urlscan.io logo urlscan.io
SecurityTrails logo

parasiterelief.com Open in urlscan Pro
100.28.91.13  Public Scan

Go To Rescan Add Verdict Report
URL: https://parasiterelief.com/?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=492&oi...
Submission: On April 26 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 74 IPs in 11 countries across 62 domains to perform 262 HTTP transactions. The main IP is 100.28.91.13, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is parasiterelief.com.
TLS certificate: Issued by E6 on April 17th 2025. Valid for: 3 months.
This is the only time parasiterelief.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 100.28.91.13 14618 (AMAZON-AES)
1 142.250.184.202 15169 (GOOGLE)
2 34.238.57.138 14618 (AMAZON-AES)
7 172.217.18.8 15169 (GOOGLE)
2 157.240.0.6 32934 (FACEBOOK)
15 142.250.185.110 15169 (GOOGLE)
2 142.250.186.78 15169 (GOOGLE)
5 142.250.185.131 15169 (GOOGLE)
2 172.217.18.100 15169 (GOOGLE)
8 23.215.120.185 16625 (AKAMAI-AS)
1 195.181.170.19 60068 (CDN77 Dat...)
1 3.163.248.4 16509 (AMAZON-02)
5 178.250.1.8 44788 (ASN-CRITE...)
6 2.16.204.196 20940 (AKAMAI-AS...)
2 34.98.80.218 396982 (GOOGLE-CL...)
1 146.75.120.157 54113 (FASTLY)
1 13.32.23.228 16509 (AMAZON-02)
1 3.167.227.50 16509 (AMAZON-02)
2 13.107.246.45 8075 (MICROSOFT...)
1 169.150.247.36 60068 (CDN77 Dat...)
7 150.171.28.10 8075 (MICROSOFT...)
1 162.159.153.247 13335 (CLOUDFLAR...)
1 7 216.169.159.30 203690 (RTB-HOUSE...)
5 35.190.43.134 15169 (GOOGLE)
7 14 178.250.1.9 44788 (ASN-CRITE...)
4 74.119.117.16 19750 (AS-CRITEO)
2 182.161.74.16 55569 (CRITEO-AS...)
10 12 178.250.1.11 44788 (ASN-CRITE...)
1 3 216.239.34.36 15169 (GOOGLE)
1 108.177.15.155 15169 (GOOGLE)
1 172.217.16.195 15169 (GOOGLE)
2 162.159.140.229 13335 (CLOUDFLAR...)
2 172.66.0.227 13335 (CLOUDFLAR...)
1 188.42.63.49 7979 (SERVERS-COM)
1 188.42.63.48 7979 (SERVERS-COM)
1 2 142.250.186.166 15169 (GOOGLE)
4 142.250.186.162 15169 (GOOGLE)
2 4 142.250.185.198 15169 (GOOGLE)
4 216.58.206.74 15169 (GOOGLE)
1 142.250.185.161 15169 (GOOGLE)
6 3.167.226.105 16509 (AMAZON-02)
2 95.168.222.147 39392 (SuperNetw...)
1 2 34.225.110.11 14618 (AMAZON-AES)
1 74.125.163.170 15169 (GOOGLE)
1 142.250.185.246 15169 (GOOGLE)
3 172.175.234.12 8075 (MICROSOFT...)
4 54.175.159.191 14618 (AMAZON-AES)
10 16 185.89.211.116 29990 (ASN-APPNEX)
2 2 65.9.66.36 16509 (AMAZON-02)
1 1 193.0.160.131 54312 (ROCKETFUEL)
1 35.244.174.68 396982 (GOOGLE-CL...)
1 52.223.40.198 16509 (AMAZON-02)
1 1 46.228.164.13 56396 (Amobee NE...)
1 2 108.128.223.16 16509 (AMAZON-02)
1 1 34.196.252.155 14618 (AMAZON-AES)
1 134.209.162.206 14061 (DIGITALOC...)
5 35.214.136.108 19527 (GOOGLE-2)
5 142.250.185.130 15169 (GOOGLE)
1 6 104.18.27.193 13335 (CLOUDFLAR...)
5 54.72.175.61 16509 (AMAZON-02)
5 141.95.33.120 16276 (OVH OVH SAS)
5 54.72.72.193 16509 (AMAZON-02)
5 2.23.180.24 16625 (AKAMAI-AS)
5 18.185.212.71 16509 (AMAZON-02)
5 44.242.121.227 16509 (AMAZON-02)
5 70.42.32.159 22075 (AS-OUTBRAIN)
5 103.231.98.109 62713 (AS-PUBMATIC)
5 69.173.144.139 26667 (RUBICONPR...)
5 81.17.55.172 60781 (LEASEWEB-...)
5 141.226.228.48 200478 (TABOOLA-A...)
5 2.16.253.92 16625 (AKAMAI-AS)
5 3.216.100.41 14618 (AMAZON-AES)
5 76.223.111.18 16509 (AMAZON-02)
5 85.215.5.31 6786 (CRONON-BE...)
5 184.30.16.136 16625 (AKAMAI-AS)
7 12 46.228.174.117 56396 (Amobee NE...)
5 54.76.71.127 16509 (AMAZON-02)
262 74
5    100.28.91.13 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-28-91-13.compute-1.amazonaws.com
parasiterelief.com
1    142.250.184.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f10.1e100.net
fonts.googleapis.com
2    34.238.57.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-238-57-138.compute-1.amazonaws.com
secure.parasiterelief.com
7    172.217.18.8 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f8.1e100.net
www.googletagmanager.com
2    157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net
connect.facebook.net
15    142.250.185.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f14.1e100.net
www.youtube-nocookie.com
2    142.250.186.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f14.1e100.net
www.youtube.com
5    142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net
fonts.gstatic.com
2    172.217.18.100 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f100.1e100.net
www.google.com
8    23.215.120.185 (Hamburg, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-215-120-185.deploy.static.akamaitechnologies.com
s.pinimg.com
ct.pinterest.com
1    195.181.170.19 (United States)

ASN60068 (CDN77 Datacamp Limited, GB)
PTR: 610407756.fra.cdn77.com
tags.creativecdn.com
1    3.163.248.4 (United States)

ASN16509 (AMAZON-02, US)
sc-static.net
5    178.250.1.8 (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)
dynamic.criteo.com
6    2.16.204.196 (Hamburg, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a2-16-204-196.deploy.static.akamaitechnologies.com
analytics.tiktok.com
2    34.98.80.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.80.98.34.bc.googleusercontent.com
www.p8btrk.com
1    146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    13.32.23.228 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-23-228.fra56.r.cloudfront.net
d9i5ve8f04qxt.cloudfront.net
1    3.167.227.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-167-227-50.fra60.r.cloudfront.net
b-code.liadm.com
2    13.107.246.45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
1    169.150.247.36 (Frankfurt am Main, Germany)

ASN60068 (CDN77 Datacamp Limited, GB)
PTR: 169-150-247-36.bunnyinfra.net
dsp-media.eskimi.com
7    150.171.28.10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
bat.bing.net
1    162.159.153.247 (None, )

ASN13335 (CLOUDFLARENET, US)
q.quora.com
7    216.169.159.30 (United States)

ASN203690 (RTB-HOUSE-ASH RTB Marketing and Tech Services Ltd, CY)
PTR: ip-216-169-159-30.rtbhouse.net
us.creativecdn.com
5    35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com
tr.snapchat.com
tr6.snapchat.com
14    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)
sslwidget.criteo.com
dis.criteo.com
4    74.119.117.16 (United States)

ASN19750 (AS-CRITEO, US)
widget.us.criteo.com
2    182.161.74.16 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
widget.as.criteo.com
12    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)
gum.criteo.com
3    216.239.34.36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
region1.google-analytics.com
1    108.177.15.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wr-in-f155.1e100.net
stats.g.doubleclick.net
1    172.217.16.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f3.1e100.net
www.google.de
2    162.159.140.229 (None, )

ASN13335 (CLOUDFLARENET, US)
t.co
2    172.66.0.227 (United States)

ASN13335 (CLOUDFLARENET, US)
analytics.twitter.com
1    188.42.63.49 (Luxembourg)

ASN7979 (SERVERS-COM, US)
dsp-trk.eskimi.com
1    188.42.63.48 (Luxembourg)

ASN7979 (SERVERS-COM, US)
dsp-ap.eskimi.com
2    142.250.186.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net
13811400.fls.doubleclick.net
4    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
td.doubleclick.net
adservice.google.com
4    142.250.185.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f6.1e100.net
ad.doubleclick.net
4    216.58.206.74 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s08-in-f10.1e100.net
jnn-pa.googleapis.com
1    142.250.185.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f1.1e100.net
yt3.ggpht.com
6    3.167.226.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-167-226-105.fra60.r.cloudfront.net
d1pqvb2h9xgm7r.cloudfront.net
2    95.168.222.147 (Ceska Trebova, Czech Republic)

ASN39392 (SuperNetwork SH.cz s.r.o., CZ)
PTR: unn-95-168-222-147.superhosting.cz
rr8---sn-n02xgoxufvg3-2gbs.googlevideo.com
2    34.225.110.11 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-110-11.compute-1.amazonaws.com
rp.liadm.com
1    74.125.163.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s20-in-f10.1e100.net
rr5---sn-4g5lznl7.googlevideo.com
1    142.250.185.246 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f22.1e100.net
i.ytimg.com
3    172.175.234.12 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
n.clarity.ms
4    54.175.159.191 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-159-191.compute-1.amazonaws.com
i.liadm.com
16    185.89.211.116 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
2    65.9.66.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-36.fra56.r.cloudfront.net
live.rezync.com
1    193.0.160.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    35.244.174.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    46.228.164.13 (United Kingdom)

ASN56396 (Amobee NEXXEN GROUP LTD, GB)
PTR: d-ams1.turn.com
d.turn.com
2    108.128.223.16 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-223-16.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    34.196.252.155 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-252-155.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    134.209.162.206 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
service3.purehealthresearch.com
5    35.214.136.108 (Groningen, Netherlands)

ASN19527 (GOOGLE-2, US)
PTR: 108.136.214.35.bc.googleusercontent.com
x.bidswitch.net
5    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
cm.g.doubleclick.net
6    104.18.27.193 (None, )

ASN13335 (CLOUDFLARENET, US)
r.casalemedia.com
5    54.72.175.61 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-175-61.eu-west-1.compute.amazonaws.com
dpm.demdex.net
5    141.95.33.120 (Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ns3203256.ip-141-95-33.eu
id5-sync.com
5    54.72.72.193 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-72-193.eu-west-1.compute.amazonaws.com
ad.360yield.com
5    2.23.180.24 (Hamburg, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-180-24.deploy.static.akamaitechnologies.com
contextual.media.net
5    18.185.212.71 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-212-71.eu-central-1.compute.amazonaws.com
exchange.mediavine.com
5    44.242.121.227 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-242-121-227.us-west-2.compute.amazonaws.com
jadserve.postrelease.com
5    70.42.32.159 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
sync.outbrain.com
5    103.231.98.109 (Japan)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
5    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
5    81.17.55.172 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL)
rtb-csync.smartadserver.com
5    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS Taboola.com ltd, IL)
sync-t1.taboola.com
5    2.16.253.92 (Hamburg, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-253-92.deploy.static.akamaitechnologies.com
criteo-sync.teads.tv
5    3.216.100.41 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-216-100-41.compute-1.amazonaws.com
criteo-partners.tremorhub.com
5    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
5    85.215.5.31 (Germany)

ASN6786 (CRONON-BERLIN-AS Cronon GmbH, DE)
a.twiago.com
5    184.30.16.136 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-16-136.deploy.static.akamaitechnologies.com
ad.yieldlab.net
12    46.228.174.117 (United Kingdom)

ASN56396 (Amobee NEXXEN GROUP LTD, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
5    54.76.71.127 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-71-127.eu-west-1.compute.amazonaws.com
aa.agkn.com
Apex Domain
Subdomains		 Transfer
37 criteo.com
dynamic.criteo.com — Cisco Umbrella Rank: 3889
sslwidget.criteo.com — Cisco Umbrella Rank: 2510
widget.us.criteo.com — Cisco Umbrella Rank: 20166
widget.as.criteo.com — Cisco Umbrella Rank: 51826
gum.criteo.com — Cisco Umbrella Rank: 574
dis.criteo.com — Cisco Umbrella Rank: 945
166 KB
16 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 362
17 KB
15 youtube-nocookie.com
www.youtube-nocookie.com — Cisco Umbrella Rank: 4251
950 KB
14 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 227
13811400.fls.doubleclick.net
td.doubleclick.net — Cisco Umbrella Rank: 261
ad.doubleclick.net — Cisco Umbrella Rank: 190
cm.g.doubleclick.net — Cisco Umbrella Rank: 353
5 KB
8 creativecdn.com
tags.creativecdn.com — Cisco Umbrella Rank: 6621
us.creativecdn.com — Cisco Umbrella Rank: 4329
14 KB
7 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 661
2 KB
7 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 337
5 KB
7 liadm.com
b-code.liadm.com — Cisco Umbrella Rank: 4413
rp.liadm.com — Cisco Umbrella Rank: 1163
i.liadm.com — Cisco Umbrella Rank: 713
50 KB
7 cloudfront.net
d9i5ve8f04qxt.cloudfront.net
d1pqvb2h9xgm7r.cloudfront.net
24 KB
7 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 79
685 KB
7 parasiterelief.com
parasiterelief.com
secure.parasiterelief.com
300 KB
6 casalemedia.com
r.casalemedia.com — Cisco Umbrella Rank: 2693
5 KB
6 pinterest.com
ct.pinterest.com — Cisco Umbrella Rank: 1038
6 KB
6 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 846
131 KB
6 google.com
www.google.com — Cisco Umbrella Rank: 5
region1.analytics.google.com — Cisco Umbrella Rank: 4632
adservice.google.com — Cisco Umbrella Rank: 669
23 KB
5 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 741
2 KB
5 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1534
2 KB
5 yieldlab.net
ad.yieldlab.net — Cisco Umbrella Rank: 9886
1 KB
5 twiago.com
a.twiago.com — Cisco Umbrella Rank: 74630
2 KB
5 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 640
696 B
5 tremorhub.com
criteo-partners.tremorhub.com — Cisco Umbrella Rank: 4047
2 KB
5 teads.tv
criteo-sync.teads.tv — Cisco Umbrella Rank: 3934
815 B
5 taboola.com
sync-t1.taboola.com — Cisco Umbrella Rank: 2832
490 B
5 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 879
566 B
5 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 546
1 KB
5 pubmatic.com
simage2.pubmatic.com — Cisco Umbrella Rank: 1233
2 KB
5 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 1375
1 KB
5 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1219
2 KB
5 mediavine.com
exchange.mediavine.com — Cisco Umbrella Rank: 2202
4 KB
5 media.net
contextual.media.net — Cisco Umbrella Rank: 907
2 KB
5 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 980
991 B
5 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 637
5 KB
5 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 493
551 B
5 snapchat.com
tr.snapchat.com — Cisco Umbrella Rank: 954
tr6.snapchat.com — Cisco Umbrella Rank: 1192
1 KB
5 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 785
n.clarity.ms — Cisco Umbrella Rank: 5735
31 KB
5 gstatic.com
fonts.gstatic.com
126 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 76
jnn-pa.googleapis.com — Cisco Umbrella Rank: 354
48 KB
4 bing.net
bat.bing.net — Cisco Umbrella Rank: 5208
704 B
3 googlevideo.com
rr8---sn-n02xgoxufvg3-2gbs.googlevideo.com
rr5---sn-4g5lznl7.googlevideo.com — Cisco Umbrella Rank: 56455
3 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 444
18 KB
3 eskimi.com
dsp-media.eskimi.com — Cisco Umbrella Rank: 67748
dsp-trk.eskimi.com — Cisco Umbrella Rank: 58475
dsp-ap.eskimi.com — Cisco Umbrella Rank: 28089
4 KB
2 rezync.com
live.rezync.com — Cisco Umbrella Rank: 1436
3 KB
2 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 1235
2 KB
2 t.co
t.co — Cisco Umbrella Rank: 1179
1 KB
2 p8btrk.com
www.p8btrk.com
20 KB
2 pinimg.com
s.pinimg.com — Cisco Umbrella Rank: 1198
25 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 87
13 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 237
72 KB
1 purehealthresearch.com
service3.purehealthresearch.com — Cisco Umbrella Rank: 570018
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 793
1 KB
1 turn.com
d.turn.com — Cisco Umbrella Rank: 1407
416 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 486
149 B
1 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 636
98 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1031
1 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 102
15 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 260
2 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 9358
63 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3545
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 1313
16 KB
1 sc-static.net
sc-static.net — Cisco Umbrella Rank: 1216
24 KB
1 quora.com
a.quora.com Failed
q.quora.com — Cisco Umbrella Rank: 6791
306 B
0 rkdms.com Failed
mid.rkdms.com — Cisco Umbrella Rank: 2481 Failed
262 62
Domain Requested by
16 ib.adnxs.com 10 redirects parasiterelief.com
15 www.youtube-nocookie.com parasiterelief.com
www.youtube-nocookie.com
12 gum.criteo.com 10 redirects dynamic.criteo.com
gum.criteo.com
8 sslwidget.criteo.com 6 redirects dynamic.criteo.com
7 sync.1rx.io 7 redirects
7 dpm.demdex.net 1 redirects i.liadm.com
7 us.creativecdn.com 1 redirects parasiterelief.com
tags.creativecdn.com
us.creativecdn.com
7 www.googletagmanager.com parasiterelief.com
www.googletagmanager.com
6 r.casalemedia.com 1 redirects
6 dis.criteo.com 1 redirects
6 d1pqvb2h9xgm7r.cloudfront.net d9i5ve8f04qxt.cloudfront.net
6 ct.pinterest.com s.pinimg.com
6 analytics.tiktok.com parasiterelief.com
analytics.tiktok.com
5 aa.agkn.com
5 sync.targeting.unrulymedia.com
5 ad.yieldlab.net
5 a.twiago.com
5 eb2.3lift.com
5 criteo-partners.tremorhub.com
5 criteo-sync.teads.tv
5 sync-t1.taboola.com
5 rtb-csync.smartadserver.com
5 pixel.rubiconproject.com
5 simage2.pubmatic.com
5 sync.outbrain.com
5 jadserve.postrelease.com
5 exchange.mediavine.com
5 contextual.media.net
5 ad.360yield.com
5 id5-sync.com
5 cm.g.doubleclick.net
5 x.bidswitch.net
5 dynamic.criteo.com www.googletagmanager.com
5 fonts.gstatic.com fonts.googleapis.com
www.youtube-nocookie.com
5 parasiterelief.com parasiterelief.com
4 i.liadm.com b-code.liadm.com
i.liadm.com
4 jnn-pa.googleapis.com www.youtube-nocookie.com
4 bat.bing.net bat.bing.com
parasiterelief.com
4 ad.doubleclick.net 2 redirects parasiterelief.com
4 widget.us.criteo.com parasiterelief.com
4 tr.snapchat.com sc-static.net
parasiterelief.com
3 n.clarity.ms www.clarity.ms
3 bat.bing.com parasiterelief.com
bat.bing.com
2 live.rezync.com 2 redirects
2 rp.liadm.com 1 redirects parasiterelief.com
2 rr8---sn-n02xgoxufvg3-2gbs.googlevideo.com www.youtube-nocookie.com
2 adservice.google.com parasiterelief.com
13811400.fls.doubleclick.net
2 td.doubleclick.net www.googletagmanager.com
2 13811400.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 analytics.twitter.com parasiterelief.com
2 t.co parasiterelief.com
2 region1.analytics.google.com 1 redirects www.googletagmanager.com
2 widget.as.criteo.com parasiterelief.com
2 www.clarity.ms parasiterelief.com
www.clarity.ms
2 www.p8btrk.com www.googletagmanager.com
www.p8btrk.com
2 s.pinimg.com www.googletagmanager.com
s.pinimg.com
2 www.google.com www.googletagmanager.com
www.youtube-nocookie.com
2 www.youtube.com parasiterelief.com
www.youtube.com
2 connect.facebook.net parasiterelief.com
connect.facebook.net
2 secure.parasiterelief.com parasiterelief.com
secure.parasiterelief.com
1 service3.purehealthresearch.com parasiterelief.com
1 sync.srv.stackadapt.com 1 redirects
1 d.turn.com 1 redirects
1 match.adsrvr.org i.liadm.com
1 idsync.rlcdn.com i.liadm.com
1 p.rfihub.com 1 redirects
1 i.ytimg.com parasiterelief.com
1 rr5---sn-4g5lznl7.googlevideo.com www.youtube-nocookie.com
1 tr6.snapchat.com sc-static.net
1 yt3.ggpht.com www.youtube-nocookie.com
1 dsp-ap.eskimi.com dsp-media.eskimi.com
1 dsp-trk.eskimi.com dsp-media.eskimi.com
1 www.google.de parasiterelief.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.google-analytics.com parasiterelief.com
1 q.quora.com parasiterelief.com
1 dsp-media.eskimi.com parasiterelief.com
1 b-code.liadm.com www.googletagmanager.com
1 d9i5ve8f04qxt.cloudfront.net www.googletagmanager.com
1 static.ads-twitter.com parasiterelief.com
1 sc-static.net www.googletagmanager.com
1 tags.creativecdn.com www.googletagmanager.com
1 fonts.googleapis.com parasiterelief.com
0 mid.rkdms.com Failed i.liadm.com
0 a.quora.com Failed www.googletagmanager.com
262 85

This site contains no links.

