag: "60f919f4-57e0"
Content-Type: image/png
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22496
Expires: Wed, 09 Mar 2022 12:25:51 GMT

GET
H2 200 dl.js Show response
media.go2app.org/assets/js/ 3 KB
1013 B 68ms
9ms Script
application/javascript 108.157.4.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.go2app.org/assets/js/dl.js
Requested by: Host: funguseliminator.com
URL: https://funguseliminator.com/adv11?utm_source=jeeng&utm_medium=native&utm_campaign=fungus_adv11_desktop_email_jeeng&offid=fungus&offerurlid=fungus_adv11_desktop_email&trid=%7Btransaction_id%7D&affid=jeeng&affsub=native
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-93.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3f9410c4245b54ab9df19343af5d376a8db56f933db567c18b5e6fe0912ff96f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 10:03:49 GMT
content-encoding: gzip
last-modified: Wed, 08 Apr 2015 15:10:02 GMT
server: AmazonS3
age: 8563
etag: W/"e535cc5235063f8cce13dd02764b207f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c9ca35e5541827c5873bfdb59f015b20.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: 3StV-nNEg6X6PLZ5nPvZyCrpi09oQla_DEAdlfHcuNdpAfShK8eyNg==

GET
H2 200 UCAffiliateNetworkPixel Show response
secure.funguseliminator.com/cgi-bin/ 1 KB
1 KB 421ms
105ms Script
text/javascript 76.223.24.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.funguseliminator.com/cgi-bin/UCAffiliateNetworkPixel

Requested by

Host: funguseliminator.com
URL: https://funguseliminator.com/adv11?utm_source=jeeng&utm_medium=native&utm_campaign=fungus_adv11_desktop_email_jeeng&offid=fungus&offerurlid=fungus_adv11_desktop_email&trid=%7Btransaction_id%7D&affid=jeeng&affsub=native

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.24.123 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a746f2a683c73ece4.awsglobalaccelerator.com

Software

Apache /

Resource Hash

5c44eb3ab0e0e3be403a45b56b99ac6e13910902b4116a5fe7d1dcd8cbcf2722

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 12:25:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
vary: Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/javascript; charset=utf-8
content-length: 600

GET
H2 200 UCAffiliateNetworkPixel Show response
secure2.funguseliminator.com/cgi-bin/ 1 KB
1 KB 578ms
116ms Script
text/javascript 54.145.115.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://secure2.funguseliminator.com/cgi-bin/UCAffiliateNetworkPixel

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.145.115.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-145-115-178.compute-1.amazonaws.com

Software

Apache /

Resource Hash

64927c18ac110305ba27a9c60253dffd4504c6eebb81d33e0f372d5e7e03b150

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 12:25:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
vary: Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/javascript; charset=utf-8
content-length: 601

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 246 KB
78 KB 70ms
45ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KWDB7M9

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

98ab0f75ffed25276f261410c6e417195aa677a3258289221921764c074ed3e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 12:25:51 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 79028
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 07 Feb 2022 12:25:51 GMT

GET
H/1.1 200
OK FungusAdv11Desktop.jpg
funguseliminator.com/assets/images/ 97 KB
97 KB 188ms
188ms Image
image/jpeg 159.89.239.100
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://funguseliminator.com/assets/images/FungusAdv11Desktop.jpg
Requested by: Host: funguseliminator.com
URL: https://funguseliminator.com/adv11?utm_source=jeeng&utm_medium=native&utm_campaign=fungus_adv11_desktop_email_jeeng&offid=fungus&offerurlid=fungus_adv11_desktop_email&trid=%7Btransaction_id%7D&affid=jeeng&affsub=native
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.89.239.100 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: funguseliminator.com
Software: nginx /
Resource Hash: 70d645f087077ac5d518a0761aa42fbe670158315e2f6bca5395285e1a730f1e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/adv11?utm_source=jeeng&utm_medium=native&utm_campaign=fungus_adv11_desktop_email_jeeng&offid=fungus&offerurlid=fungus_adv11_desktop_email&trid=%7Btransaction_id%7D&affid=jeeng&affsub=native
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 07 Feb 2022 12:25:51 GMT
Last-Modified: Thu, 22 Jul 2021 07:10:44 GMT
Server: nginx
ETag: "60f919f4-183b7"
Content-Type: image/jpeg
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 99255
Expires: Wed, 09 Mar 2022 12:25:51 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 36ms
6ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KWDB7M9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1259
date: Mon, 07 Feb 2022 12:04:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 07 Feb 2022 14:04:52 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 23ms
9ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 26236
x-xss-protection: 0
pragma: public
x-fb-debug: GOE7IwWhJCC8Z/i0VLvUl3UWN3oBcdgDea7/c50WF4GeDmrpjdmH0ytbKUd7BbGL0Th1Bywot4oWvDXmnHfltA==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 07 Feb 2022 12:25:51 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 73ms
45ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KWDB7M9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

c702f93c91758dab0525c376a408e8327f30bad81a8d30f26588c770585418f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 12:25:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14850
x-xss-protection: 0
server: cafe
etag: 8228622888473677312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 07 Feb 2022 12:25:51 GMT

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 8 KB
3 KB 49ms
15ms Script
application/x-javascript 2.20.86.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KWDB7M9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.20.86.44 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-86-44.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 998d9415269d92557b561a936955f7590d5052865044a9191a528b5a36f3afc9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 07 Feb 2022 12:25:51 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Oct 2021 12:12:10 GMT
Server: AkamaiNetStorage
ETag: "973e2603f46b719eecf8139c22b897a0:1633349530.816673"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3150
Expires: Mon, 07 Feb 2022 12:45:51 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 36 KB
11 KB 54ms
30ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KWDB7M9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 12:25:51 GMT
content-encoding: gzip
last-modified: Fri, 03 Dec 2021 01:53:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 711678A009954EE8BC0CD4CD8F44C272 Ref B: FRAEDGE1507 Ref C: 2022-02-07T12:25:51Z
etag: "0cb09ee8e7d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 10468

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 522 B
633 B 59ms
18ms Script
application/javascript 178.250.0.147
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=83126

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KWDB7M9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.147 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e827a864002a9fbf43965f6f891e6720f845a9d08f32ad9db6ea014fd056a59f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 12:25:51 GMT
content-encoding: gzip
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H2 200 a-076h.min.js Show response
b-code.liadm.com/ 26 KB
10 KB 109ms
12ms Script
application/javascript 2600:9000:224a:4c00:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-076h.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KWDB7M9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:4c00:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: ZIO-Http /
Resource Hash: 8e6930924f43aa659782c0934b2570dda1bb6c304d4ee767e348949eb018d058

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 22:32:59 GMT
via: 1.1 c7a5852ebe9db847874084d43de89f0e.cloudfront.net (CloudFront)
server: ZIO-Http
age: 49972
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=86400
x-amz-cf-pop: DUS51-P1
content-encoding: gzip
x-amz-cf-id: ZJpij2febVDNJyD6vPsj6kabS2Bz8b_mhjV434rSvTi6Rul-XPBJcA==

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1331528/ 55 KB
17 KB 437ms
414ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1331528/tfa.js
Requested by: Host: funguseliminator.com
URL: https://funguseliminator.com/adv11?utm_source=jeeng&utm_medium=native&utm_campaign=fungus_adv11_desktop_email_jeeng&offid=fungus&offerurlid=fungus_adv11_desktop_email&trid=%7Btransaction_id%7D&affid=jeeng&affsub=native
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ac577f4c147e6aa74f97e302fa5b18ce1b099b80f28bc646f3885464ced161d6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: SpXOrvXX_8LyolszGzxP19GJ1SGXl5vs
content-encoding: gzip
etag: "761d668a528704485bf5c49fd6f53287"
age: 0
x-cache: MISS
x-amz-replication-status: COMPLETED
content-length: 17370
x-amz-id-2: QdTK9m96WGdmQ3sTMIgZdbDWKoOj78p1EKsSI0U9S3GnkgICyQLnAfLsByo53j0qzx2Wt8jMSx8=
x-served-by: cache-hhn4059-HHN
last-modified: Mon, 07 Feb 2022 12:12:58 GMT
server: AmazonS3
x-timer: S1644236751.497182,VS0,VE401
date: Mon, 07 Feb 2022 12:25:51 GMT
vary: Accept-Encoding
x-amz-request-id: XJ14HR96Q86PST82
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 28
x-cache-hits: 0

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 15 KB
6 KB 71ms
20ms Script
application/javascript 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