Subject Issuer Validity Valid
parasiterelief.com
E6		 2025-04-17 -
2025-07-16		 3 months crt.sh
upload.video.google.com
WE2		 2025-03-31 -
2025-06-23		 3 months crt.sh
secure.parasiterelief.com
Sectigo RSA Domain Validation Secure Server CA		 2024-05-21 -
2025-06-20		 a year crt.sh
*.google-analytics.com
WE2		 2025-03-31 -
2025-06-23		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2025-02-02 -
2025-05-03		 3 months crt.sh
*.google.com
WE2		 2025-03-31 -
2025-06-23		 3 months crt.sh
*.gstatic.com
WE2		 2025-03-31 -
2025-06-23		 3 months crt.sh
*.pinterest.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-08-02 -
2025-08-07		 a year crt.sh
1589314308.rsc.cdn77.org
E6		 2025-03-05 -
2025-06-03		 3 months crt.sh
sc-static.net
Amazon RSA 2048 M03		 2024-11-20 -
2025-12-20		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2025-04-18 -
2025-07-17		 3 months crt.sh
*.tiktok.com
RapidSSL TLS ECC CA G1		 2024-07-15 -
2025-07-15		 a year crt.sh
www.p8btrk.com
WR3		 2025-03-17 -
2025-06-15		 3 months crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-06-25 -
2025-06-24		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2024-07-30 -
2025-07-03		 a year crt.sh
*.liadm.com
Amazon RSA 2048 M02		 2024-10-31 -
2025-11-28		 a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2024-09-04 -
2025-09-04		 a year crt.sh
*.eskimi.com
GeoTrust TLS RSA CA G1		 2025-02-18 -
2026-03-21		 a year crt.sh
www.bing.com
Microsoft Azure RSA TLS Issuing CA 07		 2025-03-14 -
2025-09-10		 6 months crt.sh
quora.com
WR1		 2025-03-28 -
2025-06-26		 3 months crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1		 2025-04-17 -
2026-05-02		 a year crt.sh
*.snap.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-23 -
2025-07-22		 a year crt.sh
*.g.doubleclick.net
WE2		 2025-03-31 -
2025-06-23		 3 months crt.sh
*.google.de
WE2		 2025-03-31 -
2025-06-23		 3 months crt.sh
t.co
E6		 2025-03-24 -
2025-06-22		 3 months crt.sh
twitter.com
E6		 2025-03-06 -
2025-06-04		 3 months crt.sh
*.doubleclick.net
WE2		 2025-03-31 -
2025-06-23		 3 months crt.sh
bat.bing.net
Microsoft Azure RSA TLS Issuing CA 08		 2025-04-24 -
2025-10-21		 6 months crt.sh
*.googleusercontent.com
WE2		 2025-03-31 -
2025-06-23		 3 months crt.sh
*.googlevideo.com
WR2		 2025-04-08 -
2025-06-17		 2 months crt.sh
*.c.docs.google.com
WR2		 2025-04-08 -
2025-06-17		 2 months crt.sh
edgestatic.com
WR2		 2025-03-31 -
2025-06-23		 3 months crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08		 2024-06-23 -
2025-06-18		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2025-02-21 -
2026-03-23		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2025-03-19 -
2026-04-02		 a year crt.sh
service3.purehealthresearch.com
E6		 2025-04-01 -
2025-06-30		 3 months crt.sh
*.bidswitch.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2025-04-06 -
2025-07-01		 3 months crt.sh
id5-sync.com
E5		 2025-03-01 -
2025-05-30		 3 months crt.sh
*.360yield.com
Amazon RSA 2048 M03		 2025-03-29 -
2026-04-27		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2024-10-23 -
2025-10-22		 a year crt.sh
exchange.mediavine.com
Amazon RSA 2048 M02		 2025-04-06 -
2026-05-05		 a year crt.sh
*.postrelease.com
Amazon RSA 2048 M03		 2024-07-31 -
2025-08-30		 a year crt.sh
*.outbrain.com
Thawte TLS RSA CA G1		 2024-11-13 -
2025-12-02		 a year crt.sh
*.pubmatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2025-02-19 -
2026-03-22		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2025-03-04 -
2026-04-03		 a year crt.sh
*.smartadserver.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2025-01-09 -
2026-02-09		 a year crt.sh
*.taboola.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2024-12-01 -
2025-12-31		 a year crt.sh
teads.tv
R10		 2025-02-18 -
2025-05-19		 3 months crt.sh
*.tremorhub.com
Amazon RSA 2048 M02		 2024-12-24 -
2026-01-23		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M03		 2025-02-11 -
2026-03-12		 a year crt.sh
*.twiago.com
Sectigo RSA Domain Validation Secure Server CA		 2024-12-19 -
2026-01-19		 a year crt.sh
*.yieldlab.net
DigiCert TLS RSA SHA256 2020 CA1		 2024-08-08 -
2025-08-10		 a year crt.sh
casalemedia.com
E6		 2025-04-08 -
2025-07-07		 3 months crt.sh

This page contains 17 frames:

Primary Page: https://parasiterelief.com/?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=492&oid=109&uid=389&_ef_transaction_id=d806e723fe844b28904ee28ec49ae968&n=6109
Frame ID: 44557E1B9B7CC7363EFE3E9E99C1793A
Requests: 95 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/Kdx01YmF6t8?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
Frame ID: F7B22A785AE3DC43685656EF68326FD3
Requests: 27 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/54l0/sw_iframe.html?origin=https%3A%2F%2Fparasiterelief.com
Frame ID: 78FDF07558992143569C4C86859D5D9B
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=21444b75-45eb-4207-bb22-dc5f286db86b&u_scsid=610fa600-8671-4a17-96f5-a36b5d47b519&u_sclid=ffe51cf4-6271-4e05-b8ea-e0359ad3d937
Frame ID: 26DEAB730D0928D923DD7BAF36149DC9
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=parasiterelief.com&origin=onetag
Frame ID: D8CDD06331EE56C02DE11C3DA43B6551
Requests: 2 HTTP requests in this frame

Frame: https://13811400.fls.doubleclick.net/activityi;dc_pre=CJT-1fLS9IwDFaQLVQgdqswzrA;src=13811400;type=nda;cat=cl24_00;ord=1;num=5401911911756;npa=0;auiddc=884641591.1745634400;ps=1;pcor=849949254;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KpA;gtm=45fe54n0z89138730978za201zb871036254;gcs=G111;gcd=13v3v3v2v5l1;dma_cps=syphamo;dma=1;dc_fmt=1;tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001;ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001;epver=2;~oref=https%3A%2F%2Fparasiterelief.com%2F%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dcleansevsl%26utm_campaign%3Dcleansecpa%26affid%3D492%26oid%3D109%26uid%3D389%26_ef_transaction_id%3Dd806e723fe844b28904ee28ec49ae968%26n%3D6109
Frame ID: 26F79F89D3EDC5D378EC29B023A5B829
Requests: 2 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=13811400;type=nda;cat=cl24_00;ord=1;num=5401911911756;npa=0;auiddc=884641591.1745634400;ps=1;pcor=849949254;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KpA;gtm=45fe54n0z89138730978za201zb871036254;gcs=G111;gcd=13v3v3v2v5l1;dma_cps=syphamo;dma=1;dc_fmt=9;tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001;ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001;epver=2;~oref=https%3A%2F%2Fparasiterelief.com%2F%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dcleansevsl%26utm_campaign%3Dcleansecpa%26affid%3D492%26oid%3D109%26uid%3D389%26_ef_transaction_id%3Dd806e723fe844b28904ee28ec49ae968%26n%3D6109
Frame ID: 4215986F185169040BEAC676F522752E
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=14623190;type=invmedia;cat=cl24_0;ord=2029035005556;npa=0;auiddc=884641591.1745634400;ps=1;pcor=1043501072;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KlA;gtm=45fe54n0v9186162005z89138730978za201zb871036254;gcs=G111;gcd=13v3v3v2v5l1;dma_cps=syphamo;dma=1;dc_fmt=9;tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103130495~103130497~103200001;ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001;epver=2;em=tv.1
Frame ID: DFDBDFC176762E0EADD4322B9C242CF3
Requests: 1 HTTP requests in this frame

Frame: https://i.liadm.com/sync-container?duid=2fd7b255045c--01jsqyp61h4cj5fc9n09vwr2x1&appId=b-00tu&euns=1&s=&version=v3.11.1&cd=.parasiterelief.com&pv=f3e32ad9-073b-4d0f-b814-f4c24cec0bdd
Frame ID: 449B92A673A26A0D6D99CD20323620C5
Requests: 8 HTTP requests in this frame

Frame: https://us.creativecdn.com/ig-membership?ntk=zF-Jnw1DAtSB_FK3zbiqLvZfECdz7W-kAl0_03pykBxr8YKXuJ5Upi7b1lVCWDnZQsIEdoTY3KicC9iSBZKMbnwskPJqKqIKQySEzo7tezKhvurnrM9sQNueW6Tm4CnmwN3hrsTic5l89-Zhww-Nd9UiJDfwy85shmWp1I3N6ENriOP0wX92IEGUTmlKYFUzs1tCEf9o_oQfzqvgCTp4AFL3bJBTrzYjHZvUqv9UN8nfJEqGImbTaTio6y61nVjnDzXlmRkYHlammrUAQ1wpMWx8aSbDambtAbWRdvGBCjDWmH7TE9cuOKd5mEPTU23_
Frame ID: 39C4C13781F44F007DD80584E4F0F50E
Requests: 2 HTTP requests in this frame

Frame: https://us.creativecdn.com/topics-membership?ntk=0n7np3QkR2uWERG0yBm8HrR7npHhxu96mrEHmVKN4oS1vULeZg8b1Jl9VHKQFUlBVcJFIn4_wl0Vg0hzA4j9Nxt6ki-0PMryqg9CTMxif-qZRmCkO2AJb8LOKXhOTG97MjBedZ7ukCIN4E9bXKtdC1NeIWZFlUZ_oi_o1EeBcNhcOO6gdLa7-dvRtTlMiuDyCRS5GKlThIMUHvCdmru8W4cXUu1H3-zYx3L8XLTktWVLqwUvMZ1D9T22ADusefjGyynd9zXhuXeSW8pY5uXky9CRS7nt8wMnwo-zjupKsDkTqztWypb5I8rFcetQofYy
Frame ID: 165A39A7B108EE79C9B751F9FD3E31CD
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 9D4392103A38E9612073471093A1DC77
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-nTeb2bgHgUBNq0-DFptC70U7DOV3QWON4zbwqQ&expires=30
Frame ID: 2586A7F52AAF8B2226C3D068D50E4E7F
Requests: 23 HTTP requests in this frame

Frame: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-nTeb2bgHgUBNq0-DFptC70U7DOV3QWON4zbwqQ&expires=30
Frame ID: 703BC1168D0B7F72BECEF2D1B9174965
Requests: 23 HTTP requests in this frame

Frame: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-nTeb2bgHgUBNq0-DFptC70U7DOV3QWON4zbwqQ&expires=30
Frame ID: 0C650476F881270E6967C2CF52B292A0
Requests: 23 HTTP requests in this frame

Frame: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-nTeb2bgHgUBNq0-DFptC70U7DOV3QWON4zbwqQ&expires=30
Frame ID: EE14944DFF4FC9FA75D1E4675E7030CE
Requests: 23 HTTP requests in this frame

Frame: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-nTeb2bgHgUBNq0-DFptC70U7DOV3QWON4zbwqQ&expires=30
Frame ID: 2435390BD27324E9A8679B8C0649698C
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Cleanse24

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

262
Requests

85 %
HTTPS

0 %
IPv6

62
Domains

85
Subdomains

74
IPs

11
Countries

2805 kB
Transfer

8403 kB
Size

101
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43
  • https://us.creativecdn.com/tags/v2?type=json HTTP 307
  • https://us.creativecdn.com/tags/v2?type=json&tc=1
Request Chain 50
  • https://sslwidget.criteo.com/event?a=%5B116560%5D&v=5.37.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh%26tms%3DCriteo%2520GTM%2520Enhanced%2520(Retail)%2520(GA4)%2520-%2520v14&tld=parasiterelief.com&dy=1&fu=https%253A%252F%252Fparasiterelief.com%252F%253Futm_source%253Dcpa%2526utm_medium%253Daffiliate%2526utm_content%253Dcleansevsl%2526utm_campaign%253Dcleansecpa%2526affid%253D492%2526oid%253D109%2526uid%253D389%2526_ef_transaction_id%253Dd806e723fe844b28904ee28ec49ae968%2526n%253D6109&ceid=c06fd6dd-df6b-47e7-ad3c-f37a24d1b1e7 HTTP 302
  • https://widget.us.criteo.com/event?a=%5B116560%5D&v=5.37.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh%26tms%3DCriteo%2520GTM%2520Enhanced%2520(Retail)%2520(GA4)%2520-%2520v14&tld=parasiterelief.com&dy=1&fu=https%253A%252F%252Fparasiterelief.com%252F%253Futm_source%253Dcpa%2526utm_medium%253Daffiliate%2526utm_content%253Dcleansevsl%2526utm_campaign%253Dcleansecpa%2526affid%253D492%2526oid%253D109%2526uid%253D389%2526_ef_transaction_id%253Dd806e723fe844b28904ee28ec49ae968%2526n%253D6109&ceid=c06fd6dd-df6b-47e7-ad3c-f37a24d1b1e7
Request Chain 51
  • https://sslwidget.criteo.com/event?a=%5B116560%5D&v=5.37.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26tms%3DCriteo%2520GTM%2520Enhanced%2520(Retail)%2520(GA4)%2520-%2520v14%26av%3Dtrue%26p%3D1&tld=parasiterelief.com&dy=1&fu=https%253A%252F%252Fparasiterelief.com%252F%253Futm_source%253Dcpa%2526utm_medium%253Daffiliate%2526utm_content%253Dcleansevsl%2526utm_campaign%253Dcleansecpa%2526affid%253D492%2526oid%253D109%2526uid%253D389%2526_ef_transaction_id%253Dd806e723fe844b28904ee28ec49ae968%2526n%253D6109&ceid=3238149b-f4da-4bde-9a93-5c65d364fdcf HTTP 302
  • https://widget.us.criteo.com/event?a=%5B116560%5D&v=5.37.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26tms%3DCriteo%2520GTM%2520Enhanced%2520(Retail)%2520(GA4)%2520-%2520v14%26av%3Dtrue%26p%3D1&tld=parasiterelief.com&dy=1&fu=https%253A%252F%252Fparasiterelief.com%252F%253Futm_source%253Dcpa%2526utm_medium%253Daffiliate%2526utm_content%253Dcleansevsl%2526utm_campaign%253Dcleansecpa%2526affid%253D492%2526oid%253D109%2526uid%253D389%2526_ef_transaction_id%253Dd806e723fe844b28904ee28ec49ae968%2526n%253D6109&ceid=3238149b-f4da-4bde-9a93-5c65d364fdcf
Request Chain 52
  • https://sslwidget.criteo.com/event?a=%5B116947%5D&v=5.37.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh%26tms%3DCriteo%2520GTM%2520Enhanced%2520(Retail)%2520(GA4)%2520-%2520v14&tld=parasiterelief.com&dy=1&fu=https%253A%252F%252Fparasiterelief.com%252F%253Futm_source%253Dcpa%2526utm_medium%253Daffiliate%2526utm_content%253Dcleansevsl%2526utm_campaign%253Dcleansecpa%2526affid%253D492%2526oid%253D109%2526uid%253D389%2526_ef_transaction_id%253Dd806e723fe844b28904ee28ec49ae968%2526n%253D6109&ceid=dbc16ebb-9183-4160-97b1-f4c15e3433e1 HTTP 302
  • https://widget.as.criteo.com/event?a=%5B116947%5D&v=5.37.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh%26tms%3DCriteo%2520GTM%2520Enhanced%2520(Retail)%2520(GA4)%2520-%2520v14&tld=parasiterelief.com&dy=1&fu=https%253A%252F%252Fparasiterelief.com%252F%253Futm_source%253Dcpa%2526utm_medium%253Daffiliate%2526utm_content%253Dcleansevsl%2526utm_campaign%253Dcleansecpa%2526affid%253D492%2526oid%253D109%2526uid%253D389%2526_ef_transaction_id%253Dd806e723fe844b28904ee28ec49ae968%2526n%253D6109&ceid=dbc16ebb-9183-4160-97b1-f4c15e3433e1
Request Chain 53
  • https://sslwidget.criteo.com/event?a=%5B116947%5D&v=5.37.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26tms%3DCriteo%2520GTM%2520Enhanced%2520(Retail)%2520(GA4)%2520-%2520v14%26av%3Dtrue%26p%3D1&tld=parasiterelief.com&dy=1&fu=https%253A%252F%252Fparasiterelief.com%252F%253Futm_source%253Dcpa%2526utm_medium%253Daffiliate%2526utm_content%253Dcleansevsl%2526utm_campaign%253Dcleansecpa%2526affid%253D492%2526oid%253D109%2526uid%253D389%2526_ef_transaction_id%253Dd806e723fe844b28904ee28ec49ae968%2526n%253D6109&ceid=df0273ef-a913-415d-bf4e-815d716229dd HTTP 302
  • https://widget.as.criteo.com/event?a=%5B116947%5D&v=5.37.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26tms%3DCriteo%2520GTM%2520Enhanced%2520(Retail)%2520(GA4)%2520-%2520v14%26av%3Dtrue%26p%3D1&tld=parasiterelief.com&dy=1&fu=https%253A%252F%252Fparasiterelief.com%252F%253Futm_source%253Dcpa%2526utm_medium%253Daffiliate%2526utm_content%253Dcleansevsl%2526utm_campaign%253Dcleansecpa%2526affid%253D492%2526oid%253D109%2526uid%253D389%2526_ef_transaction_id%253Dd806e723fe844b28904ee28ec49ae968%2526n%253D6109&ceid=df0273ef-a913-415d-bf4e-815d716229dd
Request Chain 54
  • https://sslwidget.criteo.com/event?a=%5B107998%2C118448%5D&v=5.37.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh%26tms%3DCriteo%2520GTM%2520Enhanced%2520(Retail)%2520(GA4)%2520-%2520v14&tld=parasiterelief.com&dy=1&fu=https%253A%252F%252Fparasiterelief.com%252F%253Futm_source%253Dcpa%2526utm_medium%253Daffiliate%2526utm_content%253Dcleansevsl%2526utm_campaign%253Dcleansecpa%2526affid%253D492%2526oid%253D109%2526uid%253D389%2526_ef_transaction_id%253Dd806e723fe844b28904ee28ec49ae968%2526n%253D6109&ceid=2ba0e189-99ce-4060-a5bd-4472bdafcf7d HTTP 302
  • https://widget.us.criteo.com/event?a=%5B107998%2C118448%5D&v=5.37.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh%26tms%3DCriteo%2520GTM%2520Enhanced%2520(Retail)%2520(GA4)%2520-%2520v14&tld=parasiterelief.com&dy=1&fu=https%253A%252F%252Fparasiterelief.com%252F%253Futm_source%253Dcpa%2526utm_medium%253Daffiliate%2526utm_content%253Dcleansevsl%2526utm_campaign%253Dcleansecpa%2526affid%253D492%2526oid%253D109%2526uid%253D389%2526_ef_transaction_id%253Dd806e723fe844b28904ee28ec49ae968%2526n%253D6109&ceid=2ba0e189-99ce-4060-a5bd-4472bdafcf7d
Request Chain 55
  • https://sslwidget.criteo.com/event?a=%5B107998%2C118448%5D&v=5.37.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26tms%3DCriteo%2520GTM%2520Enhanced%2520(Retail)%2520(GA4)%2520-%2520v14%26av%3Dtrue%26p%3D1&p2=e%3Ddis%26a%3D%255B116561%252C116560%252C116947%252C107998%252C118448%255D&tld=parasiterelief.com&dy=1&fu=https%253A%252F%252Fparasiterelief.com%252F%253Futm_source%253Dcpa%2526utm_medium%253Daffiliate%2526utm_content%253Dcleansevsl%2526utm_campaign%253Dcleansecpa%2526affid%253D492%2526oid%253D109%2526uid%253D389%2526_ef_transaction_id%253Dd806e723fe844b28904ee28ec49ae968%2526n%253D6109&ceid=073771fe-8d6f-4379-88c1-2ceb0e7e74ce HTTP 302
  • https://widget.us.criteo.com/event?a=%5B107998%2C118448%5D&v=5.37.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26tms%3DCriteo%2520GTM%2520Enhanced%2520(Retail)%2520(GA4)%2520-%2520v14%26av%3Dtrue%26p%3D1&p2=e%3Ddis%26a%3D%255B116561%252C116560%252C116947%252C107998%252C118448%255D&tld=parasiterelief.com&dy=1&fu=https%253A%252F%252Fparasiterelief.com%252F%253Futm_source%253Dcpa%2526utm_medium%253Daffiliate%2526utm_content%253Dcleansevsl%2526utm_campaign%253Dcleansecpa%2526affid%253D492%2526oid%253D109%2526uid%253D389%2526_ef_transaction_id%253Dd806e723fe844b28904ee28ec49ae968%2526n%253D6109&ceid=073771fe-8d6f-4379-88c1-2ceb0e7e74ce
Request Chain 59
  • https://region1.analytics.google.com/g/collect?v=2&tid=G-SSVM2TL5G6&gtm=45je54n0v871036254z89138730978za200zb9138730978&_p=1745634399773&_gaz=1&gcs=G111&gcd=13v3v3v2v5l1&npa=0&dma_cps=syphamo&dma=1&tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004&ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&cid=1433402319.1745634400&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1745634400&sct=1&seg=0&dl=https%3A%2F%2Fparasiterelief.com%2F%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dcleansevsl%26utm_campaign%3Dcleansecpa%26affid%3D492%26oid%3D109%26uid%3D389%26_ef_transaction_id%3Dd806e723fe844b28904ee28ec49ae968%26n%3D6109&dt=Cleanse24&_tu=CA&en=page_view&_fv=1&_nsi=1&_ss=1&_c=1&tfd=829 HTTP 302
  • https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1433402319.1745634400&dbk=15616854594865418976&dma=1&dma_cps=syphamo&en=page_view&gcs=G111&gtm=45je54n0v871036254z89138730978za200zb9138730978&npa=0&tid=G-SSVM2TL5G6&dl=https%3A%2F%2Fparasiterelief.com%3F
Request Chain 74
  • https://13811400.fls.doubleclick.net/activityi;src=13811400;type=nda;cat=cl24_00;ord=1;num=5401911911756;npa=0;auiddc=884641591.1745634400;ps=1;pcor=849949254;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KpA;gtm=45fe54n0z89138730978za201zb871036254;gcs=G111;gcd=13v3v3v2v5l1;dma_cps=syphamo;dma=1;dc_fmt=1;tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001;ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001;epver=2;~oref=https%3A%2F%2Fparasiterelief.com%2F%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dcleansevsl%26utm_campaign%3Dcleansecpa%26affid%3D492%26oid%3D109%26uid%3D389%26_ef_transaction_id%3Dd806e723fe844b28904ee28ec49ae968%26n%3D6109 HTTP 302
  • https://13811400.fls.doubleclick.net/activityi;dc_pre=CJT-1fLS9IwDFaQLVQgdqswzrA;src=13811400;type=nda;cat=cl24_00;ord=1;num=5401911911756;npa=0;auiddc=884641591.1745634400;ps=1;pcor=849949254;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KpA;gtm=45fe54n0z89138730978za201zb871036254;gcs=G111;gcd=13v3v3v2v5l1;dma_cps=syphamo;dma=1;dc_fmt=1;tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001;ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001;epver=2;~oref=https%3A%2F%2Fparasiterelief.com%2F%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dcleansevsl%26utm_campaign%3Dcleansecpa%26affid%3D492%26oid%3D109%26uid%3D389%26_ef_transaction_id%3Dd806e723fe844b28904ee28ec49ae968%26n%3D6109
Request Chain 78
  • https://ad.doubleclick.net/activity;src=14623190;type=invmedia;cat=cl24_0;ord=2029035005556;npa=0;auiddc=884641591.1745634400;ps=1;pcor=1043501072;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KlA;gtm=45fe54n0v9186162005z89138730978za201zb871036254;gcs=G111;gcd=13v3v3v2v5l1;dma_cps=syphamo;dma=1;dc_fmt=5;tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103130495~103130497~103200001;ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001;epver=2;em=tv.1 HTTP 302
  • https://ad.doubleclick.net/activity;dc_pre=CO6H1fLS9IwDFSgNogMdb5MARg;src=14623190;type=invmedia;cat=cl24_0;ord=2029035005556;npa=0;auiddc=884641591.1745634400;ps=1;pcor=1043501072;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KlA;gtm=45fe54n0v9186162005z89138730978za201zb871036254;gcs=G111;gcd=13v3v3v2v5l1;dma_cps=syphamo;dma=1;dc_fmt=5;tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103130495~103130497~103200001;ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001;epver=2;em=tv.1 HTTP 302
  • https://adservice.google.com/ddm/fls/z/dc_pre=CO6H1fLS9IwDFSgNogMdb5MARg;src=14623190;type=invmedia;cat=cl24_0;ord=2029035005556;npa=0;auiddc=*;ps=1;pcor=1043501072;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KlA;gtm=45fe54n0v9186162005z89138730978za201zb871036254;gcs=G111;gcd=13v3v3v2v5l1;dma_cps=syphamo;dma=1;dc_fmt=5;tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103130495~103130497~103200001;ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001;epver=2;em=tv.*
Request Chain 110
  • https://rp.liadm.com/j?dtstmp=1745634400467&aid=b-00tu&se=e30&duid=2fd7b255045c--01jsqyp61h4cj5fc9n09vwr2x1&tv=v3.11.1&pu=https%3A%2F%2Fparasiterelief.com%2F%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dcleansevsl%26utm_campaign%3Dcleansecpa%26affid%3D492%26oid%3D109%26uid%3D389%26_ef_transaction_id%3Dd806e723fe844b28904ee28ec49ae968%26n%3D6109&wpn=lc-bundle&wpv=v3.11.1&cd=.parasiterelief.com&pv=f3e32ad9-073b-4d0f-b814-f4c24cec0bdd HTTP 302
  • https://rp.liadm.com/j?dtstmp=1745634400467&aid=b-00tu&se=e30&duid=2fd7b255045c--01jsqyp61h4cj5fc9n09vwr2x1&tv=v3.11.1&pu=https%3A%2F%2Fparasiterelief.com%2F%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dcleansevsl%26utm_campaign%3Dcleansecpa%26affid%3D492%26oid%3D109%26uid%3D389%26_ef_transaction_id%3Dd806e723fe844b28904ee28ec49ae968%26n%3D6109&wpn=lc-bundle&wpv=v3.11.1&cd=.parasiterelief.com&pv=f3e32ad9-073b-4d0f-b814-f4c24cec0bdd&n3pc=true
Request Chain 130
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid= HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=7a3e7b6d-ee01-4b84-9e26-88a16df76519%3A1745634401.1291068&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D7a3e7b6d-ee01-4b84-9e26-88a16df76519%253A1745634401.1291068%26_%3D1745634401.1316233&cb=1745634401.1316495 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5133329535650266858&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D7a3e7b6d-ee01-4b84-9e26-88a16df76519%253A1745634401.1291068%26_%3D1745634401.1316233 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=7a3e7b6d-ee01-4b84-9e26-88a16df76519%3A1745634401.1291068&_=1745634401.1316233
Request Chain 132
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D HTTP 302
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=8452463706568119056
Request Chain 133
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@ HTTP 302
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-nP8h87gHgUBNq0-DFptC70U7DOUmsW9Rpixhrw
Request Chain 134
  • https://dpm.demdex.net/ibs:dpid=127444&dpuuid= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=
Request Chain 135
  • https://mid.rkdms.com/bct?pid=bcccb40a-06d2-44fe-bdd2-a91ef4a5bfd0&&puid=&liid=&_ct=im HTTP 302
  • https://mid.rkdms.com/restricted
Request Chain 136
  • https://sync.srv.stackadapt.com/sync?nid=307 HTTP 302
  • https://i.liadm.com/s/89249?bidder_id=246504&bidder_uuid=YzobK5prWdZEUeQ_XfYdH5VYGKs
Request Chain 145
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3271248601939601312
Request Chain 146
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-iEu4zbgHgUBNq0-DFptC70U7DOWEP4Jj1qQX2A HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-iEu4zbgHgUBNq0-DFptC70U7DOWEP4Jj1qQX2A&C=1
Request Chain 147
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=2PwfBl9DaWlsMTE0b1RxWjJ0SWZKTnpkMWNGbjFWa29kUWFUNmhUT3NGTGRWNlBJJTNE
Request Chain 163
  • https://sync.1rx.io/usersync/criteodsp/k-ej1DergHgUBNq0-DFptC70U7DOXYSbVzTdOrLw HTTP 302
  • https://sync.1rx.io/usersync/criteodsp/k-ej1DergHgUBNq0-DFptC70U7DOXYSbVzTdOrLw?zcc=1&cb=1745634401951 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-d0df86cb-2e84-401d-86c9-f89a1d93294a-003
Request Chain 166
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1004548486623423888
Request Chain 168
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=2vclC19DaWlsMTE0b1RxWjJ0SWZKTnpkMWNIOGJqMG5pb2dGQXpxeHFDVVp4MDVNJTNE
Request Chain 184
  • https://sync.1rx.io/usersync/criteodsp/k-ej1DergHgUBNq0-DFptC70U7DOXYSbVzTdOrLw HTTP 302
  • https://sync.1rx.io/usersync/criteodsp/k-ej1DergHgUBNq0-DFptC70U7DOXYSbVzTdOrLw?zcc=1&cb=1745634402049 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-0b380fe6-192d-48f5-bd67-83ebd38466c3-003
Request Chain 187
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6050467209683081109
Request Chain 189
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=cODESF9DaWlsMTE0b1RxWjJ0SWZKTnpkMWNCQU14MnJkUENTWld0OXZHczJQTUJNJTNE
Request Chain 205
  • https://sync.1rx.io/usersync/criteodsp/k-ej1DergHgUBNq0-DFptC70U7DOXYSbVzTdOrLw HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-d0df86cb-2e84-401d-86c9-f89a1d93294a-003
Request Chain 208
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8054633381625834642
Request Chain 210
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=hUIssl9DaWlsMTE0b1RxWjJ0SWZKTnpkMWNKcDhRd3VaR05UNUFmaU1QaG9ldWlzJTNE
Request Chain 226
  • https://sync.1rx.io/usersync/criteodsp/k-ej1DergHgUBNq0-DFptC70U7DOXYSbVzTdOrLw HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-0b380fe6-192d-48f5-bd67-83ebd38466c3-003
Request Chain 229
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4263765338744639494
Request Chain 231
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=9MrHsl9DaWlsMTE0b1RxWjJ0SWZKTnpkMWNFbGQ0b0lZJTJCeWgzY0JRSnpQNTBVMFElM0Q
Request Chain 247
  • https://sync.1rx.io/usersync/criteodsp/k-ej1DergHgUBNq0-DFptC70U7DOXYSbVzTdOrLw HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-0b380fe6-192d-48f5-bd67-83ebd38466c3-003
Request Chain 253
  • https://gum.criteo.com/sync?c=9&r=1&a=1&u=https%3A%2F%2Faa.agkn.com%2Fadscores%2Fg.pixel%3Fsid%3D9212273938%26ct%3D%40USERID%40 HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=NKvlH19DaWlsMTE0b1RxWjJ0SWZKTnpkMWNJZEtUcXhRMklXaExheE9aMVklMkJaZ1UlM0Q
Request Chain 254
  • https://gum.criteo.com/sync?c=9&r=1&a=1&u=https%3A%2F%2Faa.agkn.com%2Fadscores%2Fg.pixel%3Fsid%3D9212273938%26ct%3D%40USERID%40 HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=ygXY-l9DaWlsMTE0b1RxWjJ0SWZKTnpkMWNKa1FRSTdCa2d5T1ZRTHZESVN6U01jJTNE
Request Chain 256
  • https://gum.criteo.com/sync?c=9&r=1&a=1&u=https%3A%2F%2Faa.agkn.com%2Fadscores%2Fg.pixel%3Fsid%3D9212273938%26ct%3D%40USERID%40 HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=BFpiwl9DaWlsMTE0b1RxWjJ0SWZKTnpkMWNQcEYyUkNFUEF2Q0ROVWs2T1FoYmE0JTNE
Request Chain 257
  • https://gum.criteo.com/sync?c=9&r=1&a=1&u=https%3A%2F%2Faa.agkn.com%2Fadscores%2Fg.pixel%3Fsid%3D9212273938%26ct%3D%40USERID%40 HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=aWqf6V9DaWlsMTE0b1RxWjJ0SWZKTnpkMWNJc3U1VkxLa1Z2Y01BZVE5N0d3YnBRJTNE
Request Chain 258
  • https://gum.criteo.com/sync?c=9&r=1&a=1&u=https%3A%2F%2Faa.agkn.com%2Fadscores%2Fg.pixel%3Fsid%3D9212273938%26ct%3D%40USERID%40 HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=r9KaJ19DaWlsMTE0b1RxWjJ0SWZKTnpkMWNHUUpxRkNiWjQ1QmxQZGx4azUwTEc0JTNE

262 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
parasiterelief.com/ 		49 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://parasiterelief.com/?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=492&oid=109&uid=389&_ef_transaction_id=d806e723fe844b28904ee28ec49ae968&n=6109
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
100.28.91.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-28-91-13.compute-1.amazonaws.com
Software
nginx / Express
Resource Hash
20c945dd45453f8119a64d82799d8571eabcced2774eb191ef7bbebdc98f9fe1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Sat, 26 Apr 2025 02:26:39 GMT
ETag
W/"c2b7-SzMRq49q1RQVFZubourP5GdGHdU"
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Powered-By
Express
css2
fonts.googleapis.com/ 		41 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Libre+Baskerville:ital,wght@0,400;0,700;1,400&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,700&display=swap
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=492&oid=109&uid=389&_ef_transaction_id=d806e723fe844b28904ee28ec49ae968&n=6109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f10.1e100.net
Software
ESF /
Resource Hash
ca90cdeec52fa19974c76902451e5341f30853d59d2e14fcc327cfc80cfb2253
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sat, 26 Apr 2025 02:26:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 26 Apr 2025 02:26:39 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sat, 26 Apr 2025 02:26:39 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
play-img-d.gif
parasiterelief.com/img/video/ 		216 KB
216 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://parasiterelief.com/img/video/play-img-d.gif
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=492&oid=109&uid=389&_ef_transaction_id=d806e723fe844b28904ee28ec49ae968&n=6109
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
100.28.91.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-28-91-13.compute-1.amazonaws.com
Software
nginx / Express
Resource Hash
405f97b29f07e51f3eeca509f0fcad555a687da609a979fab7d478cb374dd95a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=492&oid=109&uid=389&_ef_transaction_id=d806e723fe844b28904ee28ec49ae968&n=6109