10354e9bc6b485028971a1f58fccff5c89d722db324d42bc07963aab24ebb956

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Mon, 07 Feb 2022 12:07:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1132
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 5748
x-amz-id-2: QNgAKvSVcZ7fVjpRZsKjpgF+eBdr/9j2KplbetQVgE/MAqsv/du5U1SxknaNmob5D73go2ZCWu8=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Wed, 22 Feb 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Mon, 17 Jan 2022 12:00:39 GMT
server: ATS
etag: "13a189bb8f25228852b3279db3659c28-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: BRJ2VSHSE0BPAP1R
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
x-amz-version-id: pAIvW1wzOXi43b8v53GVflu.j8ZqoXS3
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 522 B
633 B 25ms
17ms Script
application/javascript 178.250.0.147
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=92348

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KWDB7M9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.147 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

916d4133af3517c469b16283f1756cec2f971abb43d9479111c293ea878d0e30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 12:25:51 GMT
content-encoding: gzip
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H2 200 everflow.js Show response
www.ibph4trk.com/scripts/sdk/ 58 KB
18 KB 234ms
109ms Script
text/javascript 35.244.130.28
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ibph4trk.com/scripts/sdk/everflow.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KWDB7M9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.130.28 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 28.130.244.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: c806dff3db22560d5372577c3b0cbd35ba07e52d88b543802789c47347dbeba7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 12:25:51 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: text/javascript
content-encoding: gzip
cache-control: max-age=14400
x-eflow-request-id: 86fc1268-1d7f-4583-8b50-575430af5a99
alt-svc: clear

GET
H2 200 collect-g.js Show response
d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/ 97 KB
19 KB 82ms
12ms Script
application/x-javascript 108.156.253.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/collect-g.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KWDB7M9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.253.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-253-88.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 235816a52f1e08f6e174918cab1428db3a84baaa9f91221eed60169423fdb6cc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 15:15:25 GMT
content-encoding: gzip
last-modified: Thu, 03 Feb 2022 15:13:52 GMT
server: AmazonS3
age: 335427
etag: "d8092d89430bf9129fde4ebe787964f5"
x-cache: Hit from cloudfront
content-type: application/x-javascript; charset=UTF-8
via: 1.1 ddd7d19501f4b19d560bfedbdd9b13ce.cloudfront.net (CloudFront)
cache-control: max-age=604800,s-maxage=604800
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
content-length: 19069
x-amz-cf-id: 6vQ2Gs4E13mI9XwcD4reWVUraiBbd6PhCE6MAEuAWV796Oxz5LPdsw==

GET
H2 200 1181125052062198 Show response
connect.facebook.net/signals/config/ 312 KB
89 KB 76ms
75ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1181125052062198?v=2.9.52&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2760f940e090195ddc756475ffe48231b6e63f9dd638b8457ad0263b67730ea1

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: owLMgdJRfjTfWkUUSyj+8I/18WH+RZfVVJhuMyfFzB4a9I8p2WtYeNlliP/IC0FmZ5T+V9j8UMJI0ztu0RYtzA==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 07 Feb 2022 12:25:51 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 js Show response
www.google-analytics.com/gtm/ 101 KB
38 KB 51ms
35ms Script
application/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=OPT-N6TLKC9&t=gtm4&cid=1620556934.1644236752

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a9305db4cf8ceb980ddec6164368e1c1beb2cf26a3482ad39f3db1b877dd1892

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 12:25:51 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38843
x-xss-protection: 0
expires: Mon, 07 Feb 2022 12:25:51 GMT

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
239 B 374ms
93ms Script
application/javascript 70.42.32.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=00aba2f47c273603607f7d9307f624f245
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 07 Feb 2022 12:25:51 GMT
content-encoding: gzip
X-TraceId: 2c825e5286b91c43460f740c4de3d15e
Content-Length: 56
Content-Type: application/javascript

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 43 B
256 B 373ms
92ms Image
image/gif 70.42.32.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?marketerId=00aba2f47c273603607f7d9307f624f245&obApiVersion=1.0-gtm&obtpVersion=1.5.2&name=PAGE_VIEW&dl=https%3A%2F%2Ffunguseliminator.com%2Fadv11%3Futm_source%3Djeeng%26utm_medium%3Dnative%26utm_campaign%3Dfungus_adv11_desktop_email_jeeng%26offid%3Dfungus%26offerurlid%3Dfungus_adv11_desktop_email%26trid%3D%257Btransaction_id%257D%26affid%3Djeeng%26affsub%3Dnative&optOut=false&bust=016244481490302976
Requested by: Host: funguseliminator.com
URL: https://funguseliminator.com/adv11?utm_source=jeeng&utm_medium=native&utm_campaign=fungus_adv11_desktop_email_jeeng&offid=fungus&offerurlid=fungus_adv11_desktop_email&trid=%7Btransaction_id%7D&affid=jeeng&affsub=native
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 07 Feb 2022 12:25:51 GMT
Cache-Control: no-cache
X-TraceId: 07584c6e89bc24b5f5972c39e14bbc64
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 40 KB
13 KB 65ms
29ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=83126

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

4758ffc00e2d3413aece1a57fc3e89b9709202312386d57eb74b5c198cf6800e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 12:25:51 GMT
content-encoding: gzip
last-modified: Tue, 14 Dec 2021 12:51:58 GMT
server: nginx
etag: W/"61b8936e-9faf"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 08 Feb 2022 12:25:51 GMT

GET
H2 204 56242801.js Show response
bat.bing.com/p/action/ 0
93 B 131ms
131ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/56242801.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 07 Feb 2022 12:25:51 GMT
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B5AA1F79E7E34856BDE4B516D0ECE603 Ref B: FRAEDGE1507 Ref C: 2022-02-07T12:25:51Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
149 B 36ms
34ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=56242801&tm=gtm002&Ver=2&mid=6b819c64-7681-45eb-88f6-10eaf161795f&sid=16868360881111ec943f337ef9df4ae7&vid=16868df0881111ec935f9539aa249b9f&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Toenail%20Dr.&kw=toenail%20dr,%20purehealth%20research,%20immune%20system&p=https%3A%2F%2Ffunguseliminator.com%2Fadv11%3Futm_source%3Djeeng%26utm_medium%3Dnative%26utm_campaign%3Dfungus_adv11_desktop_email_jeeng%26offid%3Dfungus%26offerurlid%3Dfungus_adv11_desktop_email%26trid%3D%257Btransaction_id%257D%26affid%3Djeeng%26affsub%3Dnative&r=&lt=2487&evt=pageLoad&msclkid=N&sv=1&rn=108554
Requested by: Host: funguseliminator.com
URL: https://funguseliminator.com/adv11?utm_source=jeeng&utm_medium=native&utm_campaign=fungus_adv11_desktop_email_jeeng&offid=fungus&offerurlid=fungus_adv11_desktop_email&trid=%7Btransaction_id%7D&affid=jeeng&affsub=native
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 12:25:51 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 370B72AFD8AF41679ED954014640F10C Ref B: FRAEDGE1507 Ref C: 2022-02-07T12:25:51Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10841092459/ 3 KB
2 KB 49ms
19ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10841092459/?random=1644236751549&cv=9&fst=1644236751549&num=1&label=OrD6COLi55EDEOvit7Eo&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg220&sendb=1&ig=1&frm=0&url=https%3A%2F%2Ffunguseliminator.com%2Fadv11%3Futm_source%3Djeeng%26utm_medium%3Dnative%26utm_campaign%3Dfungus_adv11_desktop_email_jeeng%26offid%3Dfungus%26offerurlid%3Dfungus_adv11_desktop_email%26trid%3D%257Btransaction_id%257D%26affid%3Djeeng%26affsub%3Dnative&tiba=Toenail%20Dr.&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6775820e7476dc965e478f55b07755b5ae9026c8f25b1edeab40471b7b44c39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 12:25:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1160
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10778990234/ 3 KB
1 KB 39ms
24ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10778990234/?random=1644236751553&cv=9&fst=1644236751553&num=1&label=6hRTCIPT-vYCEJqt6ZMo&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg220&sendb=1&ig=1&frm=0&url=https%3A%2F%2Ffunguseliminator.com%2Fadv11%3Futm_source%3Djeeng%26utm_medium%3Dnative%26utm_campaign%3Dfungus_adv11_desktop_email_jeeng%26offid%3Dfungus%26offerurlid%3Dfungus_adv11_desktop_email%26trid%3D%257Btransaction_id%257D%26affid%3Djeeng%26affsub%3Dnative&tiba=Toenail%20Dr.&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea0080c0518733ce1dabc0a68d6974acd7a0c8dc8ab00946d46037c0dff036d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 12:25:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1163
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/647474301/ 3 KB
1 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/647474301/?random=1644236751554&cv=9&fst=1644236751554&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg220&sendb=1&ig=1&frm=0&url=https%3A%2F%2Ffunguseliminator.com%2Fadv11%3Futm_source%3Djeeng%26utm_medium%3Dnative%26utm_campaign%3Dfungus_adv11_desktop_email_jeeng%26offid%3Dfungus%26offerurlid%3Dfungus_adv11_desktop_email%26trid%3D%257Btransaction_id%257D%26affid%3Djeeng%26affsub%3Dnative&tiba=Toenail%20Dr.&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d0b226328b562c66c58722ea6f322ea0e8a185958dcd52fddc12adb396c56e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 12:25:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1106
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 10161373.json Show response
s.yimg.com/wi/config/ 46 B
684 B 68ms
20ms XHR
application/octet-stream 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10161373.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

bb15a5914e59fd6b5a5c81dc6e6248519cc4381a9da237c2220fd0fbed935c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 11:08:42 GMT
x-content-type-options: nosniff
age: 4630
x-amz-server-side-encryption: AES256
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: P2CBXS648M3B839G
x-amz-id-2: U9A/OfTqk5j06SV17JUFfByVBpqvXZkWf4YT71oGIj8ArYyX98dWqxuenJvZtRnFyPki1kl5oIM=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Thu, 05 Jan 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Tue, 30 Nov 2021 17:48:19 GMT
server: ATS
etag: "9d667205c947edf259575c40a8e86a39"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
x-amz-version-id: ylrro1JgMbqGUg7BwaE6cKZIMvsxcOQ8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
content-length: 46
content-type: application/octet-stream

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 15ms
14ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2144928294&t=pageview&_s=1&dl=https%3A%2F%2Ffunguseliminator.com%2Fadv11%3Futm_source%3Djeeng%26utm_medium%3Dnative%26utm_campaign%3Dfungus_adv11_desktop_email_jeeng%26offid%3Dfungus%26offerurlid%3Dfungus_adv11_desktop_email%26trid%3D%257Btransaction_id%257D%26affid%3Djeeng%26affsub%3Dnative&ul=en-us&de=UTF-8&dt=Toenail%20Dr.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEADRAAAAC~&jid=1540118026&gjid=1566770613&cid=1620556934.1644236752&tid=UA-55722554-1&_gid=214288362.1644236752&_r=1&gtm=2wg220KWDB7M9&z=1101950050

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://funguseliminator.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 12:25:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://funguseliminator.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
407 B 23ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1181125052062198&ev=PageView&dl=https%3A%2F%2Ffunguseliminator.com%2Fadv11%3Futm_source%3Djeeng%26utm_medium%3Dnative%26utm_campaign%3Dfungus_adv11_desktop_email_jeeng%26offid%3Dfungus%26offerurlid%3Dfungus_adv11_desktop_email%26trid%3D%257Btransaction_id%257D%26affid%3Djeeng%26affsub%3Dnative&rl=&if=false&ts=1644236751638&sw=1600&sh=1200&v=2.9.52&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1644236751629.1798340820&it=1644236751506&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 12:25:51 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Mon, 07 Feb 2022 12:25:51 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
445 B 58ms
18ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-55722554-1&cid=1620556934.1644236752&jid=1540118026&gjid=1566770613&_gid=214288362.1644236752&_u=aGDACEACRAAAAC~&z=184606491

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://funguseliminator.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 07 Feb 2022 12:25:51 GMT
content-type: text/plain
access-control-allow-origin: https://funguseliminator.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
713 B 97ms
33ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Mon%2C%2007%20Feb%202022%2012%3A25%3A51%20GMT&n=0&b=Toenail%20Dr.&.yp=10161373&f=https%3A%2F%2Ffunguseliminator.com%2Fadv11%3Futm_source%3Djeeng%26utm_medium%3Dnative%26utm_campaign%3Dfungus_adv11_desktop_email_jeeng%26offid%3Dfungus%26offerurlid%3Dfungus_adv11_desktop_email%26trid%3D%257Btransaction_id%257D%26affid%3Djeeng%26affsub%3Dnative&enc=UTF-8&yv=1.12.0&tagmgr=gtm

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 12:25:51 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Mon, 07 Feb 2022 12:25:51 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/647474301/ 42 B
548 B 40ms
18ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/647474301/?random=1644236751554&cv=9&fst=1644235200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg220&sendb=1&frm=0&url=https%3A%2F%2Ffunguseliminator.com%2Fadv11%3Futm_source%3Djeeng%26utm_medium%3Dnative%26utm_campaign%3Dfungus_adv11_desktop_email_jeeng%26offid%3Dfungus%26offerurlid%3Dfungus_adv11_desktop_email%26trid%3D%257Btransaction_id%257D%26affid%3Djeeng%26affsub%3Dnative&tiba=Toenail%20Dr.&async=1&fmt=3&is_vtc=1&random=875179772&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 12:25:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/647474301/ 42 B
548 B 44ms
21ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/647474301/?random=1644236751554&cv=9&fst=1644235200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg220&sendb=1&frm=0&url=https%3A%2F%2Ffunguseliminator.com%2Fadv11%3Futm_source%3Djeeng%26utm_medium%3Dnative%26utm_campaign%3Dfungus_adv11_desktop_email_jeeng%26offid%3Dfungus%26offerurlid%3Dfungus_adv11_desktop_email%26trid%3D%257Btransaction_id%257D%26affid%3Djeeng%26affsub%3Dnative&tiba=Toenail%20Dr.&async=1&fmt=3&is_vtc=1&random=875179772&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 12:25:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/10841092459/ 42 B
108 B 29ms
20ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10841092459/?random=1644236751549&cv=9&fst=1644235200000&num=1&label=OrD6COLi55EDEOvit7Eo&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg220&sendb=1&frm=0&url=https%3A%2F%2Ffunguseliminator.com%2Fadv11%3Futm_source%3Djeeng%26utm_medium%3Dnative%26utm_campaign%3Dfungus_adv11_desktop_email_jeeng%26offid%3Dfungus%26offerurlid%3Dfungus_adv11_desktop_email%26trid%3D%257Btransaction_id%257D%26affid%3Djeeng%26affsub%3Dnative&tiba=Toenail%20Dr.&async=1&fmt=3&is_vtc=1&random=120399182&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 12:25:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/10841092459/ 42 B
108 B 21ms
18ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10841092459/?random=1644236751549&cv=9&fst=1644235200000&num=1&label=OrD6COLi55EDEOvit7Eo&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg220&sendb=1&frm=0&url=https%3A%2F%2Ffunguseliminator.com%2Fadv11%3Futm_source%3Djeeng%26utm_medium%3Dnative%26utm_campaign%3Dfungus_adv11_desktop_email_jeeng%26offid%3Dfungus%26offerurlid%3Dfungus_adv11_desktop_email%26trid%3D%257Btransaction_id%257D%26affid%3Djeeng%26affsub%3Dnative&tiba=Toenail%20Dr.&async=1&fmt=3&is_vtc=1&random=120399182&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 12:25:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/10778990234/ 42 B
64 B 50ms
31ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10778990234/?random=1644236751553&cv=9&fst=1644235200000&num=1&label=6hRTCIPT-vYCEJqt6ZMo&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg220&sendb=1&frm=0&url=https%3A%2F%2Ffunguseliminator.com%2Fadv11%3Futm_source%3Djeeng%26utm_medium%3Dnative%26utm_campaign%3Dfungus_adv11_desktop_email_jeeng%26offid%3Dfungus%26offerurlid%3Dfungus_adv11_desktop_email%26trid%3D%257Btransaction_id%257D%26affid%3Djeeng%26affsub%3Dnative&tiba=Toenail%20Dr.&async=1&fmt=3&is_vtc=1&random=2228590636&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 12:25:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/10778990234/ 42 B
64 B 51ms
31ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10778990234/?random=1644236751553&cv=9&fst=1644235200000&num=1&label=6hRTCIPT-vYCEJqt6ZMo&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg220&sendb=1&frm=0&url=https%3A%2F%2Ffunguseliminator.com%2Fadv11%3Futm_source%3Djeeng%26utm_medium%3Dnative%26utm_campaign%3Dfungus_adv11_desktop_email_jeeng%26offid%3Dfungus%26offerurlid%3Dfungus_adv11_desktop_email%26trid%3D%257Btransaction_id%257D%26affid%3Djeeng%26affsub%3Dnative&tiba=Toenail%20Dr.&async=1&fmt=3&is_vtc=1&random=2228590636&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 12:25:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame E288 13 KB
5 KB 51ms
17ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=funguseliminator.com&origin=onetag