Response headers

Cache-Control
public, max-age=0
ETag
W/"35efa-18aad29b1d3"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
220922
Date
Sat, 26 Apr 2025 02:26:39 GMT
Content-Type
image/gif
X-Powered-By
Express
Server
nginx
Last-Modified
Tue, 19 Sep 2023 11:18:25 GMT
UCAffiliateNetworkPixel
secure.parasiterelief.com/cgi-bin/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.parasiterelief.com/cgi-bin/UCAffiliateNetworkPixel
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=492&oid=109&uid=389&_ef_transaction_id=d806e723fe844b28904ee28ec49ae968&n=6109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.238.57.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-57-138.compute-1.amazonaws.com
Software
Apache /
Resource Hash
2a926bde4bb093f62a3297465dd48e0447f5687f36a8a4dcffce2e83a6254e04
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
content-length
855
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Sat, 26 Apr 2025 02:26:40 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
server
Apache
gtm.js
www.googletagmanager.com/ 		510 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NJWJSDLX
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=492&oid=109&uid=389&_ef_transaction_id=d806e723fe844b28904ee28ec49ae968&n=6109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
634911f7bbbfcc81630dedae58254734198bab073943f1c7fb725311e1104270
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

content-encoding
br
report-to
{"group":"ascgcycc:1310:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1310:0"}],}
expires
Sat, 26 Apr 2025 02:26:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 26 Apr 2025 02:26:39 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Sat, 26 Apr 2025 00:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1310:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=ascgcycc:1310:0
content-length
147425
x-xss-protection
0
server
Google Tag Manager
fbevents.js
connect.facebook.net/en_US/ 		271 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=492&oid=109&uid=389&_ef_transaction_id=d806e723fe844b28904ee28ec49ae968&n=6109
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
c9826309b452d120fd6d1cfc0cf457b923024f39d7098265a4c5e1e27d6a96e7
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;script-src data: 'nonce-tWtI7Qyq' *.facebook.com *.fbcdn.net *.facebook.net blob: 'self';style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com *.cdninstagram.com;font-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;img-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;media-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;child-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;frame-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;manifest-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;object-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;worker-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 26 Apr 2025 02:26:39 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;script-src data: 'nonce-tWtI7Qyq' *.facebook.com *.fbcdn.net *.facebook.net blob: 'self';style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com *.cdninstagram.com;font-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;img-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;media-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;child-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;frame-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;manifest-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;object-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;worker-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4820, tp=9, tpl=0, uplat=1, ullat=-1
pragma
public
x-fb-debug
JqDH5gWuC26EMkymdGDSs6s2PS7el2vOcT+hjrdz72/Bfrgk4bSoBgy/AQQhJdUgp6oTOV4pNp1rhuGC2QRx/Q==
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
default-src 'self' blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;script-src 'nonce-tWtI7Qyq' 'report-sample' *.facebook.com *.fbcdn.net *.facebook.net blob: 'self' data:;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com *.cdninstagram.com;font-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;img-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;media-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;child-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;frame-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;manifest-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;object-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;worker-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
69961
x-xss-protection
0
origin-agent-cluster
?1
Kdx01YmF6t8
www.youtube-nocookie.com/embed/ Frame F7B2 		100 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/embed/Kdx01YmF6t8?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=492&oid=109&uid=389&_ef_transaction_id=d806e723fe844b28904ee28ec49ae968&n=6109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f14.1e100.net
Software
ESF /
Resource Hash
06143eedcd4f9c6a6a7a8709abda840f06f8f9fec4fe643df1e4730e85f3514d
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://parasiterelief.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-security-policy
require-trusted-types-for 'script'
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="YOUTUBE_NOCOOKIE_DOMAIN"
cross-origin-resource-policy
cross-origin
date
Sat, 26 Apr 2025 02:26:39 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AsnbWYr3bqK88n/C2BgXPMpBC+msV4jf6vsgnAir+gFnHw3zXZEKmz271E4vhxTja+7SD2q3dr2BxZlHzvj9HA0AAACBeyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUtbm9jb29raWUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"YOUTUBE_NOCOOKIE_DOMAIN","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/YOUTUBE_NOCOOKIE_DOMAIN"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
iframe_api
www.youtube.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=492&oid=109&uid=389&_ef_transaction_id=d806e723fe844b28904ee28ec49ae968&n=6109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f14.1e100.net
Software
ESF /
Resource Hash
106d82c3325d9bced5cea1fa654c707e94e9f7790eedd8b4c7b312e0cda024b1
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

content-encoding
br
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
x-content-type-options
nosniff
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
expires
Sat, 26 Apr 2025 02:26:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
date
Sat, 26 Apr 2025 02:26:39 GMT
content-type
text/javascript; charset=utf-8
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
content-security-policy
require-trusted-types-for 'script'
cache-control
private, max-age=0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
x-xss-protection
0
server
ESF
kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2
fonts.gstatic.com/s/librebaskerville/v16/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/librebaskerville/v16/kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Libre+Baskerville:ital,wght@0,400;0,700;1,400&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
79ab52ce2f8125c16dcdd9dc05415aeee02f633607022a9a90a92a91bb767c63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin
https://parasiterelief.com
Referer
https://fonts.googleapis.com/

Response headers

age
190205
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 23 Apr 2026 21:36:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 23 Apr 2025 21:36:34 GMT
last-modified
Wed, 23 Apr 2025 15:40:50 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
28300
x-xss-protection
0
server
sffe
KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
fonts.gstatic.com/s/roboto/v47/ 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Libre+Baskerville:ital,wght@0,400;0,700;1,400&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin
https://parasiterelief.com
Referer
https://fonts.googleapis.com/

Response headers

age
326097
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 22 Apr 2026 07:51:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Apr 2025 07:51:42 GMT
last-modified
Wed, 08 Jan 2025 18:23:10 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
40128
x-xss-protection
0
server
sffe
kmKiZrc3Hgbbcjq75U4uslyuy4kn0qviTgY3KcA.woff2
fonts.gstatic.com/s/librebaskerville/v16/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/librebaskerville/v16/kmKiZrc3Hgbbcjq75U4uslyuy4kn0qviTgY3KcA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Libre+Baskerville:ital,wght@0,400;0,700;1,400&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
3efc71c659cfeabad814a119386ca397e6e3a143f53e02555719b70c02657cf1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin
https://parasiterelief.com
Referer
https://fonts.googleapis.com/

Response headers

age
190171
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 23 Apr 2026 21:37:08 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 23 Apr 2025 21:37:08 GMT
last-modified
Wed, 23 Apr 2025 15:41:02 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
29128
x-xss-protection
0
server
sffe
lisa-king-d.png
parasiterelief.com/img/featured-on/king/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://parasiterelief.com/img/featured-on/king/lisa-king-d.png
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=492&oid=109&uid=389&_ef_transaction_id=d806e723fe844b28904ee28ec49ae968&n=6109
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
100.28.91.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-28-91-13.compute-1.amazonaws.com
Software
nginx / Express
Resource Hash
d86dc3454bdf2110a74e7ba300b641a0700839347df9e6d08232dbbcde4fcde4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=492&oid=109&uid=389&_ef_transaction_id=d806e723fe844b28904ee28ec49ae968&n=6109

Response headers

Cache-Control
public, max-age=0
ETag
W/"f6d8-18e4135a87d"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
63192
Date
Sat, 26 Apr 2025 02:26:40 GMT
Content-Type
image/png
X-Powered-By
Express
Server
nginx
Last-Modified
Fri, 15 Mar 2024 08:23:39 GMT
featured-logo-d.svg
parasiterelief.com/img/featured-on/king/ 		8 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://parasiterelief.com/img/featured-on/king/featured-logo-d.svg
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=492&oid=109&uid=389&_ef_transaction_id=d806e723fe844b28904ee28ec49ae968&n=6109
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
100.28.91.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-28-91-13.compute-1.amazonaws.com
Software
nginx / Express
Resource Hash
3bb5fdf2030456fac4167dd69ab5137a70fd2bbf29931859454ead1057cb0a71

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=492&oid=109&uid=389&_ef_transaction_id=d806e723fe844b28904ee28ec49ae968&n=6109

Response headers

Transfer-Encoding
chunked
Cache-Control
public, max-age=0
Content-Encoding
gzip
ETag
W/"1e33-18a9414c193"
Connection
keep-alive
Date
Sat, 26 Apr 2025 02:26:40 GMT
Content-Type
image/svg+xml
Vary
Accept-Encoding
Server
nginx
Last-Modified
Thu, 14 Sep 2023 14:25:02 GMT
X-Powered-By
Express
1564727430697990
connect.facebook.net/signals/config/ 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1564727430697990?v=2.9.199&r=stable&domain=parasiterelief.com&hme=53363064397d256bdf8f213dd9a9e18c291fc2ed691e4233e4a9e488f248f817&ex_m=73%2C128%2C113%2C117%2C64%2C5%2C106%2C72%2C18%2C100%2C92%2C53%2C57%2C182%2C203%2C210%2C206%2C207%2C209%2C31%2C107%2C55%2C80%2C208%2C177%2C180%2C204%2C205%2C190%2C139%2C43%2C195%2C192%2C193%2C36%2C152%2C17%2C52%2C199%2C198%2C141%2C20%2C42%2C1%2C45%2C68%2C69%2C70%2C74%2C96%2C19%2C16%2C99%2C95%2C94%2C114%2C54%2C116%2C41%2C115%2C32%2C97%2C28%2C178%2C181%2C149%2C13%2C14%2C15%2C7%2C8%2C27%2C24%2C25%2C60%2C65%2C67%2C78%2C56%2C105%2C108%2C29%2C79%2C11%2C9%2C83%2C50%2C23%2C110%2C109%2C111%2C102%2C12%2C22%2C3%2C40%2C77%2C21%2C161%2C89%2C135%2C49%2C48%2C101%2C76%2C0%2C98%2C59%2C87%2C35%2C30%2C85%2C86%2C91%2C39%2C6%2C93%2C84%2C46%2C34%2C37%2C90%2C4%2C88%2C248%2C175%2C126%2C164%2C157%2C2%2C38%2C66%2C44%2C112%2C47%2C82%2C71%2C118%2C63%2C62%2C33%2C103%2C61%2C58%2C51%2C81%2C75%2C26%2C104%2C10%2C119
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
1549a7df807d849f223840eaefbbaf7716e150221099b8ec102e48b18334cd43
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;script-src data: 'nonce-SCFMSjNk' *.facebook.com *.fbcdn.net *.facebook.net blob: 'self';style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com *.cdninstagram.com;font-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;img-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;media-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;child-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;frame-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;manifest-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;object-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;worker-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 26 Apr 2025 02:26:40 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;script-src data: 'nonce-SCFMSjNk' *.facebook.com *.fbcdn.net *.facebook.net blob: 'self';style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com *.cdninstagram.com;font-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;img-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;media-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;child-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;frame-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;manifest-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;object-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;worker-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=86, mss=1232, tbw=82283, tp=75, tpl=0, uplat=182, ullat=0
pragma
public
x-fb-debug
i9svEVeuDm1uHEOujt5HEL6EEAvezPvIv709qD7AP1d+rIvsaooWemK7AvlpUHuhgJgQC4hqenIy1Va7fKltEw==
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
default-src 'self' blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;script-src 'nonce-SCFMSjNk' 'report-sample' *.facebook.com *.fbcdn.net *.facebook.net blob: 'self' data:;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com *.cdninstagram.com;font-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;img-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;media-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;child-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;frame-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;manifest-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;object-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;worker-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
www-widgetapi.js
www.youtube.com/s/player/22f02d3d/www-widgetapi.vflset/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/22f02d3d/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f14.1e100.net
Software
sffe /
Resource Hash
15fce230b1703e8559fa88b5bb7ef99d51c1ec981cbbb221e3231a02877d97b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

content-encoding
br
age
8632
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options
nosniff
expires
Sun, 26 Apr 2026 00:02:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 26 Apr 2025 00:02:47 GMT
last-modified
Wed, 23 Apr 2025 04:12:28 GMT
content-type
text/javascript
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
content-length
10338
x-xss-protection
0
server
sffe
collect
www.google.com/ccm/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fparasiterelief.com%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=519826484.1745634400&dt=Cleanse24&auid=884641591.1745634400&navt=n&npa=0&_tu=CA&gtm=45He54n0v9138730978za200&gcs=G111&gcd=13v3v3v2v5l1&dma_cps=syphamo&dma=1&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&tft=1745634399942&tfd=656&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJWJSDLX
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f100.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers
js
www.googletagmanager.com/gtag/ 		461 KB
147 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-SSVM2TL5G6&l=dataLayer&cx=c&gtm=45He54n0v9138730978za200&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJWJSDLX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
f334e0f736a0e1375dbb6b1301d9cd6a602af3c64268167999c37cae9d0fa55b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

content-encoding
br
report-to
{"group":"ascgcycc:1068:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1068:0"}],}
expires
Sat, 26 Apr 2025 02:26:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 26 Apr 2025 02:26:39 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1068:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=ascgcycc:1068:0
content-length
149848
x-xss-protection
0
server
Google Tag Manager
core.js
s.pinimg.com/ct/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJWJSDLX
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.215.120.185 Hamburg, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-120-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4dcc63f7d8103225fdef27e536a7ef191efca98ee1c806bc1795ad1d483e235e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

access-control-max-age
86400
cache-control
max-age=7200
access-control-expose-headers
X-CDN
content-encoding
br
etag
"7992d478669b2e5a1e243ad79c6868fa"
x-cdn
akamai
access-control-allow-methods
GET
accept-ranges
bytes
alt-svc
h3=":443"; ma=600
access-control-allow-origin
*
content-length
1862
content-type
application/javascript
vary
Accept-Encoding, Origin
x-amz-server-side-encryption
AES256
qevents.js
a.quora.com/ 		0
0
EuTwXXOV4Sc7dJbpixmK.js
tags.creativecdn.com/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.creativecdn.com/EuTwXXOV4Sc7dJbpixmK.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJWJSDLX
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.170.19 , United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
610407756.fra.cdn77.com
Software
CDN77-Turbo /
Resource Hash
3ca9e609ef3f582aec6955e30de3ea1a0a33186bf6b10105d9e8391c4ba8ad21

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

x-goog-metageneration
1
x-goog-hash
crc32c=Dqq7NA==, md5=TM9Ddx5ISBq82bK8vb0n7Q==
content-encoding
gzip
etag
W/"4ccf43771e48481abcd9b2bcbdbd27ed"
x-77-cache
HIT
x-goog-stored-content-encoding
identity
expires
Mon, 07 Oct 2024 10:05:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
4724
date
Sat, 26 Apr 2025 02:26:39 GMT
content-type
application/javascript
last-modified
Mon, 07 Oct 2024 08:28:03 GMT
x-77-nzt-ray
4c1562248bb2cd325f440c68d894a03a
x-guploader-uploadid
AHmUCY0Em9w4zGmEJWRNId0UR0WGWwMe7fmGeuPGppS5rZtzw-LgQY-zjHKHo3a8Fua-FeAY7BIxZwrUTg
x-77-nzt
EgwBw7WqEQH3GAEAAAwBw7WvAgG3jgAAAA
cache-control
public, max-age=3600
vary
Accept-Encoding
x-goog-storage-class
STANDARD
x-77-pop
frankfurtDE
x-goog-generation
1728289683362046
x-77-age
280
server
CDN77-Turbo
scevent.min.js
sc-static.net/ 		56 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJWJSDLX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.163.248.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
303decce9975dcdb67c4be4347b959925851bfef174da276f5e48d55fc34a690

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

cache-control
private, s-maxage=0, max-age=600
content-encoding
gzip
via
1.1 944dc31277adc1021b0776fe818f07f6.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
24234
x-amz-cf-id
Cangts9pPHRhQd1TFa0gGrTQiH0Vcy3hMbGmUFEPgJIPf84V6-XDuQ==
date
Sat, 26 Apr 2025 02:26:39 GMT
content-type
application/javascript;charset=utf-8
x-amz-cf-pop
FRA56-P4
server
CloudFront
access-control-allow-headers
Content-Type
ld.js
dynamic.criteo.com/js/ld/ 		73 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dynamic.criteo.com/js/ld/ld.js?a=116561
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJWJSDLX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
a386b0da87f0649ef0478bc43b05a8827ba7730f480f5450dfd92f7735a44ad0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
public,max-age=10800
timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
date
Sat, 26 Apr 2025 02:26:39 GMT
content-type
application/javascript; charset=utf-8
vary
Origin, Accept-Encoding
server
Kestrel
ld.js
dynamic.criteo.com/js/ld/ 		73 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dynamic.criteo.com/js/ld/ld.js?a=116560
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJWJSDLX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
eb03366b7463331036ef4c68e80e870cbba9bdf5faa895c7d73d6e6bfdf6f5d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
public,max-age=10800
timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
date
Sat, 26 Apr 2025 02:26:39 GMT
content-type
application/javascript; charset=utf-8
vary
Origin, Accept-Encoding
server
Kestrel
ld.js
dynamic.criteo.com/js/ld/ 		73 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dynamic.criteo.com/js/ld/ld.js?a=116947
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJWJSDLX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
3c7f0e1d41363f08cfbee1612dc2e7d191295684b9611f255414481449b6f027
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
public,max-age=10800
timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
date
Sat, 26 Apr 2025 02:26:39 GMT
content-type
application/javascript; charset=utf-8
vary
Origin, Accept-Encoding
server
Kestrel
ld.js
dynamic.criteo.com/js/ld/ 		73 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dynamic.criteo.com/js/ld/ld.js?a=107998&a=118448
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJWJSDLX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
c2f87a1c825ebabd93e81bdc453bde35a564e8b1c597c071cc2cd066c3952a99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
public,max-age=10800
timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
date
Sat, 26 Apr 2025 02:26:39 GMT
content-type
application/javascript; charset=utf-8
vary
Origin, Accept-Encoding
server
Kestrel
ld.js
dynamic.criteo.com/js/ld/ 		73 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dynamic.criteo.com/js/ld/ld.js?a=112954
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJWJSDLX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
aae619d8496b3b9180fd5cf42ac6c51150d785f307eb7afe0328d3e006b4c72c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
public,max-age=10800
timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
date
Sat, 26 Apr 2025 02:26:39 GMT
content-type
application/javascript; charset=utf-8
vary
Origin, Accept-Encoding
server
Kestrel
events.js
analytics.tiktok.com/i18n/pixel/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CF31TNRC77U6J4TVF330&lib=ttq
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=492&oid=109&uid=389&_ef_transaction_id=d806e723fe844b28904ee28ec49ae968&n=6109
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.204.196 Hamburg, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-16-204-196.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b7876717cc8d2ae0ba33553df0da46e77800bd9cd614bdc2ea84b988e84165db