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

cdf0b0f2c5cef0e09f6cc68cb1a183831eba5c571627b3862c0d959de0350678

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 1862
date: Mon, 07 Feb 2022 12:25:51 GMT
content-length: 5182
strict-transport-security: max-age=31536000; preload;

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 35ms
31ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-55722554-1&cid=1620556934.1644236752&jid=1540118026&_u=aGDACEACRAAAAC~&z=2018371931

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 12:25:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 36ms
32ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-55722554-1&cid=1620556934.1644236752&jid=1540118026&_u=aGDACEACRAAAAC~&z=2018371931

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 12:25:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1644236751707&aid=a-076h&se=e30&duid=497ad39143c8--01fva2bgq7dv986w0h2d9x2qeq&tna=v2.3.0&pu=https%3A%2F%2Ffunguseliminator.com%2Fadv11%3Futm_source%3Djeeng%26utm_mediu...
https://rp4.liadm.com/j?dtstmp=1644236751707&aid=a-076h&se=e30&duid=497ad39143c8--01fva2bgq7dv986w0h2d9x2qeq&tna=v2.3.0&pu=https%3A%2F%2Ffunguseliminator.com%2Fadv11%3Futm_source%3Djeeng%26utm_medi...

13 B
552 B

436ms
99ms

XHR
application/json

35.153.221.88
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rp4.liadm.com/j?dtstmp=1644236751707&aid=a-076h&se=e30&duid=497ad39143c8--01fva2bgq7dv986w0h2d9x2qeq&tna=v2.3.0&pu=https%3A%2F%2Ffunguseliminator.com%2Fadv11%3Futm_source%3Djeeng%26utm_medium%3Dnative%26utm_campaign%3Dfungus_adv11_desktop_email_jeeng%26offid%3Dfungus%26offerurlid%3Dfungus_adv11_desktop_email%26trid%3D%257Btransaction_id%257D%26affid%3Djeeng%26affsub%3Dnative&wpn=lc-bundle&c=PHRpdGxlPlRvZW5haWwgRHIuPC90aXRsZT48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iUmVtZWR5IHRvZW5haWwgaW5mZWN0aW9ucyBhdCB0aGUgcm9vdHMsIHNvIHlvdSBjYW4gZGl0Y2ggdGhlIHNvY2tzIGFuZCB3ZWFyIHNhbmRhbHMgYWdhaW4gb3IgZXZlbiBnbyBiYXJlZm9vdCEiPjxoMSBjbGFzcz0iY29sb3Itd2hpdGUiPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBBcmUgWW91IE1ha2luZyBBbnkgb2YgVGhlc2UgNyBUb2VuYWlsIEZ1bmd1cyBNaXN0YWtlcz8KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L2gxPg&i6=MjAwMTphYzg6MjA6M2MwMDoxMDExOjZlNDA6ODJkNDpjOGVm&n3pc=true

Protocol

Server

35.153.221.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-153-221-88.compute-1.amazonaws.com

Software

Resource Hash

efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 12:25:52 GMT
x-pixel-event-id: fac77bf7-a92b-4367-9876-d083b1530713
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: null
x-xss-protection: 1; mode=block
vary: Origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
trace-id: 3ff3a23af501a043
request-time: 1
content-length: 13
x-content-type-options: nosniff

Redirect headers

date: Mon, 07 Feb 2022 12:25:52 GMT
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies: master-only
location: https://rp4.liadm.com/j?dtstmp=1644236751707&aid=a-076h&se=e30&duid=497ad39143c8--01fva2bgq7dv986w0h2d9x2qeq&tna=v2.3.0&pu=https%3A%2F%2Ffunguseliminator.com%2Fadv11%3Futm_source%3Djeeng%26utm_medium%3Dnative%26utm_campaign%3Dfungus_adv11_desktop_email_jeeng%26offid%3Dfungus%26offerurlid%3Dfungus_adv11_desktop_email%26trid%3D%257Btransaction_id%257D%26affid%3Djeeng%26affsub%3Dnative&wpn=lc-bundle&c=PHRpdGxlPlRvZW5haWwgRHIuPC90aXRsZT48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iUmVtZWR5IHRvZW5haWwgaW5mZWN0aW9ucyBhdCB0aGUgcm9vdHMsIHNvIHlvdSBjYW4gZGl0Y2ggdGhlIHNvY2tzIGFuZCB3ZWFyIHNhbmRhbHMgYWdhaW4gb3IgZXZlbiBnbyBiYXJlZm9vdCEiPjxoMSBjbGFzcz0iY29sb3Itd2hpdGUiPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBBcmUgWW91IE1ha2luZyBBbnkgb2YgVGhlc2UgNyBUb2VuYWlsIEZ1bmd1cyBNaXN0YWtlcz8KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L2gxPg&i6=MjAwMTphYzg6MjA6M2MwMDoxMDExOjZlNDA6ODJkNDpjOGVm&n3pc=true
x-frame-options: DENY
access-control-allow-origin: https://funguseliminator.com
x-xss-protection: 1; mode=block
vary: Origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
trace-id: 9ae8bc33c17f7142
request-time: 1
content-length: 0
x-content-type-options: nosniff

GET
H/1.1 200
OK FungusAdvTap.jpg
funguseliminator.com/assets/images/ 29 KB
29 KB 98ms
98ms Image
image/jpeg 159.89.239.100
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://funguseliminator.com/assets/images/FungusAdvTap.jpg
Requested by: Host: funguseliminator.com
URL: https://funguseliminator.com/adv11?utm_source=jeeng&utm_medium=native&utm_campaign=fungus_adv11_desktop_email_jeeng&offid=fungus&offerurlid=fungus_adv11_desktop_email&trid=%7Btransaction_id%7D&affid=jeeng&affsub=native
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.89.239.100 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: funguseliminator.com
Software: nginx /
Resource Hash: b5915631e40a2555fcd6135307982f1c8e35dc00a66c3dbc49b7e7955f8cff50

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/adv11?utm_source=jeeng&utm_medium=native&utm_campaign=fungus_adv11_desktop_email_jeeng&offid=fungus&offerurlid=fungus_adv11_desktop_email&trid=%7Btransaction_id%7D&affid=jeeng&affsub=native
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 07 Feb 2022 12:25:51 GMT
Last-Modified: Thu, 22 Jul 2021 07:10:44 GMT
Server: nginx
ETag: "60f919f4-749e"
Content-Type: image/jpeg
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29854
Expires: Wed, 09 Mar 2022 12:25:51 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame E288
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=funguseliminator.com&sn=ChromeSyncframe&so=0&topUrl=funguseliminator.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=2b5m6nxqRjJpTXF2Q0g2VGJTSHEyRWRCOWF5Tkt0YVpRQXF0YW9CTkFxZEhsWDBYU3hGWENFdE9rVHRNRzhZVXZWOGdSY2llMFptRzU3L3g5Q09SOHRrSVpUNVNyVUs3OWNxbFJFTmo1ODFaZS9IcXZGaXJacXV6cTJjOV...

462 B
659 B

54ms
22ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=2b5m6nxqRjJpTXF2Q0g2VGJTSHEyRWRCOWF5Tkt0YVpRQXF0YW9CTkFxZEhsWDBYU3hGWENFdE9rVHRNRzhZVXZWOGdSY2llMFptRzU3L3g5Q09SOHRrSVpUNVNyVUs3OWNxbFJFTmo1ODFaZS9IcXZGaXJacXV6cTJjOVNhUm80ekhNMXNEL1dBY1oxKzFWR3kwbEQxMmZNWGN5K3oxLzZqRnhIZmpWWjIzTFB5QnFTbURvUU9zaHlRSzVmZldGRm5haHVtdmF3Z0U4a1cvU2JBaU5OY2gvejJpYS9XUTd0ZFNyMTQ5RkdFSzZSWi9wYVNoQ1VvdzlMdDF1U0VYQjZCSUpxcXNVTy9QdXA4elJsZjk3MkpkVVdIcU00dEg4MWI5cngvSXhVcWJ5SkxZWT18&cppv=2

Requested by

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

555b49f423d7c9a3b8772fb17dd2da937875d507174f40c75e43ab227dbef08b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 12:25:51 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4766
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 07 Feb 2022 12:25:50 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=2b5m6nxqRjJpTXF2Q0g2VGJTSHEyRWRCOWF5Tkt0YVpRQXF0YW9CTkFxZEhsWDBYU3hGWENFdE9rVHRNRzhZVXZWOGdSY2llMFptRzU3L3g5Q09SOHRrSVpUNVNyVUs3OWNxbFJFTmo1ODFaZS9IcXZGaXJacXV6cTJjOVNhUm80ekhNMXNEL1dBY1oxKzFWR3kwbEQxMmZNWGN5K3oxLzZqRnhIZmpWWjIzTFB5QnFTbURvUU9zaHlRSzVmZldGRm5haHVtdmF3Z0U4a1cvU2JBaU5OY2gvejJpYS9XUTd0ZFNyMTQ5RkdFSzZSWi9wYVNoQ1VvdzlMdDF1U0VYQjZCSUpxcXNVTy9QdXA4elJsZjk3MkpkVVdIcU00dEg4MWI5cngvSXhVcWJ5SkxZWT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2034
content-length: 567
expires: 0

GET
H2 200 UCAffiliateNetworkPixel
secure.funguseliminator.com/cgi-bin/ 0
379 B 107ms
107ms Stylesheet
text/plain 76.223.24.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.funguseliminator.com/cgi-bin/UCAffiliateNetworkPixel?t=0.7899858702509426&r=&u=https%3A%2F%2Ffunguseliminator.com%2Fadv11%3Futm_source%3Djeeng%26utm_medium%3Dnative%26utm_campaign%3Dfungus_adv11_desktop_email_jeeng%26offid%3Dfungus%26offerurlid%3Dfungus_adv11_desktop_email%26trid%3D%257Btransaction_id%257D%26affid%3Djeeng%26affsub%3Dnative
Requested by: Host: secure.funguseliminator.com
URL: https://secure.funguseliminator.com/cgi-bin/UCAffiliateNetworkPixel
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.24.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a746f2a683c73ece4.awsglobalaccelerator.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 12:25:51 GMT
content-length: 0
server: Apache

GET
H2 200 json Show response
trc.taboola.com/1331528/trc/3/ 2 KB
1 KB 48ms
27ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1331528/trc/3/json?tim=1644236751919&data=%7B%22id%22%3A651%2C%22ii%22%3A%22%2Fadv11%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1644236751914%2C%22cv%22%3A%2220220207-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Ffunguseliminator.com%2Fadv11%3Futm_source%3Djeeng%26utm_medium%3Dnative%26utm_campaign%3Dfungus_adv11_desktop_email_jeeng%26offid%3Dfungus%26offerurlid%3Dfungus_adv11_desktop_email%26trid%3D%257Btransaction_id%257D%26affid%3Djeeng%26affsub%3Dnative%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Futm_source%3Djeeng%26utm_medium%3Dnative%26utm_campaign%3Dfungus_adv11_desktop_email_jeeng%26offid%3Dfungus%26offerurlid%3Dfungus_adv11_desktop_email%26trid%3D%257Btransaction_id%257D%26affid%3Djeeng%26affsub%3Dnative%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Ddjmedia-funguseliminator2-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1644236751918%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Ffunguseliminator.com%2Fadv11%3Futm_source%3Djeeng%26utm_medium%3Dnative%26utm_campaign%3Dfungus_adv11_desktop_email_jeeng%26offid%3Dfungus%26offerurlid%3Dfungus_adv11_desktop_email%26trid%3D%257Btransaction_id%257D%26affid%3Djeeng%26affsub%3Dnative%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A55%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1331528/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 46c63d58e67b9b2a581a862b8bcb364d53df649e0a211808e1103e2f89617e4e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms: 20
date: Mon, 07 Feb 2022 12:25:51 GMT
content-encoding: gzip
server: nginx
x-timer: S1644236752.945559,VS0,VE20
x-served-by: cache-hhn4059-HHN
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 UCAffiliateNetworkPixel
secure2.funguseliminator.com/cgi-bin/ 0
378 B 114ms
114ms Stylesheet
text/plain 54.145.115.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure2.funguseliminator.com/cgi-bin/UCAffiliateNetworkPixel?t=0.9899553738981091&r=&u=https%3A%2F%2Ffunguseliminator.com%2Fadv11%3Futm_source%3Djeeng%26utm_medium%3Dnative%26utm_campaign%3Dfungus_adv11_desktop_email_jeeng%26offid%3Dfungus%26offerurlid%3Dfungus_adv11_desktop_email%26trid%3D%257Btransaction_id%257D%26affid%3Djeeng%26affsub%3Dnative
Requested by: Host: secure2.funguseliminator.com
URL: https://secure2.funguseliminator.com/cgi-bin/UCAffiliateNetworkPixel
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.145.115.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-145-115-178.compute-1.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 12:25:52 GMT
content-length: 0
server: Apache

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 32ms
19ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1181125052062198&ev=Microdata&dl=https%3A%2F%2Ffunguseliminator.com%2Fadv11%3Futm_source%3Djeeng%26utm_medium%3Dnative%26utm_campaign%3Dfungus_adv11_desktop_email_jeeng%26offid%3Dfungus%26offerurlid%3Dfungus_adv11_desktop_email%26trid%3D%257Btransaction_id%257D%26affid%3Djeeng%26affsub%3Dnative&rl=&if=false&ts=1644236752145&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Toenail%20Dr.%22%2C%22meta%3Akeywords%22%3A%22toenail%20dr%2C%20purehealth%20research%2C%20immune%20system%22%2C%22meta%3Adescription%22%3A%22Remedy%20toenail%20infections%20at%20the%20roots%2C%20so%20you%20can%20ditch%20the%20socks%20and%20wear%20sandals%20again%20or%20even%20go%20barefoot!%22%7D&cd[OpenGraph]=%7B%22og%3Adescription%22%3A%22Remedy%20toenail%20infections%20at%20the%20roots%2C%20so%20you%20can%20ditch%20the%20socks%20and%20wear%20sandals%20again%20or%20even%20go%20barefoot!%22%2C%22og%3Akeywords%22%3A%22toenail%20dr%2C%20purehealth%20research%2C%20immune%20system%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.52&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1644236751629.1798340820&it=1644236751506&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 12:25:52 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Mon, 07 Feb 2022 12:25:52 GMT

GET
H3

200

activityi;dc_pre=CKnPsJzL7fUCFcZIGwodgIQA-Q;src=10720395;type=allvi000;cat=allvi0;ord=1;num=7803812419112;gtm=2wg220;auiddc=1735173858.1644236751;~oref=https%3A%2F%2Ffunguseliminator.com%2Fadv11%3F... Show response
10720395.fls.doubleclick.net/ Frame 8581
Redirect Chain

https://10720395.fls.doubleclick.net/activityi;src=10720395;type=allvi000;cat=allvi0;ord=1;num=7803812419112;gtm=2wg220;auiddc=1735173858.1644236751;~oref=https%3A%2F%2Ffunguseliminator.com%2Fadv11...
https://10720395.fls.doubleclick.net/activityi;dc_pre=CKnPsJzL7fUCFcZIGwodgIQA-Q;src=10720395;type=allvi000;cat=allvi0;ord=1;num=7803812419112;gtm=2wg220;auiddc=1735173858.1644236751;~oref=https%3A...