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

content-encoding
gzip
expires
Sat, 26 Apr 2025 02:26:40 GMT
server-timing
inner; dur=4, cdn-cache; desc=MISS, edge; dur=0, origin; dur=104
x-cache
TCP_MISS from a2-17-34-53.deploy.akamaitechnologies.com (AkamaiGHost/22.1.0-4f1ef2e9a8e1a0c8be2b8a74a525c274) (-)
date
Sat, 26 Apr 2025 02:26:40 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
x-akamai-request-id
2f3930d3
x-tt-trace-host
0127a953beb4e497a716cef236a2464c1803fe89c7c3f55b51c25d290894d1d36aeac0793a357f561cb1df12b568b40f325f095b93fe98b273a5627225de717be3c3ba7e8cb5648a8c17bb02e75c6f53564e99ddf65f2aac6fdd718794f0336e45
x-origin-response-time
104,2.17.34.53
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2504260226407CB61C770301DA21A334-5F2FDAF95820AF2D-00
content-length
2476
x-tt-logid
202504260226407CB61C770301DA21A334
server
nginx
everflow.js
www.p8btrk.com/scripts/sdk/ 		60 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.p8btrk.com/scripts/sdk/everflow.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJWJSDLX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.80.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.80.98.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
ff285c3beb06a42b03ce3a8a860f160216bf3c3ea5c0aae96125c23c017c45b4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

cache-control
max-age=14400
content-encoding
gzip
accept-ch
Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
via
1.1 google
x-eflow-request-id
c16c9ac5-5096-4068-8a2b-6be47b8fe197
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 26 Apr 2025 02:26:40 GMT
content-type
text/javascript
vary
Origin
server
nginx
uwt.js
static.ads-twitter.com/ 		57 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=492&oid=109&uid=389&_ef_transaction_id=d806e723fe844b28904ee28ec49ae968&n=6109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ac89958fd75e99eba92cdb3f927cce205bd05c2c6ffe643c4bf52ca6558d61b3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

vary
Accept-Encoding,Host
cache-control
no-cache
content-encoding
gzip
etag
"d980aaf9efaa780ff3fdc50fad42ffbd+gzip+gzip"
accept-ranges
bytes
x-cache
HIT, HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
15921
date
Sat, 26 Apr 2025 02:26:40 GMT
x-tw-cdn
FT
last-modified
Mon, 21 Apr 2025 17:22:23 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-iad-kjyo7100046-IAD, cache-fra-etou8220124-FRA
x-amz-server-side-encryption
AES256
collect-g.js
d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/ 		109 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/collect-g.js?mid=LHP&channel=secure.parasiterelief.com
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJWJSDLX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.23.228 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-23-228.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
321ed67858b1984d619cda28040b7dcf5ff3a369620ebf4bf15969eb8bae1737

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

content-encoding
gzip
etag
"d390fe64fe08d15d28d84d641d2446a1"
age
229848
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
aS2-Iqeot3qs41ZBgmE-tWX4v8TDcY_vfDQJ3uJWRdwOt14_ECvScg==
date
Wed, 23 Apr 2025 10:35:53 GMT
content-type
application/x-javascript; charset=UTF-8
last-modified
Thu, 06 Mar 2025 16:20:33 GMT
cache-control
max-age=604800,s-maxage=604800
via
1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
21006
x-amz-cf-pop
FRA56-C2
server
AmazonS3
x-amz-server-side-encryption
AES256
b-00tu.min.js
b-code.liadm.com/ 		138 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b-code.liadm.com/b-00tu.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJWJSDLX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.167.227.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-167-227-50.fra60.r.cloudfront.net
Software
/
Resource Hash
845944fd98cff955be89d38a65136c0b34e901aaa7576ca7f6389a29f8877afa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

cache-control
public,max-age=86400
content-encoding
gzip
age
73674
via
1.1 321608f40a0cbef23b6add681d95b456.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
oFMd74qGlXZ-ASaoaYyzkR8j9RlVn9Pbhk7KWqC_q7j4FTdE-VGJew==
date
Fri, 25 Apr 2025 05:58:46 GMT
content-type
application/javascript
vary
Accept-Encoding
x-amz-cf-pop
FRA60-P11
lk2f3dtvw5
www.clarity.ms/tag/ 		589 B
845 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/lk2f3dtvw5?ref=gtm2
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=492&oid=109&uid=389&_ef_transaction_id=d806e723fe844b28904ee28ec49ae968&n=6109
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
107463d357453795afffc9881abd53e89938b84b9cba17e3b25fa3f19584332d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

cache-control
no-cache, no-store
request-context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
expires
-1
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
589
date
Sat, 26 Apr 2025 02:26:40 GMT
content-type
application/x-javascript
x-azure-ref
20250426T022640Z-177f9969f75tctlthC1FRAm3ds0000000c0g000000007b8y
gtr.min.js
dsp-media.eskimi.com/assets/js/e/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dsp-media.eskimi.com/assets/js/e/gtr.min.js?_=0.0.0.5
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=492&oid=109&uid=389&_ef_transaction_id=d806e723fe844b28904ee28ec49ae968&n=6109
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.36 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
169-150-247-36.bunnyinfra.net
Software
BunnyCDN-DE1-1079 /
Resource Hash
4e687af4507ee911e92498208c154c59437d0ee76ae1c07cfebe4f056415e095
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
zstd
etag
"66fac420-13b3"
x-content-type-options
nosniff
expires
Fri, 10 Apr 2026 20:04:55 GMT
date
Sat, 26 Apr 2025 02:26:40 GMT
last-modified
Mon, 30 Sep 2024 15:30:40 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
cdn-cachedat
04/10/2025 20:04:55
cache-control
public, max-age=31536000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
ce2848ff-13c5-49e5-873d-af24ad423612
cdn-requestid
f88664999e570d64e101b5d78e3da188
cdn-pullzone
692289
cdn-proxyver
1.22
access-control-allow-origin
*
cdn-edgestorageid
1079
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
DE
bat.js
bat.bing.com/ 		51 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=492&oid=109&uid=389&_ef_transaction_id=d806e723fe844b28904ee28ec49ae968&n=6109
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.171.28.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
759043dafa55d63c0788faf5611e14607e598d740d5bc64ecc772d841014d04c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
content-encoding
gzip
etag
"02e6b8458a2db1:0"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 9B5E9B599F7947488B18E4C16CFE727B Ref B: FRA31EDGE0711 Ref C: 2025-04-26T02:26:40Z
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
14711
date
Sat, 26 Apr 2025 02:26:39 GMT
content-type
application/javascript
last-modified
Mon, 31 Mar 2025 16:18:20 GMT
vary
Accept-Encoding
js
www.googletagmanager.com/gtag/ 		281 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-15194473
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJWJSDLX
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
871278650326a7f27dbb9c6442242bc9d702b4a96db81edc2b86138d1cfd6d9e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

content-encoding
br
report-to
{"group":"ascgcycc:1068:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1068:0"}],}
expires
Sat, 26 Apr 2025 02:26:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 26 Apr 2025 02:26:39 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Sat, 26 Apr 2025 00:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1068:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=ascgcycc:1068:0
content-length
101304
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		281 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-15177932
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJWJSDLX
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
fb06b1b75bea144d3a76f2f5df471bc445e910e6cafee16929785707cadbe929
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

content-encoding
br
report-to
{"group":"ascgcycc:1068:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1068:0"}],}
expires
Sat, 26 Apr 2025 02:26:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 26 Apr 2025 02:26:39 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Sat, 26 Apr 2025 00:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1068:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=ascgcycc:1068:0
content-length
101319
x-xss-protection
0
server
Google Tag Manager
pixel
q.quora.com/_/ad/5bc59bb1d0314cfa83330176ba1e7ef3/ 		43 B
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.quora.com/_/ad/5bc59bb1d0314cfa83330176ba1e7ef3/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fparasiterelief.com%2F%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dcleansevsl%26utm_campaign%3Dcleansecpa%26affid%3D492%26oid%3D109%26uid%3D389%26_ef_transaction_id%3Dd806e723fe844b28904ee28ec49ae968%26n%3D6109
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=492&oid=109&uid=389&_ef_transaction_id=d806e723fe844b28904ee28ec49ae968&n=6109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.153.247 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
DYNAMIC
x-q-stat
,031015e2d62fb26a9e665a9fe65d6fb2,10.0.0.50,47340,149.88.24.171,,28495068338,1,1745634400.130,0.001,,.,0,0,0.000,0.000,-,0,0,203,264,132,10,34729,,,,,,-,
cf-ray
9362a2f8797bc0eb-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
date
Sat, 26 Apr 2025 02:26:40 GMT
content-type
image/gif
server
cloudflare
www-player.css
www.youtube-nocookie.com/s/player/22f02d3d/ Frame F7B2 		440 KB
53 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/s/player/22f02d3d/www-player.css
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/Kdx01YmF6t8?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f14.1e100.net
Software
sffe /
Resource Hash
22755a821cfc08dcbfdd717c4bb61c242c11cee9d71c9d73a34a9075e8808502
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.youtube-nocookie.com/embed/Kdx01YmF6t8?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3

Response headers

content-encoding
br
age
240854
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options
nosniff
expires
Thu, 23 Apr 2026 07:32:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 23 Apr 2025 07:32:25 GMT
last-modified
Wed, 23 Apr 2025 04:12:28 GMT
content-type
text/css
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
content-length
54365
x-xss-protection
0
server
sffe
www-embed-player.js
www.youtube-nocookie.com/s/player/22f02d3d/www-embed-player.vflset/ Frame F7B2 		338 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/s/player/22f02d3d/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/Kdx01YmF6t8?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f14.1e100.net
Software
sffe /
Resource Hash
29e0af459d692fbde057c7f92a42a148a7935668856191c251971d79770a5cee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.youtube-nocookie.com/embed/Kdx01YmF6t8?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3

Response headers

content-encoding
br
age
240854
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options
nosniff
expires
Thu, 23 Apr 2026 07:32:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 23 Apr 2025 07:32:25 GMT
last-modified
Wed, 23 Apr 2025 04:12:28 GMT
content-type
text/javascript
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
content-length
102958
x-xss-protection
0
server
sffe
base.js
www.youtube-nocookie.com/s/player/22f02d3d/player_ias.vflset/de_DE/ Frame F7B2 		2 MB
648 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/s/player/22f02d3d/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/Kdx01YmF6t8?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f14.1e100.net
Software
sffe /
Resource Hash
772cd94446dda1927d6ad35b0dc0f5a0365355991f4a6d07b4d8b4d6e79b2fc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.youtube-nocookie.com/embed/Kdx01YmF6t8?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3

Response headers

content-encoding
br
age
240782
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options
nosniff
expires
Thu, 23 Apr 2026 07:33:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 23 Apr 2025 07:33:37 GMT
last-modified
Wed, 23 Apr 2025 04:12:28 GMT
content-type
text/javascript
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
content-length
662855
x-xss-protection
0
server
sffe
sw_iframe.html
www.googletagmanager.com/static/service_worker/54l0/ Frame 78FD 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/static/service_worker/54l0/sw_iframe.html?origin=https%3A%2F%2Fparasiterelief.com
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJWJSDLX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f8.1e100.net
Software
sffe /
Resource Hash
d36b373b44b77f016e4b7df913ba2da2a8025456f016bc794861f210c0e3ada3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
223338
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1482
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Wed, 23 Apr 2025 12:24:22 GMT
expires
Thu, 23 Apr 2026 12:24:22 GMT
last-modified
Mon, 21 Apr 2025 09:28:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F7B2 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/Kdx01YmF6t8?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin
https://www.youtube-nocookie.com
Referer
https://www.youtube-nocookie.com/

Response headers

age
325706
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 22 Apr 2026 07:58:14 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Apr 2025 07:58:14 GMT
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
15344
x-xss-protection
0
server
sffe
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F7B2 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/Kdx01YmF6t8?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin
https://www.youtube-nocookie.com
Referer
https://www.youtube-nocookie.com/

Response headers

age
109510
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 24 Apr 2026 20:01:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 24 Apr 2025 20:01:30 GMT
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
15552
x-xss-protection
0
server
sffe
v2
us.creativecdn.com/tags/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://us.creativecdn.com/tags/v2?type=json
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
216.169.159.30 , United States, ASN203690 (RTB-HOUSE-ASH RTB Marketing and Tech Services Ltd, CY),
Reverse DNS
ip-216-169-159-30.rtbhouse.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://parasiterelief.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET, POST
access-control-allow-origin
https://parasiterelief.com
access-control-max-age
3600
content-length
0
date
Sat, 26 Apr 2025 02:26:40 GMT
vary
Origin
v2
us.creativecdn.com/tags/
Redirect Chain
  • https://us.creativecdn.com/tags/v2?type=json
  • https://us.creativecdn.com/tags/v2?type=json&tc=1
910 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://us.creativecdn.com/tags/v2?type=json&tc=1
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=492&oid=109&uid=389&_ef_transaction_id=d806e723fe844b28904ee28ec49ae968&n=6109
Protocol
H2
Server
216.169.159.30 , United States, ASN203690 (RTB-HOUSE-ASH RTB Marketing and Tech Services Ltd, CY),
Reverse DNS
ip-216-169-159-30.rtbhouse.net
Software
/
Resource Hash
ca72769c3da7356e93ad4127f8e3ec4d2bd94911ec760f7071974149bfa0d8d6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=492&oid=109&uid=389&_ef_transaction_id=d806e723fe844b28904ee28ec49ae968&n=6109

Response headers

access-control-max-age
3600
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
GET, POST
expires
Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin
https://parasiterelief.com
content-length
695
date
Sat, 26 Apr 2025 02:26:40 GMT, Sat, 26 Apr 2025 02:26:40 GMT
content-type
application/json;charset=utf-8
vary
Origin

Redirect headers

access-control-max-age
3600
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
location
https://us.creativecdn.com/tags/v2?type=json&tc=1
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
GET, POST
expires
Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin
https://parasiterelief.com
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-length
0
date
Sat, 26 Apr 2025 02:26:40 GMT, Sat, 26 Apr 2025 02:26:40 GMT
vary
Origin
main.8821a9da.js
s.pinimg.com/ct/lib/ 		81 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/lib/main.8821a9da.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.215.120.185 Hamburg, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-120-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8fdbfa23058836e9a847e16898c904faa58a54b48830af1df5a344bb69b591e6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

access-control-max-age
86400
cache-control
max-age=1209600
access-control-expose-headers
X-CDN
content-encoding
br
etag
"f12de704edb28749091f976a1d1a46b2"
x-cdn
akamai
access-control-allow-methods
GET
accept-ranges
bytes
access-control-allow-origin
*
content-length
23524
content-type
application/javascript
vary
Accept-Encoding, Origin
x-amz-server-side-encryption
AES256
21444b75-45eb-4207-bb22-dc5f286db86b.json
tr.snapchat.com/config/com/ 		112 B
397 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/config/com/21444b75-45eb-4207-bb22-dc5f286db86b.json?v=3.44.6-2504241707
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
4895538d33634a75734cee5bcf1a8fcf60ee121473c0130388f01b18c0442a59
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
accept
application/json
Referer
https://parasiterelief.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time
91
access-control-allow-credentials
true
observe-browsing-topics
?1
via
1.1 google
access-control-allow-origin
https://parasiterelief.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
date
Sat, 26 Apr 2025 02:26:40 GMT
content-type
application/json
server
API Gateway
i
tr.snapchat.com/cm/ Frame 26DE 		0
201 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/cm/i?pid=21444b75-45eb-4207-bb22-dc5f286db86b&u_scsid=610fa600-8671-4a17-96f5-a36b5d47b519&u_sclid=ffe51cf4-6271-4e05-b8ea-e0359ad3d937
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer
https://parasiterelief.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sat, 26 Apr 2025 02:26:40 GMT
server
API Gateway
strict-transport-security
max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via
1.1 google
x-envoy-upstream-service-time
0
p
tr.snapchat.com/ 		68 B
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.snapchat.com/p?pid=21444b75-45eb-4207-bb22-dc5f286db86b&ev=PAGE_VIEW&intg=gtm&pids=21444b75-45eb-4207-bb22-dc5f286db86b&u_c1=fb628b5e-b351-4acb-84fe-595588f30cd9&cdid=%40-97aac941-fc3b-424d-bf38-3e81b4f63e38&u_sclid=ffe51cf4-6271-4e05-b8ea-e0359ad3d937&u_scsid=610fa600-8671-4a17-96f5-a36b5d47b519&gat=G-SSVM2TL5G6%2CGTM-NJWJSDLX%2CDC-15194473%2CDC-15177932&bg=false&bt=aadafeb2&d_bvs=&df=true&huah=true&m_dcl=544&m_fcps=560&m_pi=544&m_pl=0&m_pv=2&m_rd=769&m_sh=1200&m_sl=754&m_sw=1600&pl=https%3A%2F%2Fparasiterelief.com%2F%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dcleansevsl%26utm_campaign%3Dcleansecpa%26affid%3D492%26oid%3D109%26uid%3D389%26_ef_transaction_id%3Dd806e723fe844b28904ee28ec49ae968%26n%3D6109&trackId=77a19117-88a8-4569-89eb-9ee25b92904d&ts=1745634400054&v=3.44.6-2504241707
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=492&oid=109&uid=389&_ef_transaction_id=d806e723fe844b28904ee28ec49ae968&n=6109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
cache-control
no-cache, no-transform
x-envoy-upstream-service-time
3
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
date
Sat, 26 Apr 2025 02:26:40 GMT
content-type
image/png
server
API Gateway
event
sslwidget.criteo.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sslwidget.criteo.com/event?a=116561&v=5.37.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26tms%3DCriteo%2520GTM%2520Enhanced%2520(Retail)%2520(GA4)%2520-%2520v14%26av%3Dtrue%26p%3D1&tld=parasiterelief.com&dy=1&fu=https%253A%252F%252Fparasiterelief.com%252F%253Futm_source%253Dcpa%2526utm_medium%253Daffiliate%2526utm_content%253Dcleansevsl%2526utm_campaign%253Dcleansecpa%2526affid%253D492%2526oid%253D109%2526uid%253D389%2526_ef_transaction_id%253Dd806e723fe844b28904ee28ec49ae968%2526n%253D6109&ceid=d2d31dac-ab9f-477c-a33f-4be8beaf903b
Requested by
Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=116947
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
dcdffd8fd5c00ca0ac42d4998e82c8a62bbc15d0c461f33e7f889dd3344ccec4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache
timing-allow-origin
*
content-encoding
gzip
pragma
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
4051106
expires
0
access-control-allow-origin
*
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
date
Sat, 26 Apr 2025 02:26:40 GMT
content-type
application/x-javascript
server
Kestrel
event
sslwidget.criteo.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sslwidget.criteo.com/event?a=116561&v=5.37.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh%26tms%3DCriteo%2520GTM%2520Enhanced%2520(Retail)%2520(GA4)%2520-%2520v14&tld=parasiterelief.com&dy=1&fu=https%253A%252F%252Fparasiterelief.com%252F%253Futm_source%253Dcpa%2526utm_medium%253Daffiliate%2526utm_content%253Dcleansevsl%2526utm_campaign%253Dcleansecpa%2526affid%253D492%2526oid%253D109%2526uid%253D389%2526_ef_transaction_id%253Dd806e723fe844b28904ee28ec49ae968%2526n%253D6109&ceid=8fd648cb-498f-447a-9b39-023b35c8f8d1
Requested by
Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=116947
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
533bed525f0f843098d42b35984562c3704a30b76a2dedfc72c4736de42a8305
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache
timing-allow-origin
*
content-encoding
gzip
pragma
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
4951856
expires
0
access-control-allow-origin
*
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
date
Sat, 26 Apr 2025 02:26:40 GMT
content-type
application/x-javascript
server
Kestrel
event
widget.us.criteo.com/
Redirect Chain
  • https://sslwidget.criteo.com/event?a=%5B116560%5D&v=5.37.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh%26tms%3DCriteo%2520GTM%2520Enhanced%2520(Retail)%2520(GA4)%2520-%2520v14&tld=parasiterelief.com...
  • https://widget.us.criteo.com/event?a=%5B116560%5D&v=5.37.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh%26tms%3DCriteo%2520GTM%2520Enhanced%2520(Retail)%2520(GA4)%2520-%2520v14&tld=parasiterelief.com...
5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.us.criteo.com/event?a=%5B116560%5D&v=5.37.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh%26tms%3DCriteo%2520GTM%2520Enhanced%2520(Retail)%2520(GA4)%2520-%2520v14&tld=parasiterelief.com&dy=1&fu=https%253A%252F%252Fparasiterelief.com%252F%253Futm_source%253Dcpa%2526utm_medium%253Daffiliate%2526utm_content%253Dcleansevsl%2526utm_campaign%253Dcleansecpa%2526affid%253D492%2526oid%253D109%2526uid%253D389%2526_ef_transaction_id%253Dd806e723fe844b28904ee28ec49ae968%2526n%253D6109&ceid=c06fd6dd-df6b-47e7-ad3c-f37a24d1b1e7
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=492&oid=109&uid=389&_ef_transaction_id=d806e723fe844b28904ee28ec49ae968&n=6109
Protocol
H2
Server
74.119.117.16 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
b8610a09a25de7f667082d21b6fa3ebeeb53de1625978089df7a270799630a94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache
timing-allow-origin
*
content-encoding
gzip
pragma
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
8463713
expires
0
access-control-allow-origin
*
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
date
Sat, 26 Apr 2025 02:26:40 GMT
content-type
application/x-javascript
server
Kestrel

Redirect headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache
location
https://widget.us.criteo.com/event?a=%5B116560%5D&v=5.37.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh%26tms%3DCriteo%2520GTM%2520Enhanced%2520(Retail)%2520(GA4)%2520-%2520v14&tld=parasiterelief.com&dy=1&fu=https%253A%252F%252Fparasiterelief.com%252F%253Futm_source%253Dcpa%2526utm_medium%253Daffiliate%2526utm_content%253Dcleansevsl%2526utm_campaign%253Dcleansecpa%2526affid%253D492%2526oid%253D109%2526uid%253D389%2526_ef_transaction_id%253Dd806e723fe844b28904ee28ec49ae968%2526n%253D6109&ceid=c06fd6dd-df6b-47e7-ad3c-f37a24d1b1e7
content-encoding
gzip
pragma
no-cache
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1196009
expires
0
access-control-allow-origin
*
content-length
0
date
Sat, 26 Apr 2025 02:26:39 GMT
server
Kestrel
event
widget.us.criteo.com/
Redirect Chain
  • https://sslwidget.criteo.com/event?a=%5B116560%5D&v=5.37.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26tms%3DCriteo%2520GTM%2520Enhanced%2520(Retail)%2520(GA4)%2520-%2520v14%26av%3Dtrue%26p%3D1&tl...
  • https://widget.us.criteo.com/event?a=%5B116560%5D&v=5.37.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26tms%3DCriteo%2520GTM%2520Enhanced%2520(Retail)%2520(GA4)%2520-%2520v14%26av%3Dtrue%26p%3D1&tl...
5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.us.criteo.com/event?a=%5B116560%5D&v=5.37.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26tms%3DCriteo%2520GTM%2520Enhanced%2520(Retail)%2520(GA4)%2520-%2520v14%26av%3Dtrue%26p%3D1&tld=parasiterelief.com&dy=1&fu=https%253A%252F%252Fparasiterelief.com%252F%253Futm_source%253Dcpa%2526utm_medium%253Daffiliate%2526utm_content%253Dcleansevsl%2526utm_campaign%253Dcleansecpa%2526affid%253D492%2526oid%253D109%2526uid%253D389%2526_ef_transaction_id%253Dd806e723fe844b28904ee28ec49ae968%2526n%253D6109&ceid=3238149b-f4da-4bde-9a93-5c65d364fdcf
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=492&oid=109&uid=389&_ef_transaction_id=d806e723fe844b28904ee28ec49ae968&n=6109
Protocol
H2
Server
74.119.117.16 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
ccf770067f160613d2e02f3ade8147245c71f2c06dcd0505a9cb58820038bdee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache
timing-allow-origin
*
content-encoding
gzip
pragma
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
8950247
expires
0
access-control-allow-origin
*
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
date
Sat, 26 Apr 2025 02:26:39 GMT
content-type
application/x-javascript
server
Kestrel

Redirect headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache
location
https://widget.us.criteo.com/event?a=%5B116560%5D&v=5.37.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26tms%3DCriteo%2520GTM%2520Enhanced%2520(Retail)%2520(GA4)%2520-%2520v14%26av%3Dtrue%26p%3D1&tld=parasiterelief.com&dy=1&fu=https%253A%252F%252Fparasiterelief.com%252F%253Futm_source%253Dcpa%2526utm_medium%253Daffiliate%2526utm_content%253Dcleansevsl%2526utm_campaign%253Dcleansecpa%2526affid%253D492%2526oid%253D109%2526uid%253D389%2526_ef_transaction_id%253Dd806e723fe844b28904ee28ec49ae968%2526n%253D6109&ceid=3238149b-f4da-4bde-9a93-5c65d364fdcf
content-encoding
gzip
pragma
no-cache
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1537607
expires
0
access-control-allow-origin
*
content-length
0
date
Sat, 26 Apr 2025 02:26:39 GMT
server
Kestrel
event
widget.as.criteo.com/
Redirect Chain
  • https://sslwidget.criteo.com/event?a=%5B116947%5D&v=5.37.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh%26tms%3DCriteo%2520GTM%2520Enhanced%2520(Retail)%2520(GA4)%2520-%2520v14&tld=parasiterelief.com...
  • https://widget.as.criteo.com/event?a=%5B116947%5D&v=5.37.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh%26tms%3DCriteo%2520GTM%2520Enhanced%2520(Retail)%2520(GA4)%2520-%2520v14&tld=parasiterelief.com...
5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.as.criteo.com/event?a=%5B116947%5D&v=5.37.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh%26tms%3DCriteo%2520GTM%2520Enhanced%2520(Retail)%2520(GA4)%2520-%2520v14&tld=parasiterelief.com&dy=1&fu=https%253A%252F%252Fparasiterelief.com%252F%253Futm_source%253Dcpa%2526utm_medium%253Daffiliate%2526utm_content%253Dcleansevsl%2526utm_campaign%253Dcleansecpa%2526affid%253D492%2526oid%253D109%2526uid%253D389%2526_ef_transaction_id%253Dd806e723fe844b28904ee28ec49ae968%2526n%253D6109&ceid=dbc16ebb-9183-4160-97b1-f4c15e3433e1
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=492&oid=109&uid=389&_ef_transaction_id=d806e723fe844b28904ee28ec49ae968&n=6109
Protocol
H2
Server
182.161.74.16 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
a0fd31c9d35d7ce7a1415c9933cabec117731e87841f668608a51cdcbe648037
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache
timing-allow-origin
*
content-encoding
gzip
pragma
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
4721417
expires
0
access-control-allow-origin
*
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
date
Sat, 26 Apr 2025 02:26:40 GMT
content-type
application/x-javascript
server
Kestrel

Redirect headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache
location
https://widget.as.criteo.com/event?a=%5B116947%5D&v=5.37.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh%26tms%3DCriteo%2520GTM%2520Enhanced%2520(Retail)%2520(GA4)%2520-%2520v14&tld=parasiterelief.com&dy=1&fu=https%253A%252F%252Fparasiterelief.com%252F%253Futm_source%253Dcpa%2526utm_medium%253Daffiliate%2526utm_content%253Dcleansevsl%2526utm_campaign%253Dcleansecpa%2526affid%253D492%2526oid%253D109%2526uid%253D389%2526_ef_transaction_id%253Dd806e723fe844b28904ee28ec49ae968%2526n%253D6109&ceid=dbc16ebb-9183-4160-97b1-f4c15e3433e1
content-encoding
gzip
pragma
no-cache
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1964599
expires
0
access-control-allow-origin
*
content-length
0
date
Sat, 26 Apr 2025 02:26:39 GMT
server
Kestrel
event
widget.as.criteo.com/
Redirect Chain
  • https://sslwidget.criteo.com/event?a=%5B116947%5D&v=5.37.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26tms%3DCriteo%2520GTM%2520Enhanced%2520(Retail)%2520(GA4)%2520-%2520v14%26av%3Dtrue%26p%3D1&tl...
  • https://widget.as.criteo.com/event?a=%5B116947%5D&v=5.37.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26tms%3DCriteo%2520GTM%2520Enhanced%2520(Retail)%2520(GA4)%2520-%2520v14%26av%3Dtrue%26p%3D1&tl...
5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.as.criteo.com/event?a=%5B116947%5D&v=5.37.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26tms%3DCriteo%2520GTM%2520Enhanced%2520(Retail)%2520(GA4)%2520-%2520v14%26av%3Dtrue%26p%3D1&tld=parasiterelief.com&dy=1&fu=https%253A%252F%252Fparasiterelief.com%252F%253Futm_source%253Dcpa%2526utm_medium%253Daffiliate%2526utm_content%253Dcleansevsl%2526utm_campaign%253Dcleansecpa%2526affid%253D492%2526oid%253D109%2526uid%253D389%2526_ef_transaction_id%253Dd806e723fe844b28904ee28ec49ae968%2526n%253D6109&ceid=df0273ef-a913-415d-bf4e-815d716229dd
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=492&oid=109&uid=389&_ef_transaction_id=d806e723fe844b28904ee28ec49ae968&n=6109
Protocol
H2
Server
182.161.74.16 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4d430f5541792738f4195a4ab4940b83fadba766ee6445e1dbc3699f25fc392d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache
timing-allow-origin
*
content-encoding
gzip
pragma
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
5062294
expires
0
access-control-allow-origin
*
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
date
Sat, 26 Apr 2025 02:26:40 GMT
content-type
application/x-javascript
server
Kestrel

Redirect headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache
location
https://widget.as.criteo.com/event?a=%5B116947%5D&v=5.37.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26tms%3DCriteo%2520GTM%2520Enhanced%2520(Retail)%2520(GA4)%2520-%2520v14%26av%3Dtrue%26p%3D1&tld=parasiterelief.com&dy=1&fu=https%253A%252F%252Fparasiterelief.com%252F%253Futm_source%253Dcpa%2526utm_medium%253Daffiliate%2526utm_content%253Dcleansevsl%2526utm_campaign%253Dcleansecpa%2526affid%253D492%2526oid%253D109%2526uid%253D389%2526_ef_transaction_id%253Dd806e723fe844b28904ee28ec49ae968%2526n%253D6109&ceid=df0273ef-a913-415d-bf4e-815d716229dd
content-encoding
gzip
pragma
no-cache
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1497509
expires
0
access-control-allow-origin
*
content-length
0
date
Sat, 26 Apr 2025 02:26:39 GMT
server
Kestrel
event
widget.us.criteo.com/
Redirect Chain
  • https://sslwidget.criteo.com/event?a=%5B107998%2C118448%5D&v=5.37.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh%26tms%3DCriteo%2520GTM%2520Enhanced%2520(Retail)%2520(GA4)%2520-%2520v14&tld=parasiter...
  • https://widget.us.criteo.com/event?a=%5B107998%2C118448%5D&v=5.37.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh%26tms%3DCriteo%2520GTM%2520Enhanced%2520(Retail)%2520(GA4)%2520-%2520v14&tld=parasiter...
5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.us.criteo.com/event?a=%5B107998%2C118448%5D&v=5.37.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh%26tms%3DCriteo%2520GTM%2520Enhanced%2520(Retail)%2520(GA4)%2520-%2520v14&tld=parasiterelief.com&dy=1&fu=https%253A%252F%252Fparasiterelief.com%252F%253Futm_source%253Dcpa%2526utm_medium%253Daffiliate%2526utm_content%253Dcleansevsl%2526utm_campaign%253Dcleansecpa%2526affid%253D492%2526oid%253D109%2526uid%253D389%2526_ef_transaction_id%253Dd806e723fe844b28904ee28ec49ae968%2526n%253D6109&ceid=2ba0e189-99ce-4060-a5bd-4472bdafcf7d
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=492&oid=109&uid=389&_ef_transaction_id=d806e723fe844b28904ee28ec49ae968&n=6109
Protocol
H2
Server
74.119.117.16 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
c58f785818b93e3b26713a94f24353f9621a96e4bb346eb3e93aa29886828870
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache
timing-allow-origin
*
content-encoding
gzip
pragma
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
5663931
expires
0
access-control-allow-origin
*
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
date
Sat, 26 Apr 2025 02:26:40 GMT
content-type
application/x-javascript
server
Kestrel

Redirect headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache
location
https://widget.us.criteo.com/event?a=%5B107998%2C118448%5D&v=5.37.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh%26tms%3DCriteo%2520GTM%2520Enhanced%2520(Retail)%2520(GA4)%2520-%2520v14&tld=parasiterelief.com&dy=1&fu=https%253A%252F%252Fparasiterelief.com%252F%253Futm_source%253Dcpa%2526utm_medium%253Daffiliate%2526utm_content%253Dcleansevsl%2526utm_campaign%253Dcleansecpa%2526affid%253D492%2526oid%253D109%2526uid%253D389%2526_ef_transaction_id%253Dd806e723fe844b28904ee28ec49ae968%2526n%253D6109&ceid=2ba0e189-99ce-4060-a5bd-4472bdafcf7d
content-encoding
gzip
pragma
no-cache
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1515070
expires
0
access-control-allow-origin
*
content-length
0
date
Sat, 26 Apr 2025 02:26:39 GMT
server
Kestrel
event
widget.us.criteo.com/
Redirect Chain
  • https://sslwidget.criteo.com/event?a=%5B107998%2C118448%5D&v=5.37.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26tms%3DCriteo%2520GTM%2520Enhanced%2520(Retail)%2520(GA4)%2520-%2520v14%26av%3Dtrue%2...
  • https://widget.us.criteo.com/event?a=%5B107998%2C118448%5D&v=5.37.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26tms%3DCriteo%2520GTM%2520Enhanced%2520(Retail)%2520(GA4)%2520-%2520v14%26av%3Dtrue%2...
32 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.us.criteo.com/event?a=%5B107998%2C118448%5D&v=5.37.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26tms%3DCriteo%2520GTM%2520Enhanced%2520(Retail)%2520(GA4)%2520-%2520v14%26av%3Dtrue%26p%3D1&p2=e%3Ddis%26a%3D%255B116561%252C116560%252C116947%252C107998%252C118448%255D&tld=parasiterelief.com&dy=1&fu=https%253A%252F%252Fparasiterelief.com%252F%253Futm_source%253Dcpa%2526utm_medium%253Daffiliate%2526utm_content%253Dcleansevsl%2526utm_campaign%253Dcleansecpa%2526affid%253D492%2526oid%253D109%2526uid%253D389%2526_ef_transaction_id%253Dd806e723fe844b28904ee28ec49ae968%2526n%253D6109&ceid=073771fe-8d6f-4379-88c1-2ceb0e7e74ce
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=492&oid=109&uid=389&_ef_transaction_id=d806e723fe844b28904ee28ec49ae968&n=6109
Protocol
H2
Server
74.119.117.16 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
423bd4e7c8e6cd68b9f81fcb40d206864f5e1f05946e9b54cf9f3f2f24fad433
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache
timing-allow-origin
*
content-encoding
gzip
pragma
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
23495802
expires
0
access-control-allow-origin
*
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
date
Sat, 26 Apr 2025 02:26:39 GMT
content-type
application/x-javascript
server
Kestrel

Redirect headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache
location
https://widget.us.criteo.com/event?a=%5B107998%2C118448%5D&v=5.37.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26tms%3DCriteo%2520GTM%2520Enhanced%2520(Retail)%2520(GA4)%2520-%2520v14%26av%3Dtrue%26p%3D1&p2=e%3Ddis%26a%3D%255B116561%252C116560%252C116947%252C107998%252C118448%255D&tld=parasiterelief.com&dy=1&fu=https%253A%252F%252Fparasiterelief.com%252F%253Futm_source%253Dcpa%2526utm_medium%253Daffiliate%2526utm_content%253Dcleansevsl%2526utm_campaign%253Dcleansecpa%2526affid%253D492%2526oid%253D109%2526uid%253D389%2526_ef_transaction_id%253Dd806e723fe844b28904ee28ec49ae968%2526n%253D6109&ceid=073771fe-8d6f-4379-88c1-2ceb0e7e74ce
content-encoding
gzip
pragma
no-cache
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1405709
expires
0
access-control-allow-origin
*
content-length
0
date
Sat, 26 Apr 2025 02:26:39 GMT
server
Kestrel
syncframe
gum.criteo.com/ Frame D8CD 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=parasiterelief.com&origin=onetag
Requested by
Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=116947
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
30b7f0adc63bb1e3010cee77e9aa68b9aa8511ec29abb030a2a7d710473951a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://parasiterelief.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 26 Apr 2025 02:26:40 GMT
server
Kestrel
server-processing-duration-in-ticks
343715
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
destination
www.googletagmanager.com/gtag/ 		262 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-13811400&l=dataLayer&cx=c&gtm=45je54n0v871036254za200zb9138730978&tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SSVM2TL5G6&l=dataLayer&cx=c&gtm=45He54n0v9138730978za200&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
d0fcc74c8549bfee94585e573ccfb5f47f8e63e8694ab5a46300e462577086a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

content-encoding
br
report-to
{"group":"ascgcysghrgc:42:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Sat, 26 Apr 2025 02:26:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 26 Apr 2025 02:26:40 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Sat, 26 Apr 2025 00:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=ascgcysghrgc:42:0
content-length
95889
x-xss-protection
0
server
Google Tag Manager
destination
www.googletagmanager.com/gtag/ 		285 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-14623190&l=dataLayer&cx=c&gtm=45je54n0v871036254za200zb9138730978&tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SSVM2TL5G6&l=dataLayer&cx=c&gtm=45He54n0v9138730978za200&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
be941e5f7d4a147750c438cf40407bcddff4c38c14c490b0df8972b089715649
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

content-encoding
br
report-to
{"group":"ascgcysghrgc:42:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Sat, 26 Apr 2025 02:26:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 26 Apr 2025 02:26:40 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Sat, 26 Apr 2025 00:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=ascgcysghrgc:42:0
content-length
102377
x-xss-protection
0
server
Google Tag Manager
register-conversion
region1.google-analytics.com/privacy-sandbox/
Redirect Chain
  • https://region1.analytics.google.com/g/collect?v=2&tid=G-SSVM2TL5G6&gtm=45je54n0v871036254z89138730978za200zb9138730978&_p=1745634399773&_gaz=1&gcs=G111&gcd=13v3v3v2v5l1&npa=0&dma_cps=syphamo&dma=1...
  • https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1433402319.1745634400&dbk=15616854594865418976&dma=1&dma_cps=syphamo&en=page_view&gcs=G111&gtm=45je54n0v871036254z8...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1433402319.1745634400&dbk=15616854594865418976&dma=1&dma_cps=syphamo&en=page_view&gcs=G111&gtm=45je54n0v871036254z89138730978za200zb9138730978&npa=0&tid=G-SSVM2TL5G6&dl=https%3A%2F%2Fparasiterelief.com%3F
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=492&oid=109&uid=389&_ef_transaction_id=d806e723fe844b28904ee28ec49ae968&n=6109
Protocol
H2
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"ascnsrsgnc:90:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgnc:90:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgnc:90:0
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsgnc:90:0
content-length
0
date
Sat, 26 Apr 2025 02:26:40 GMT
content-type
text/plain
server
Golfe2