630 B
473 B

40ms
25ms

Document
text/html

142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10720395.fls.doubleclick.net/activityi;dc_pre=CKnPsJzL7fUCFcZIGwodgIQA-Q;src=10720395;type=allvi000;cat=allvi0;ord=1;num=7803812419112;gtm=2wg220;auiddc=1735173858.1644236751;~oref=https%3A%2F%2Ffunguseliminator.com%2Fadv11%3Futm_source%3Djeeng%26utm_medium%3Dnative%26utm_campaign%3Dfungus_adv11_desktop_email_jeeng%26offid%3Dfungus%26offerurlid%3Dfungus_adv11_desktop_email%26trid%3D%257Btransaction_id%257D%26affid%3Djeeng%26affsub%3Dnative?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KWDB7M9

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

16c1bc41d4ee19d13749ab8e9abff2f4ebfe098be3eb81c1d98b7b6fa143a788

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 07 Feb 2022 12:25:52 GMT
expires: Mon, 07 Feb 2022 12:25:52 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 448
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 07 Feb 2022 12:25:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://10720395.fls.doubleclick.net/activityi;dc_pre=CKnPsJzL7fUCFcZIGwodgIQA-Q;src=10720395;type=allvi000;cat=allvi0;ord=1;num=7803812419112;gtm=2wg220;auiddc=1735173858.1644236751;~oref=https%3A%2F%2Ffunguseliminator.com%2Fadv11%3Futm_source%3Djeeng%26utm_medium%3Dnative%26utm_campaign%3Dfungus_adv11_desktop_email_jeeng%26offid%3Dfungus%26offerurlid%3Dfungus_adv11_desktop_email%26trid%3D%257Btransaction_id%257D%26affid%3Djeeng%26affsub%3Dnative?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 mgsensor.js Show response
a.mgid.com/ 42 KB
16 KB 182ms
115ms Script
application/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.mgid.com/mgsensor.js?d=1644236752197
Requested by: Host: funguseliminator.com
URL: https://funguseliminator.com/adv11?utm_source=jeeng&utm_medium=native&utm_campaign=fungus_adv11_desktop_email_jeeng&offid=fungus&offerurlid=fungus_adv11_desktop_email&trid=%7Btransaction_id%7D&affid=jeeng&affsub=native
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c61e80b922ccd7d2dd90bf548d95bcd85415a36ffae0f761691929a686c2a7a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 12:25:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 3a8c578e-1eee-4ce7-b2e2-750886f40732
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6d9c9a75af0a9134-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare

GET
H3 204 a
www.googletagmanager.com/ 0
17 B 63ms
30ms Image
image/gif 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=OPT-N6TLKC9&cv=64&t=ol&s=h1&h=245&g=82&p=gtm&o=4000&l=245&q=176&f=54&e=18&i=19&d=175&c=-38&hc=0&sr=0.050000&ps=0.016715234313584126&cb=532808842

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 12:25:52 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CKnPsJzL7fUCFcZIGwodgIQA-Q;src=10720395;type=allvi000;cat=allvi0;ord=1;num=7803812419112;gtm=2wg220;auiddc=*;~oref=https%3A%2F%2Ffunguseliminator.com%2Fadv11%3Futm_source%3Djeeng%26utm_mediu...
adservice.google.com/ddm/fls/z/ Frame 8581 42 B
494 B 67ms
43ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CKnPsJzL7fUCFcZIGwodgIQA-Q;src=10720395;type=allvi000;cat=allvi0;ord=1;num=7803812419112;gtm=2wg220;auiddc=*;~oref=https%3A%2F%2Ffunguseliminator.com%2Fadv11%3Futm_source%3Djeeng%26utm_medium%3Dnative%26utm_campaign%3Dfungus_adv11_desktop_email_jeeng%26offid%3Dfungus%26offerurlid%3Dfungus_adv11_desktop_email%26trid%3D%257Btransaction_id%257D%26affid%3Djeeng%26affsub%3Dnative

Requested by

Host: 10720395.fls.doubleclick.net
URL: https://10720395.fls.doubleclick.net/activityi;dc_pre=CKnPsJzL7fUCFcZIGwodgIQA-Q;src=10720395;type=allvi000;cat=allvi0;ord=1;num=7803812419112;gtm=2wg220;auiddc=1735173858.1644236751;~oref=https%3A%2F%2Ffunguseliminator.com%2Fadv11%3Futm_source%3Djeeng%26utm_medium%3Dnative%26utm_campaign%3Dfungus_adv11_desktop_email_jeeng%26offid%3Dfungus%26offerurlid%3Dfungus_adv11_desktop_email%26trid%3D%257Btransaction_id%257D%26affid%3Djeeng%26affsub%3Dnative?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://10720395.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 12:25:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1x1.gif
a.mgid.com/ 43 B
397 B 121ms
107ms Image
image/gif 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.mgid.com/1x1.gif?id=133919&type=c&tg=&r=https%3A%2F%2Ffunguseliminator.com%2Fadv11%3Futm_source%3Djeeng%26utm_medium%3Dnative%26utm_campaign%3Dfungus_adv11_desktop_email_jeeng%26offid%3Dfungus%26offerurlid%3Dfungus_adv11_desktop_email%26trid%3D%257Btransaction_id%257D%26affid%3Djeeng%26affsub%3Dnative&utmc=0&utmt=0&nv=1&utms=&utmcp=&utmm=&clid=&cmgid=0&cmtid=0&cmtuid=0&d=1644236752483
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 12:25:52 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6d9c9a771b9f9140-FRA
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 unip Show response
trc-events.taboola.com/1331528/log/3/ 0
250 B 91ms
14ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1331528/log/3/unip?en=pre_d_eng_tb&tos=1640&scd=55&ssd=1&est=1644236751916&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1644236753556&vi=1644236751914&ri=812e03da45ed1defee1ebc6556e16f2d&ref=null&cv=20220207-4-RELEASE&item-url=https%3A%2F%2Ffunguseliminator.com%2Fadv11%3Futm_source%3Djeeng%26utm_medium%3Dnative%26utm_campaign%3Dfungus_adv11_desktop_email_jeeng%26offid%3Dfungus%26offerurlid%3Dfungus_adv11_desktop_email%26trid%3D%257Btransaction_id%257D%26affid%3Djeeng%26affsub%3Dnative
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1331528/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: https://funguseliminator.com
pragma: no-cache
date: Mon, 07 Feb 2022 12:25:53 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 14 KB
6 KB 40ms
9ms Script
application/javascript 151.101.12.157

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KWDB7M9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 12:25:56 GMT
content-encoding: gzip
last-modified: Sat, 05 Feb 2022 00:44:37 GMT
etag: "8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 5410
x-served-by: cache-iad-kjyo7100084-IAD, cache-fra19171-FRA

GET
H3 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 48ms
32ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KWDB7M9

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

c702f93c91758dab0525c376a408e8327f30bad81a8d30f26588c770585418f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 12:25:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14850
x-xss-protection: 0
server: cafe
etag: 8228622888473677312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 07 Feb 2022 12:25:56 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1181125052062198&ev=5%20Seconds&dl=https%3A%2F%2Ffunguseliminator.com%2Fadv11%3Futm_source%3Djeeng%26utm_medium%3Dnative%26utm_campaign%3Dfungus_adv11_desktop_email_jeeng%26offid%3Dfungus%26offerurlid%3Dfungus_adv11_desktop_email%26trid%3D%257Btransaction_id%257D%26affid%3Djeeng%26affsub%3Dnative&rl=&if=false&ts=1644236756475&sw=1600&sh=1200&v=2.9.52&r=stable&a=tmgoogletagmanager&ec=2&o=30&fbp=fb.1.1644236751629.1798340820&it=1644236751506&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 12:25:56 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Mon, 07 Feb 2022 12:25:56 GMT

GET
H2 403 adsct
analytics.twitter.com/i/ 0
0 133ms
117ms Script
text/plain 104.244.42.131

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o7429&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=84c63f58-4522-415b-8ac3-dd393dd78afa&tw_document_href=https%3A%2F%2Ffunguseliminator.com%2Fadv11%3Futm_source%3Djeeng%26utm_medium%3Dnative%26utm_campaign%3Dfungus_adv11_desktop_email_jeeng%26offid%3Dfungus%26offerurlid%3Dfungus_adv11_desktop_email%26trid%3D%257Btransaction_id%257D%26affid%3Djeeng%26affsub%3Dnative&tpx_cb=twttr.conversion.loadPixels

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 -, , ASN (),

Reverse DNS

Software

tsa_o /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-response-time: 107
date: Mon, 07 Feb 2022 12:25:56 UTC
cache-control: no-cache, no-store, max-age=0
server: tsa_o
x-connection-hash: f444b4a1d2f01c55bb1b14a2f729ce7def812944e31f24593a18082af90a2ef5
content-length: 0
strict-transport-security: max-age=631138519

GET
H2 200 adsct
t.co/i/ 43 B
337 B 139ms
123ms Image
image/gif 104.244.42.69

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o7429&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=84c63f58-4522-415b-8ac3-dd393dd78afa&tw_document_href=https%3A%2F%2Ffunguseliminator.com%2Fadv11%3Futm_source%3Djeeng%26utm_medium%3Dnative%26utm_campaign%3Dfungus_adv11_desktop_email_jeeng%26offid%3Dfungus%26offerurlid%3Dfungus_adv11_desktop_email%26trid%3D%257Btransaction_id%257D%26affid%3Djeeng%26affsub%3Dnative

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 -, , ASN (),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-response-time: 116
date: Mon, 07 Feb 2022 12:25:55 GMT
server: tsa_o
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: c35defc0581cbb0e5039195c028d2b4da63cc04781c1c0047a14b605ed538c7d
content-length: 43

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/647474301/ 3 KB
1 KB 43ms
28ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/647474301/?random=1644236756526&cv=9&fst=1644236756526&num=1&label=6hRTCIPT-vYCEJqt6ZMo&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg220&sendb=1&ig=1&frm=0&url=https%3A%2F%2Ffunguseliminator.com%2Fadv11%3Futm_source%3Djeeng%26utm_medium%3Dnative%26utm_campaign%3Dfungus_adv11_desktop_email_jeeng%26offid%3Dfungus%26offerurlid%3Dfungus_adv11_desktop_email%26trid%3D%257Btransaction_id%257D%26affid%3Djeeng%26affsub%3Dnative&tiba=Toenail%20Dr.&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f330fabbf5f128c6c3c6c272c72432081a95c052c21b3aa15c774c8cd9cdbdd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 12:25:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1221
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 unip Show response
trc-events.taboola.com/1331528/log/3/ 0
249 B 14ms
14ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1331528/log/3/unip?en=pre_d_eng_tb&tos=4641&scd=55&ssd=1&est=1644236751916&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1644236756558&vi=1644236751914&ri=812e03da45ed1defee1ebc6556e16f2d&ref=null&cv=20220207-4-RELEASE&item-url=https%3A%2F%2Ffunguseliminator.com%2Fadv11%3Futm_source%3Djeeng%26utm_medium%3Dnative%26utm_campaign%3Dfungus_adv11_desktop_email_jeeng%26offid%3Dfungus%26offerurlid%3Dfungus_adv11_desktop_email%26trid%3D%257Btransaction_id%257D%26affid%3Djeeng%26affsub%3Dnative
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1331528/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: https://funguseliminator.com
pragma: no-cache
date: Mon, 07 Feb 2022 12:25:56 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H3 200 /
www.google.com/pagead/1p-user-list/647474301/ 42 B
64 B 20ms
19ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/647474301/?random=1644236756526&cv=9&fst=1644235200000&num=1&label=6hRTCIPT-vYCEJqt6ZMo&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg220&sendb=1&frm=0&url=https%3A%2F%2Ffunguseliminator.com%2Fadv11%3Futm_source%3Djeeng%26utm_medium%3Dnative%26utm_campaign%3Dfungus_adv11_desktop_email_jeeng%26offid%3Dfungus%26offerurlid%3Dfungus_adv11_desktop_email%26trid%3D%257Btransaction_id%257D%26affid%3Djeeng%26affsub%3Dnative&tiba=Toenail%20Dr.&async=1&fmt=3&is_vtc=1&cid=CAQSKQCNIrLMXhTLuaD3uzhlOKW7dOxZqbUAhWM5KqFTBRX24flyGVq8g9ec&random=1475048292&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 12:25:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/647474301/ 42 B
64 B 20ms
20ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/647474301/?random=1644236756526&cv=9&fst=1644235200000&num=1&label=6hRTCIPT-vYCEJqt6ZMo&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg220&sendb=1&frm=0&url=https%3A%2F%2Ffunguseliminator.com%2Fadv11%3Futm_source%3Djeeng%26utm_medium%3Dnative%26utm_campaign%3Dfungus_adv11_desktop_email_jeeng%26offid%3Dfungus%26offerurlid%3Dfungus_adv11_desktop_email%26trid%3D%257Btransaction_id%257D%26affid%3Djeeng%26affsub%3Dnative&tiba=Toenail%20Dr.&async=1&fmt=3&is_vtc=1&cid=CAQSKQCNIrLMXhTLuaD3uzhlOKW7dOxZqbUAhWM5KqFTBRX24flyGVq8g9ec&random=1475048292&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://funguseliminator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 12:25:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.rev-stripe.com/	1970-01-20 00:45:23	Name: eid2272 Value: 70fd1e04a23e4f629fa7f8e41b25fcdd
.track.funguseliminator.com/	1970-01-20 00:45:23	Name: 46927848-bdde-408c-a148-5d28d53275bc-v4 Value: AFrdbgReLiahNgQzEpsBvpTZ-rpdWDdrhsI48xUoQa0
.track.funguseliminator.com/	1970-01-20 09:29:32	Name: cc-v4 Value: Q7wQZwk2eNWK3QGjWr90H3GoNyZczeEDHuvT1%2BxWxfiX590FYDq0Cv9YA3nSMuXJvIIqtQYH32iupgVL%2FL7gSGy36gjQZaJq0H4ZBf7hdH%2B%2FlrB4EMZTy1FczAywetNKmslfJ54wkHjdmkGWHxapJg%3D%3D
.funguseliminator.com/	1970-01-20 02:53:32	Name: _gcl_au Value: 1.1.1735173858.1644236751
.funguseliminator.com/	1970-01-20 18:15:08	Name: _ga Value: GA1.2.1620556934.1644236752
.funguseliminator.com/	1970-01-20 00:45:23	Name: _gid Value: GA1.2.214288362.1644236752
.bing.com/	1970-01-20 10:05:32	Name: MUID Value: 180B9CCBB0216E8F0CE08D8FB14A6F96
.funguseliminator.com/	1970-01-20 00:45:23	Name: _uetsid Value: 16868360881111ec943f337ef9df4ae7
.funguseliminator.com/	1970-01-20 10:05:32	Name: _uetvid Value: 16868df0881111ec935f9539aa249b9f
.funguseliminator.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .funguseliminator.com
.funguseliminator.com/	1970-01-20 18:15:08	Name: _lc2_fpi Value: 497ad39143c8--01fva2bgq7dv986w0h2d9x2qeq
.funguseliminator.com/	1970-01-20 00:43:56	Name: _gat_UA-55722554-1 Value: 1
.funguseliminator.com/	1970-01-20 02:53:32	Name: _fbp Value: fb.1.1644236751629.1798340820
.facebook.com/	1970-01-20 02:53:32	Name: fr Value: 03NkVdXDddSXBMvER..BiAQ_P...1.0.BiAQ_P.
.criteo.com/	1970-01-20 10:05:32	Name: uid Value: 8d6a2824-b54d-4373-aad7-4db4317662d1
.yahoo.com/	1970-01-20 09:29:54	Name: A3 Value: d=AQABBM8PAWICECdC3ehs1Z3gCWp81NoZO7QFEgEBAQFhAmIKYgAAAAAA_eMAAA&S=AQAAAjarxG-CioBV0stYPAq7BW8
.funguseliminator.com/	1970-01-20 09:29:32	Name: ucacid Value: 1802447090.577518
.funguseliminator.com/	1970-01-20 10:13:20	Name: cto_bundle Value: hfA4DF9BblQ5QyUyQmQwRiUyRkJxcjBDdSUyRlNadkwlMkZxc2RGWnE0ejl1czJQMm82RWNDVDl5MFA2bGJkUk1QenRYYjhOS2RpNkg1WGo0ZDVLSWZXdTZtREVTeGF6UUpWU1I0aFFnRHU5QlJQYVZabU9zQzFoY2Mwckg5cGRzRXI4OHNvMEF6TjR3QnZmaGFhcjhvZ1JCM3glMkJWZktSamdaOEV6JTJCWmRpV1pTR3VMSzBmTk1yRzQlM0Q
funguseliminator.com/	1970-01-20 00:43:57	Name: outbrain_cid_fetch Value: true
secure.funguseliminator.com/	1970-01-20 00:54:01	Name: AWSALB Value: gefl8niImZX+j16BimqAOWtJTwxJqOUtxmYEJxM8Kz1D5Ki+9T/GBpRQw5kQbx9MEUcZjvTnoMLQgxotn6O27Bj0Q2TzVxGrgGIwIP+vjwK2Yu/j1Za52dpN0Q7I
secure.funguseliminator.com/	1970-01-20 00:54:01	Name: AWSALBCORS Value: gefl8niImZX+j16BimqAOWtJTwxJqOUtxmYEJxM8Kz1D5Ki+9T/GBpRQw5kQbx9MEUcZjvTnoMLQgxotn6O27Bj0Q2TzVxGrgGIwIP+vjwK2Yu/j1Za52dpN0Q7I
secure2.funguseliminator.com/	1970-01-20 00:54:01	Name: AWSALB Value: I+sqBsblriSRQBN8+ehgxzHpXlree/rg3jCEb4Zkd+kop09N2/SAZy9QoXmFgjVOP8t2yVDCwd5i0Z7SAu3CdSWYm2K5Pu2pUPKiUNmWjY3l+YXtCI59I77Wfnjm
secure2.funguseliminator.com/	1970-01-20 00:54:01	Name: AWSALBCORS Value: I+sqBsblriSRQBN8+ehgxzHpXlree/rg3jCEb4Zkd+kop09N2/SAZy9QoXmFgjVOP8t2yVDCwd5i0Z7SAu3CdSWYm2K5Pu2pUPKiUNmWjY3l+YXtCI59I77Wfnjm
.liadm.com/	1970-01-20 18:15:08	Name: lidid Value: d0d53e20-aca0-42b1-9525-67877cf8c30d
.doubleclick.net/	1970-01-20 10:05:32	Name: IDE Value: AHWqTUkPLZ6O26W-48LFBpOQg3b8AvafwMUXbr-NRkDEMgTrPYNE-XBWNPq1rJh5VcU
.mgid.com/	1970-01-25 20:31:23	Name: muidn Value: m17QuRwav5p4
.mgid.com/	1970-01-20 00:43:58	Name: __cf_bm Value: 81291304f41bb47b7c522f24ebce115a6dbd8c0f-1644236752-0-AZUQjTDNGT9c009d7wVXHIvPTOZQ6u/qzNAiS0BdNFVHUVJlBTzpHo9vxYCaopfg9kdhARMlQ6KhOS8sgS8hQ7Y=
funguseliminator.com/	1970-01-20 02:53:32	Name: MgidSensorNVis Value: 1
funguseliminator.com/	1970-01-20 02:53:32	Name: MgidSensorHref Value: https://funguseliminator.com/adv11?utm_source=jeeng&utm_medium=native&utm_campaign=fungus_adv11_desktop_email_jeeng&offid=fungus&offerurlid=fungus_adv11_desktop_email&trid=%7Btransaction_id%7D&affid=jeeng&affsub=native