Redirect headers

cache-control
no-cache, no-store, must-revalidate
location
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1433402319.1745634400&dbk=15616854594865418976&dma=1&dma_cps=syphamo&en=page_view&gcs=G111&gtm=45je54n0v871036254z89138730978za200zb9138730978&npa=0&tid=G-SSVM2TL5G6&dl=https%3A%2F%2Fparasiterelief.com%3F
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"ascnsrsggc:153:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:153:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:153:0
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsggc:153:0
content-length
523
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 26 Apr 2025 02:26:40 GMT
content-type
text/html; charset=UTF-8
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
549 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-SSVM2TL5G6&cid=1433402319.1745634400&gtm=45je54n0v871036254z89138730978za200zb9138730978&aip=1&dma=1&dma_cps=syphamo&gcs=G111&gcd=13v3v3v2v5l1&npa=0&frm=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004&ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SSVM2TL5G6&l=dataLayer&cx=c&gtm=45He54n0v9138730978za200&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.177.15.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wr-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:122:0
report-to
{"group":"ascnsrsggc:122:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:122:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://parasiterelief.com
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsggc:122:0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 26 Apr 2025 02:26:40 GMT
content-type
text/plain
server
Golfe2
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-SSVM2TL5G6&cid=1433402319.1745634400&gtm=45je54n0v871036254z89138730978za200zb9138730978&aip=1&dma=1&dma_cps=syphamo&gcs=G111&gcd=13v3v3v2v5l1&npa=0&frm=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004&ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004&ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&z=768733084
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=492&oid=109&uid=389&_ef_transaction_id=d806e723fe844b28904ee28ec49ae968&n=6109
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Sat, 26 Apr 2025 02:26:40 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
adsct
t.co/1/i/ 		43 B
644 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/1/i/adsct?bci=4&dv=Europe%2FBerlin%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2628%2624%261600%261200%260%26na&eci=3&event=%7B%7D&event_id=a935e079-3acb-404d-ae80-7e6cec2e77c2&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=b5f592a6-87ee-45ab-bf53-d462844a1196&tw_document_href=https%3A%2F%2Fparasiterelief.com%2F%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dcleansevsl%26utm_campaign%3Dcleansecpa%26affid%3D492%26oid%3D109%26uid%3D389%26_ef_transaction_id%3Dd806e723fe844b28904ee28ec49ae968%26n%3D6109&tw_iframe_status=0&txn_id=omgp6&type=javascript&version=2.3.32
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=492&oid=109&uid=389&_ef_transaction_id=d806e723fe844b28904ee28ec49ae968&n=6109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.140.229 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

strict-transport-security
max-age=0
x-transaction-id
a9f4092e30977450
cache-control
no-cache, no-store, max-age=0
x-connection-hash
c83d3d8fde9d1695dfbab3d2f6e4f11e96ba4f278f641715a045fdb16c2cb7e7
cf-cache-status
DYNAMIC
cf-ray
9362a2f91d581c24-FRA
x-response-time
7
content-length
43
date
Sat, 26 Apr 2025 02:26:40 GMT
content-type
image/gif;charset=utf-8
perf
7402827104
server
cloudflare tsa_b
adsct
analytics.twitter.com/1/i/ 		43 B
829 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&dv=Europe%2FBerlin%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2628%2624%261600%261200%260%26na&eci=3&event=%7B%7D&event_id=a935e079-3acb-404d-ae80-7e6cec2e77c2&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=b5f592a6-87ee-45ab-bf53-d462844a1196&tw_document_href=https%3A%2F%2Fparasiterelief.com%2F%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dcleansevsl%26utm_campaign%3Dcleansecpa%26affid%3D492%26oid%3D109%26uid%3D389%26_ef_transaction_id%3Dd806e723fe844b28904ee28ec49ae968%26n%3D6109&tw_iframe_status=0&txn_id=omgp6&type=javascript&version=2.3.32
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=492&oid=109&uid=389&_ef_transaction_id=d806e723fe844b28904ee28ec49ae968&n=6109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.227 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

strict-transport-security
max-age=631138519
x-transaction-id
a94ff75e5e000c5f
cache-control
no-cache, no-store, max-age=0
x-connection-hash
693a0c5fdbb6c6d7f8df3e15499d5eb09c2663026cd1d3763940d562f05b1188
cf-cache-status
DYNAMIC
cf-ray
9362a2f91c56efff-FRA
x-response-time
82
content-length
43
date
Sat, 26 Apr 2025 02:26:40 GMT
content-type
image/gif;charset=utf-8
perf
7402827104
server
cloudflare tsa_b
adsct
t.co/1/i/ 		43 B
487 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/1/i/adsct?bci=4&dv=Europe%2FBerlin%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2628%2624%261600%261200%260%26na&eci=4&event=%7B%7D&event_id=eb702d4b-eced-40c6-bf3b-fa7af9d70e0c&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=b5f592a6-87ee-45ab-bf53-d462844a1196&tw_document_href=https%3A%2F%2Fparasiterelief.com%2F%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dcleansevsl%26utm_campaign%3Dcleansecpa%26affid%3D492%26oid%3D109%26uid%3D389%26_ef_transaction_id%3Dd806e723fe844b28904ee28ec49ae968%26n%3D6109&tw_iframe_status=0&txn_id=tw-omgp6-omgpb&type=javascript&version=2.3.32
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=492&oid=109&uid=389&_ef_transaction_id=d806e723fe844b28904ee28ec49ae968&n=6109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.140.229 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

strict-transport-security
max-age=0
x-transaction-id
6ec0d3544a572d29
cache-control
no-cache, no-store, max-age=0
x-connection-hash
35e372eeadf727564f9782d332d69cdec5284bb4a7fe3a4256b85c8505043e2c
cf-cache-status
DYNAMIC
cf-ray
9362a2f91d591c24-FRA
x-response-time
4
content-length
43
date
Sat, 26 Apr 2025 02:26:40 GMT
content-type
image/gif;charset=utf-8
perf
7402827104
server
cloudflare tsa_b
adsct
analytics.twitter.com/1/i/ 		43 B
995 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&dv=Europe%2FBerlin%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2628%2624%261600%261200%260%26na&eci=4&event=%7B%7D&event_id=eb702d4b-eced-40c6-bf3b-fa7af9d70e0c&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=b5f592a6-87ee-45ab-bf53-d462844a1196&tw_document_href=https%3A%2F%2Fparasiterelief.com%2F%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dcleansevsl%26utm_campaign%3Dcleansecpa%26affid%3D492%26oid%3D109%26uid%3D389%26_ef_transaction_id%3Dd806e723fe844b28904ee28ec49ae968%26n%3D6109&tw_iframe_status=0&txn_id=tw-omgp6-omgpb&type=javascript&version=2.3.32
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=492&oid=109&uid=389&_ef_transaction_id=d806e723fe844b28904ee28ec49ae968&n=6109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.227 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

strict-transport-security
max-age=631138519
x-transaction-id
4775b2b38410a1e3
cache-control
no-cache, no-store, max-age=0
x-connection-hash
511ee13f66534d71b7d86880f4e5f86b739b729d8faa20cb7ead4e7d5e0a5a18
cf-cache-status
DYNAMIC
cf-ray
9362a2f91c57efff-FRA
x-response-time
76
content-length
43
date
Sat, 26 Apr 2025 02:26:40 GMT
content-type
image/gif;charset=utf-8
perf
7402827104
server
cloudflare tsa_b
/
ct.pinterest.com/user/ 		320 B
748 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?tid=2613435893526&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1745634400140&dep=2%2CPAGE_LOAD
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.8821a9da.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.215.120.185 Hamburg, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-120-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
95e69570e8e390f7ff1264bdb4ee08053210e6dac2cf85fee8c418e073a48403
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

access-control-expose-headers
Epik,Pin-Unauth
content-encoding
gzip
x-pinterest-rid-128bit
dbb3d5c170e80f015cd48d97d59e4abf
expires
Sat, 01 Jan 2000 00:00:00 GMT
date
Sat, 26 Apr 2025 02:26:40 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
cache-control
no-cache,no-store,must-revalidate,max-age=0
pragma
no-cache
x-envoy-upstream-service-time
0
x-cdn
akamai
access-control-allow-credentials
true
referrer-policy
origin
pin-unauth
dWlkPU5qZGxPR1F3TlRRdE9EVTFaaTAwTTJZeExXSmlNV0l0TTJGa01qTTRZall3TlRJdw
pinterest-version
29f111c367dfae75a4e9ab94cb5682ee4a3ac54a
access-control-allow-origin
https://parasiterelief.com
content-length
189
akamai-grn
0.6d501302.1745634400.1a2aa317
x-pinterest-rid
6689127029815528
/
ct.pinterest.com/user/ 		320 B
747 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%2C%22line_items%22%3A%5B%7B%22product_id%22%3A%22cleanse%22%7D%5D%7D&tid=2613435893526&cb=1745634400141&dep=5%2CEVENT_TAGS_ABSENT
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.8821a9da.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.215.120.185 Hamburg, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-120-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
95e69570e8e390f7ff1264bdb4ee08053210e6dac2cf85fee8c418e073a48403
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

access-control-expose-headers
Epik,Pin-Unauth
content-encoding
gzip
x-pinterest-rid-128bit
f868b971d48ed1461e23ecc748961a5d
expires
Sat, 01 Jan 2000 00:00:00 GMT
date
Sat, 26 Apr 2025 02:26:40 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
cache-control
no-cache,no-store,must-revalidate,max-age=0
pragma
no-cache
x-envoy-upstream-service-time
0
x-cdn
akamai
access-control-allow-credentials
true
referrer-policy
origin
pin-unauth
dWlkPU9UUXpZemd6WTJRdE9Ua3hNQzAwWVRFMkxUa3hZbUl0TW1VMU1qQmtZell3WlRBdw
pinterest-version
29f111c367dfae75a4e9ab94cb5682ee4a3ac54a
access-control-allow-origin
https://parasiterelief.com
content-length
189
akamai-grn
0.6d501302.1745634400.1a2aa318
x-pinterest-rid
2171839785983154
cssession
dsp-trk.eskimi.com/tracking/ 		2 B
457 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dsp-trk.eskimi.com/tracking/cssession?tst&id=33152&url=https%3A%2F%2Fparasiterelief.com%2F%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dcleansevsl%26utm_campaign%3Dcleansecpa%26affid%3D492%26oid%3D109%26uid%3D389%26_ef_transaction_id%3Dd806e723fe844b28904ee28ec49ae968%26n%3D6109&t=1745634400142
Requested by
Host: dsp-media.eskimi.com
URL: https://dsp-media.eskimi.com/assets/js/e/gtr.min.js?_=0.0.0.5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.42.63.49 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

Transfer-Encoding
chunked
Access-Control-Allow-Origin
https://parasiterelief.com
Date
Sat, 26 Apr 2025 02:26:40 GMT
Content-Type
text/plain; charset=UTF-8
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
gtr
dsp-ap.eskimi.com/v2/ 		116 B
1011 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dsp-ap.eskimi.com/v2/gtr?id=33152&event=page%20visitors%3A0&url=https%3A%2F%2Fparasiterelief.com%2F%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dcleansevsl%26utm_campaign%3Dcleansecpa%26affid%3D492%26oid%3D109%26uid%3D389%26_ef_transaction_id%3Dd806e723fe844b28904ee28ec49ae968%26n%3D6109&t=1745634400143
Requested by
Host: dsp-media.eskimi.com
URL: https://dsp-media.eskimi.com/assets/js/e/gtr.min.js?_=0.0.0.5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.42.63.48 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
559d22c7029220e679549149b41e59cc081db8f29b027b7e0c9937e9cad81500

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

Transfer-Encoding
chunked
Cache-Control
no-cache
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://parasiterelief.com
Date
Sat, 26 Apr 2025 02:26:40 GMT
Content-Type
application/json
Server
nginx
343175482.js
bat.bing.com/p/action/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/343175482.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.171.28.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7d9bce3c0ed9c0feb96d2b7de663cefd43069a940bf3484c5b1fa66946dd3e2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
content-encoding
br
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 8D22DFE057904A73870EA21C64D38FA0 Ref B: FRA31EDGE0711 Ref C: 2025-04-26T02:26:40Z
x-cache
CONFIG_NOCACHE
date
Sat, 26 Apr 2025 02:26:39 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
355042324.js
bat.bing.com/p/action/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/355042324.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.171.28.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7d9bce3c0ed9c0feb96d2b7de663cefd43069a940bf3484c5b1fa66946dd3e2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
content-encoding
br
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 920147CAADE347C4999E6AB8A331CF1C Ref B: FRA31EDGE0711 Ref C: 2025-04-26T02:26:40Z
x-cache
CONFIG_NOCACHE
date
Sat, 26 Apr 2025 02:26:39 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
/
ct.pinterest.com/v3/ 		35 B
542 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/v3/?tid=2613435893526&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fparasiterelief.com%2F%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dcleansevsl%26utm_campaign%3Dcleansecpa%26affid%3D492%26oid%3D109%26uid%3D389%26_ef_transaction_id%3Dd806e723fe844b28904ee28ec49ae968%26n%3D6109%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%228821a9da%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Atrue%7D&cb=1745634400148
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.8821a9da.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.215.120.185 Hamburg, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-120-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

x-pinterest-rid-128bit
0d37271d317dacaad2b37d8e330ffd20
expires
Sat, 01 Jan 2000 00:00:00 GMT
date
Sat, 26 Apr 2025 02:26:40 GMT
content-type
image/gif
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
cache-control
no-cache,no-store,must-revalidate,max-age=0
pragma
no-cache
x-envoy-upstream-service-time
0
x-cdn
akamai
access-control-allow-credentials
true
referrer-policy
origin
pinterest-version
29f111c367dfae75a4e9ab94cb5682ee4a3ac54a
access-control-allow-origin
https://parasiterelief.com
content-length
35
akamai-grn
0.6d501302.1745634400.1a2aa313
x-pinterest-rid
1518261681849158
json
gum.criteo.com/sid/ Frame D8CD 		449 B
923 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=onetag&domain=parasiterelief.com&sn=ChromeSyncframe&so=undefined&topUrl=parasiterelief.com&topicsavail=1&fledgeavail=1
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?topUrl=parasiterelief.com&origin=onetag
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
9e4a29715e349b9f5fbafd3ddd174d8b72e7005ff497da13781b673b6990d3f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://gum.criteo.com/syncframe?topUrl=parasiterelief.com&origin=onetag