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.googletagmanager.com/gtm.js?id=GTM-KWDB7M9(Line 60) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.googletagmanager.com/gtm.js?id=GTM-KWDB7M9(Line 60) Message: Unrecognized feature: 'conversion-measurement'.
network	error	URL: https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o7429&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=84c63f58-4522-415b-8ac3-dd393dd78afa&tw_document_href=https%3A%2F%2Ffunguseliminator.com%2Fadv11%3Futm_source%3Djeeng%26utm_medium%3Dnative%26utm_campaign%3Dfungus_adv11_desktop_email_jeeng%26offid%3Dfungus%26offerurlid%3Dfungus_adv11_desktop_email%26trid%3D%257Btransaction_id%257D%26affid%3Djeeng%26affsub%3Dnative&tpx_cb=twttr.conversion.loadPixels Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10720395.fls.doubleclick.net
a.mgid.com
adservice.google.com
amplify.outbrain.com
analytics.twitter.com
b-code.liadm.com
bat.bing.com
cdn.taboola.com
connect.facebook.net
d9i5ve8f04qxt.cloudfront.net
dynamic.criteo.com
funguseliminator.com
googleads.g.doubleclick.net
gum.criteo.com
media.go2app.org
mug.criteo.com
rp.liadm.com
rp4.liadm.com
s.yimg.com
secure.funguseliminator.com
secure2.funguseliminator.com
sp.analytics.yahoo.com
static.ads-twitter.com
static.criteo.net
stats.g.doubleclick.net
stripe.rs-2335-a.com
t.co
tr.outbrain.com
tr.rev-stripe.com
track.funguseliminator.com
trc-events.taboola.com
trc.taboola.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.ibph4trk.com
104.19.135.78
104.244.42.131
104.244.42.69
108.156.253.88
108.157.4.93
13.84.54.237
141.226.228.48
142.250.185.130
142.250.74.198
151.101.12.157
151.101.193.44
159.89.239.100
178.250.0.147
178.250.0.157
18.193.209.105
2.20.86.44
212.82.100.181
2600:1f18:730:b150:e8d3:c41:b79d:6817
2600:9000:224a:4c00:8:8845:1500:93a1
2620:1ec:c11::200
2a00:1288:80:800::7000
2a00:1450:4001:80f::2004
2a00:1450:4001:811::2002
2a00:1450:4001:829::2003
2a00:1450:4001:829::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2008
2a00:1450:400c:c06::9c
2a02:2638:1::3
2a02:2638::1c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
35.153.221.88
35.244.130.28
54.145.115.178
70.42.32.31
76.223.24.123
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
10354e9bc6b485028971a1f58fccff5c89d722db324d42bc07963aab24ebb956
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
16c1bc41d4ee19d13749ab8e9abff2f4ebfe098be3eb81c1d98b7b6fa143a788
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
2340e62a4fe55531a77bbee847bde81d6e1959afc4189f8106bb1992d3ca1523
235816a52f1e08f6e174918cab1428db3a84baaa9f91221eed60169423fdb6cc
2760f940e090195ddc756475ffe48231b6e63f9dd638b8457ad0263b67730ea1
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
3c61e80b922ccd7d2dd90bf548d95bcd85415a36ffae0f761691929a686c2a7a
3f9410c4245b54ab9df19343af5d376a8db56f933db567c18b5e6fe0912ff96f
46c63d58e67b9b2a581a862b8bcb364d53df649e0a211808e1103e2f89617e4e
4758ffc00e2d3413aece1a57fc3e89b9709202312386d57eb74b5c198cf6800e
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
555b49f423d7c9a3b8772fb17dd2da937875d507174f40c75e43ab227dbef08b
5c44eb3ab0e0e3be403a45b56b99ac6e13910902b4116a5fe7d1dcd8cbcf2722
64927c18ac110305ba27a9c60253dffd4504c6eebb81d33e0f372d5e7e03b150
6d0b226328b562c66c58722ea6f322ea0e8a185958dcd52fddc12adb396c56e4
70d645f087077ac5d518a0761aa42fbe670158315e2f6bca5395285e1a730f1e
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8e6930924f43aa659782c0934b2570dda1bb6c304d4ee767e348949eb018d058
916d4133af3517c469b16283f1756cec2f971abb43d9479111c293ea878d0e30
98ab0f75ffed25276f261410c6e417195aa677a3258289221921764c074ed3e1
998d9415269d92557b561a936955f7590d5052865044a9191a528b5a36f3afc9
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a282a96e13d05786cd2102829f88aa7a9df6377eb77bab126d8e853a19750598
a9305db4cf8ceb980ddec6164368e1c1beb2cf26a3482ad39f3db1b877dd1892
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ac577f4c147e6aa74f97e302fa5b18ce1b099b80f28bc646f3885464ced161d6
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b5915631e40a2555fcd6135307982f1c8e35dc00a66c3dbc49b7e7955f8cff50
bb15a5914e59fd6b5a5c81dc6e6248519cc4381a9da237c2220fd0fbed935c67
c702f93c91758dab0525c376a408e8327f30bad81a8d30f26588c770585418f6
c806dff3db22560d5372577c3b0cbd35ba07e52d88b543802789c47347dbeba7
cdf0b0f2c5cef0e09f6cc68cb1a183831eba5c571627b3862c0d959de0350678
d6775820e7476dc965e478f55b07755b5ae9026c8f25b1edeab40471b7b44c39
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e827a864002a9fbf43965f6f891e6720f845a9d08f32ad9db6ea014fd056a59f
ea0080c0518733ce1dabc0a68d6974acd7a0c8dc8ab00946d46037c0dff036d5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f330fabbf5f128c6c3c6c272c72432081a95c052c21b3aa15c774c8cd9cdbdd0

funguseliminator.com Open in urlscan Pro 159.89.239.100 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

65 Requests

97 %HTTPS

41 %IPv6

26 Domains

39 Subdomains

34 IPs

9 Countries

617 kBTransfer

1702 kBSize

29 Cookies

0 Outgoing links

Page URL History

Redirected requests

65 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

funguseliminator.com Open in urlscan Pro
159.89.239.100 Public Scan

Screenshot
Live screenshot

Full Image

65
Requests

97 %
HTTPS

41 %
IPv6

26
Domains

39
Subdomains

34
IPs

9
Countries

617 kB
Transfer

1702 kB
Size

29
Cookies

65 HTTP transactions
0 data transactions