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
server-processing-duration-in-ticks
1006568
expires
0
date
Sat, 26 Apr 2025 02:26:39 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
Kestrel
activityi;dc_pre=CJT-1fLS9IwDFaQLVQgdqswzrA;src=13811400;type=nda;cat=cl24_00;ord=1;num=5401911911756;npa=0;auiddc=884641591.1745634400;ps=1;pcor=849949254;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;u...
13811400.fls.doubleclick.net/ Frame 26F7
Redirect Chain
  • https://13811400.fls.doubleclick.net/activityi;src=13811400;type=nda;cat=cl24_00;ord=1;num=5401911911756;npa=0;auiddc=884641591.1745634400;ps=1;pcor=849949254;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv...
  • https://13811400.fls.doubleclick.net/activityi;dc_pre=CJT-1fLS9IwDFaQLVQgdqswzrA;src=13811400;type=nda;cat=cl24_00;ord=1;num=5401911911756;npa=0;auiddc=884641591.1745634400;ps=1;pcor=849949254;uaa=...
993 B
950 B 		Document
General
Check archive.org
Download Go to
Full URL
https://13811400.fls.doubleclick.net/activityi;dc_pre=CJT-1fLS9IwDFaQLVQgdqswzrA;src=13811400;type=nda;cat=cl24_00;ord=1;num=5401911911756;npa=0;auiddc=884641591.1745634400;ps=1;pcor=849949254;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KpA;gtm=45fe54n0z89138730978za201zb871036254;gcs=G111;gcd=13v3v3v2v5l1;dma_cps=syphamo;dma=1;dc_fmt=1;tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001;ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001;epver=2;~oref=https%3A%2F%2Fparasiterelief.com%2F%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dcleansevsl%26utm_campaign%3Dcleansecpa%26affid%3D492%26oid%3D109%26uid%3D389%26_ef_transaction_id%3Dd806e723fe844b28904ee28ec49ae968%26n%3D6109?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-13811400&l=dataLayer&cx=c&gtm=45je54n0v871036254za200zb9138730978&tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
cafe /
Resource Hash
9cbb567162928ebcea94da122cbd96b6a134ff0d31ec9f92a289aee0f0a277b2
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://parasiterelief.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
520
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 26 Apr 2025 02:26:40 GMT
expires
Sat, 26 Apr 2025 02:26:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 26 Apr 2025 02:26:40 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://13811400.fls.doubleclick.net/activityi;dc_pre=CJT-1fLS9IwDFaQLVQgdqswzrA;src=13811400;type=nda;cat=cl24_00;ord=1;num=5401911911756;npa=0;auiddc=884641591.1745634400;ps=1;pcor=849949254;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KpA;gtm=45fe54n0z89138730978za201zb871036254;gcs=G111;gcd=13v3v3v2v5l1;dma_cps=syphamo;dma=1;dc_fmt=1;tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001;ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001;epver=2;~oref=https%3A%2F%2Fparasiterelief.com%2F%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dcleansevsl%26utm_campaign%3Dcleansecpa%26affid%3D492%26oid%3D109%26uid%3D389%26_ef_transaction_id%3Dd806e723fe844b28904ee28ec49ae968%26n%3D6109?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;fledge=1;src=13811400;type=nda;cat=cl24_00;ord=1;num=5401911911756;npa=0;auiddc=884641591.1745634400;ps=1;pcor=849949254;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_t...
td.doubleclick.net/td/fls/rul/ Frame 4215 		13 B
531 B 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=13811400;type=nda;cat=cl24_00;ord=1;num=5401911911756;npa=0;auiddc=884641591.1745634400;ps=1;pcor=849949254;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KpA;gtm=45fe54n0z89138730978za201zb871036254;gcs=G111;gcd=13v3v3v2v5l1;dma_cps=syphamo;dma=1;dc_fmt=9;tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001;ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001;epver=2;~oref=https%3A%2F%2Fparasiterelief.com%2F%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dcleansevsl%26utm_campaign%3Dcleansecpa%26affid%3D492%26oid%3D109%26uid%3D389%26_ef_transaction_id%3Dd806e723fe844b28904ee28ec49ae968%26n%3D6109?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-13811400&l=dataLayer&cx=c&gtm=45je54n0v871036254za200zb9138730978&tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://parasiterelief.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 26 Apr 2025 02:26:40 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activity;register_conversion=1;src=13811400;type=nda;cat=cl24_00;ord=1;num=5401911911756;npa=0;auiddc=884641591.1745634400;ps=1;pcor=849949254;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=no...
ad.doubleclick.net/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/activity;register_conversion=1;src=13811400;type=nda;cat=cl24_00;ord=1;num=5401911911756;npa=0;auiddc=884641591.1745634400;ps=1;pcor=849949254;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KpA;gtm=45fe54n0z89138730978za201zb871036254;gcs=G111;gcd=13v3v3v2v5l1;dma_cps=syphamo;dma=1;dc_fmt=10;tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001;ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001;epver=2;~oref=https%3A%2F%2Fparasiterelief.com%2F%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dcleansevsl%26utm_campaign%3Dcleansecpa%26affid%3D492%26oid%3D109%26uid%3D389%26_ef_transaction_id%3Dd806e723fe844b28904ee28ec49ae968%26n%3D6109?
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=492&oid=109&uid=389&_ef_transaction_id=d806e723fe844b28904ee28ec49ae968&n=6109
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
42
date
Sat, 26 Apr 2025 02:26:40 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
activityi;fledge=1;src=14623190;type=invmedia;cat=cl24_0;ord=2029035005556;npa=0;auiddc=884641591.1745634400;ps=1;pcor=1043501072;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu...
td.doubleclick.net/td/fls/rul/ Frame DFDB 		13 B
184 B 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=14623190;type=invmedia;cat=cl24_0;ord=2029035005556;npa=0;auiddc=884641591.1745634400;ps=1;pcor=1043501072;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KlA;gtm=45fe54n0v9186162005z89138730978za201zb871036254;gcs=G111;gcd=13v3v3v2v5l1;dma_cps=syphamo;dma=1;dc_fmt=9;tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103130495~103130497~103200001;ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001;epver=2;em=tv.1?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-14623190&l=dataLayer&cx=c&gtm=45je54n0v871036254za200zb9138730978&tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://parasiterelief.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 26 Apr 2025 02:26:40 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dc_pre=CO6H1fLS9IwDFSgNogMdb5MARg;src=14623190;type=invmedia;cat=cl24_0;ord=2029035005556;npa=0;auiddc=*;ps=1;pcor=1043501072;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KlA...
adservice.google.com/ddm/fls/z/
Redirect Chain
  • https://ad.doubleclick.net/activity;src=14623190;type=invmedia;cat=cl24_0;ord=2029035005556;npa=0;auiddc=884641591.1745634400;ps=1;pcor=1043501072;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscd...
  • https://ad.doubleclick.net/activity;dc_pre=CO6H1fLS9IwDFSgNogMdb5MARg;src=14623190;type=invmedia;cat=cl24_0;ord=2029035005556;npa=0;auiddc=884641591.1745634400;ps=1;pcor=1043501072;uaa=;uab=;uafvl=...
  • https://adservice.google.com/ddm/fls/z/dc_pre=CO6H1fLS9IwDFSgNogMdb5MARg;src=14623190;type=invmedia;cat=cl24_0;ord=2029035005556;npa=0;auiddc=*;ps=1;pcor=1043501072;uaa=;uab=;uafvl=;uamb=0;uam=;uap...
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CO6H1fLS9IwDFSgNogMdb5MARg;src=14623190;type=invmedia;cat=cl24_0;ord=2029035005556;npa=0;auiddc=*;ps=1;pcor=1043501072;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KlA;gtm=45fe54n0v9186162005z89138730978za201zb871036254;gcs=G111;gcd=13v3v3v2v5l1;dma_cps=syphamo;dma=1;dc_fmt=5;tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103130495~103130497~103200001;ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001;epver=2;em=tv.*
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=492&oid=109&uid=389&_ef_transaction_id=d806e723fe844b28904ee28ec49ae968&n=6109
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Sat, 26 Apr 2025 02:26:40 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Redirect headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
location
https://adservice.google.com/ddm/fls/z/dc_pre=CO6H1fLS9IwDFSgNogMdb5MARg;src=14623190;type=invmedia;cat=cl24_0;ord=2029035005556;npa=0;auiddc=*;ps=1;pcor=1043501072;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KlA;gtm=45fe54n0v9186162005z89138730978za201zb871036254;gcs=G111;gcd=13v3v3v2v5l1;dma_cps=syphamo;dma=1;dc_fmt=5;tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103130495~103130497~103200001;ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001;epver=2;em=tv.*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Sat, 26 Apr 2025 02:26:40 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
cafe
activity;register_conversion=1;src=14623190;type=invmedia;cat=cl24_0;ord=2029035005556;npa=0;auiddc=884641591.1745634400;ps=1;pcor=1043501072;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noa...
ad.doubleclick.net/ 		42 B
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/activity;register_conversion=1;src=14623190;type=invmedia;cat=cl24_0;ord=2029035005556;npa=0;auiddc=884641591.1745634400;ps=1;pcor=1043501072;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KlA;gtm=45fe54n0v9186162005z89138730978za201zb871036254;gcs=G111;gcd=13v3v3v2v5l1;dma_cps=syphamo;dma=1;dc_fmt=10;tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103130495~103130497~103200001;ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001;epver=2;em=tv.1?
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=492&oid=109&uid=389&_ef_transaction_id=d806e723fe844b28904ee28ec49ae968&n=6109
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
42
date
Sat, 26 Apr 2025 02:26:40 GMT
attribution-reporting-register-trigger
{"aggregatable_deduplication_keys":[{"deduplication_key":"14583811656733275988"}],"aggregatable_trigger_data":[{"filters":[{"14":["105901431"]}],"key_piece":"0xba8838cdb972c4c1","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0xc1a72e33976528f","not_filters":{"14":["105901431"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"34907144":36,"34907145":36,"34907146":36,"34907147":3530,"34944532":32,"34944533":32,"34944534":32,"34944535":3177,"909011156":40,"909011157":40,"909011158":40,"909011159":3973,"909076164":34,"909076165":34,"909076166":34,"909076167":3345},"aggregation_coordinator_origin":"https://publickeyservice.msmt.gcp.privacysandboxservices.com","debug_key":"2797829719378355559","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"14583811656733275988","filters":[{"14":["105901431"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"14583811656733275988","filters":[{"14":["105901431"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"14583811656733275988","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"14583811656733275988","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["14623190"]}}
content-type
image/gif
x-xss-protection
0
server
cafe
0
bat.bing.net/actionp/ 		0
120 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bat.bing.net/actionp/0?ti=343175482&Ver=2&mid=16e38c4d-216e-4242-8832-4c76f2b60988&bo=1&evt=consent&src=enforced&cdb=AQAY&asc=D
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.171.28.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 8A311B21E7D84E08A1E69336ACCEE6D8 Ref B: FRA31EDGE0212 Ref C: 2025-04-26T02:26:40Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Sat, 26 Apr 2025 02:26:39 GMT
0
bat.bing.net/action/ 		0
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.net/action/0?ti=343175482&Ver=2&mid=16e38c4d-216e-4242-8832-4c76f2b60988&bo=2&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Cleanse24&p=https%3A%2F%2Fparasiterelief.com%2F%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dcleansevsl%26utm_campaign%3Dcleansecpa%26affid%3D492%26oid%3D109%26uid%3D389%26_ef_transaction_id%3Dd806e723fe844b28904ee28ec49ae968%26n%3D6109&r=&lt=545&evt=pageLoad&sv=1&asc=D&cdb=AQAY&rn=466164
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=492&oid=109&uid=389&_ef_transaction_id=d806e723fe844b28904ee28ec49ae968&n=6109
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.171.28.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: B89FCE0CA71646ECB02218CC0870CD3D Ref B: FRA31EDGE0212 Ref C: 2025-04-26T02:26:40Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Sat, 26 Apr 2025 02:26:39 GMT
0
bat.bing.net/actionp/ 		0
120 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bat.bing.net/actionp/0?ti=355042324&Ver=2&mid=115f1fd1-caeb-4f86-bf09-aa31ea2b7d98&bo=1&evt=consent&src=enforced&cdb=AQAY&asc=D
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.171.28.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 27716C011ACB4175B26EDACEEF959098 Ref B: FRA31EDGE0212 Ref C: 2025-04-26T02:26:40Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Sat, 26 Apr 2025 02:26:39 GMT
0
bat.bing.net/action/ 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.net/action/0?ti=355042324&Ver=2&mid=115f1fd1-caeb-4f86-bf09-aa31ea2b7d98&bo=2&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Cleanse24&p=https%3A%2F%2Fparasiterelief.com%2F%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dcleansevsl%26utm_campaign%3Dcleansecpa%26affid%3D492%26oid%3D109%26uid%3D389%26_ef_transaction_id%3Dd806e723fe844b28904ee28ec49ae968%26n%3D6109&r=&lt=545&evt=pageLoad&sv=1&asc=D&cdb=AQAY&rn=746306
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=492&oid=109&uid=389&_ef_transaction_id=d806e723fe844b28904ee28ec49ae968&n=6109
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.171.28.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 0B5A413C157E45DB8A3FAA4AF87E1642 Ref B: FRA31EDGE0212 Ref C: 2025-04-26T02:26:40Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Sat, 26 Apr 2025 02:26:39 GMT
main.MWNiYzU5ZjYwMQ.js
analytics.tiktok.com/i18n/pixel/static/ 		349 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MWNiYzU5ZjYwMQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CF31TNRC77U6J4TVF330&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.204.196 Hamburg, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-16-204-196.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
f3bfa170050f83e66a1726f4ccf689b6fc8700fce990ec07c444e537d6faa968

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

x-cache
TCP_MEM_HIT from a2-17-34-53.deploy.akamaitechnologies.com (AkamaiGHost/22.1.0-4f1ef2e9a8e1a0c8be2b8a74a525c274) (-)
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
x-tt-trace-id
00-2504221413213C0FB02B029AA5080315-06F569876D1CEC51-00
content-length
88014
date
Sat, 26 Apr 2025 02:26:40 GMT
content-type
application/javascript; charset=UTF-8
x-tt-logid
202504221413213C0FB02B029AA5080315
server
nginx
x-akamai-request-id
2f3930ea
x-tt-trace-host
01882b881b87862ba75254474645f867b6f6527ee927164d115637210c024562075aeb056e476f17771c014b462a41102bcca6e4e212cd07127a64e9cef84bfe861ae5787a7f7933731d7aca1e05713cb08dbc50f40b4b02190e4bb06d9193fea2
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s08-in-f10.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube-nocookie.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube-nocookie.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sat, 26 Apr 2025 02:26:40 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
player
www.youtube-nocookie.com/youtubei/v1/ Frame F7B2 		67 KB
32 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/youtubei/v1/player?prettyPrint=false
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/22f02d3d/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f14.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
e0993bbdff1b01883ab0db97fbf4813270ec4fe1b587a3941bbaf67b38e16275
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Youtube-Client-Version
1.20250422.22.00
X-Goog-Visitor-Id
CgszMVltWHM5UnVfMCjfiLHABjIKCgJERRIEEgAgWw%3D%3D
Referer
https://www.youtube-nocookie.com/embed/Kdx01YmF6t8?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
X-Youtube-Bootstrap-Logged-In
false
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Content-Type
application/json
X-Youtube-Client-Name
56

Response headers

content-encoding
br
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32244
date
Sat, 26 Apr 2025 02:26:40 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
vary
Origin, X-Origin, Referer
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
zy9rNhS9wlhNVTKoH2dvsgD5_XMSUSRS4-UwaGEJmsU.js
www.google.com/js/th/ Frame F7B2 		58 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/zy9rNhS9wlhNVTKoH2dvsgD5_XMSUSRS4-UwaGEJmsU.js
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/22f02d3d/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f100.1e100.net
Software
sffe /
Resource Hash
cf2f6b3614bdc2584d5532a81f676fb200f9fd7312512452e3e5306861099ac5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.youtube-nocookie.com/

Response headers

content-encoding
br
age
325691
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
x-content-type-options
nosniff
expires
Wed, 22 Apr 2026 07:58:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Apr 2025 07:58:29 GMT
last-modified
Mon, 07 Apr 2025 13:30:00 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
accept-ranges
bytes
content-length
22410
x-xss-protection
0
server
sffe
embed.js
www.youtube-nocookie.com/s/player/22f02d3d/player_ias.vflset/de_DE/ Frame F7B2 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/s/player/22f02d3d/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/22f02d3d/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f14.1e100.net
Software
sffe /
Resource Hash
9e109e9f294480040f4b56214b80e1ff2c1e7bca9a5f6ca504ef1f5678befa24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.youtube-nocookie.com/embed/Kdx01YmF6t8?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3

Response headers

content-encoding
br
age
240784
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options
nosniff
expires
Thu, 23 Apr 2026 07:33:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 23 Apr 2025 07:33:36 GMT
last-modified
Wed, 23 Apr 2025 04:12:28 GMT
content-type
text/javascript
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
content-length
9650
x-xss-protection
0
server
sffe
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame F7B2 		98 KB
45 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/22f02d3d/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s08-in-f10.1e100.net
Software
ESF /
Resource Hash
813307432e6cbd281b09de60dd60ce3d04f4f7416cb505ca16697edf87fd710c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube-nocookie.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Content-Type
application/json+protobuf

Response headers

access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
content-encoding
gzip
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube-nocookie.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45982
date
Sat, 26 Apr 2025 02:26:40 GMT
x-xss-protection
0
content-type
application/json+protobuf; charset=UTF-8
vary
Origin, X-Origin, Referer
server
ESF
x-frame-options
SAMEORIGIN
truncated
/ Frame F7B2 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
wkXA0VvDNv54K2P-kNEYrhIGquGgp3OLCxkxJu29rqGA73tnY95UdPfH_GzUZMLRwxUZILHzeA=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame F7B2 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/wkXA0VvDNv54K2P-kNEYrhIGquGgp3OLCxkxJu29rqGA73tnY95UdPfH_GzUZMLRwxUZILHzeA=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/Kdx01YmF6t8?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
fife /
Resource Hash
9dce8e874f6e7a89f7f3ac819f413767dd02e9401ffdc980f80ee60978c3923d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.youtube-nocookie.com/

Response headers

access-control-expose-headers
Content-Length
etag
"v1"
age
7362
x-content-type-options
nosniff
expires
Sun, 27 Apr 2025 00:23:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 26 Apr 2025 00:23:58 GMT
content-disposition
inline;filename="channels4_profile.jpg"
content-type
image/jpeg
vary
Origin
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
access-control-allow-origin
*
content-length
1313
x-xss-protection
0
server
fife
id
d1pqvb2h9xgm7r.cloudfront.net/v1/ 		30 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d1pqvb2h9xgm7r.cloudfront.net/v1/id?channel=secure.parasiterelief.com
Requested by
Host: d9i5ve8f04qxt.cloudfront.net
URL: https://d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/collect-g.js?mid=LHP&channel=secure.parasiterelief.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.167.226.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-167-226-105.fra60.r.cloudfront.net
Software
/
Resource Hash
378f8d35cc9df5cd8dcca28562f11b244b5cce0df98a8807f98a506610f01153

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

access-control-expose-headers
date, x-api-id
via
1.1 112ea1671f1dfc4e484af72377a98408.cloudfront.net (CloudFront)
apigw-requestid
Jm-fHhmoIAMEbqw=
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
30
alt-svc
h3=":443"; ma=86400
date
Sat, 26 Apr 2025 02:26:40 GMT
content-type
text/plain; charset=utf-8
x-amz-cf-pop
FRA60-P11
x-amz-cf-id
U9AOf8R7RlaKhWO1kpLjTvoy6KLMfJrgibH9zdS3i1j3pCLfRrYkfQ==
p
tr6.snapchat.com/ 		0
47 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr6.snapchat.com/p
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://parasiterelief.com/

Response headers

via
1.1 google
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sat, 26 Apr 2025 02:26:40 GMT
x-envoy-upstream-service-time
0
server
API Gateway
/
ct.pinterest.com/v3/ 		35 B
787 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%2C%22line_items%22%3A%5B%7B%22product_id%22%3A%22cleanse%22%7D%5D%7D&tid=2613435893526&cb=1745634400340&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22np%22%3A%22gtm%22%2C%22pin_unauth%22%3A%22dWlkPU5qZGxPR1F3TlRRdE9EVTFaaTAwTTJZeExXSmlNV0l0TTJGa01qTTRZall3TlRJdw%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fparasiterelief.com%2F%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dcleansevsl%26utm_campaign%3Dcleansecpa%26affid%3D492%26oid%3D109%26uid%3D389%26_ef_transaction_id%3Dd806e723fe844b28904ee28ec49ae968%26n%3D6109%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%228821a9da%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Atrue%7D
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.8821a9da.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.215.120.185 Hamburg, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-120-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

x-pinterest-rid-128bit
41c51b7de0015dd46e770d1a00f971dc
expires
Sat, 01 Jan 2000 00:00:00 GMT
date
Sat, 26 Apr 2025 02:26:40 GMT
content-type
image/gif
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
cache-control
no-cache,no-store,must-revalidate,max-age=0
pragma
no-cache
x-envoy-upstream-service-time
1
x-cdn
akamai
access-control-allow-credentials
true
referrer-policy
origin
pinterest-version
29f111c367dfae75a4e9ab94cb5682ee4a3ac54a
access-control-allow-origin
https://parasiterelief.com
content-length
35
akamai-grn
0.6d501302.1745634400.1a2aa335
x-pinterest-rid
7959845271737299
identify_965479e7.js
analytics.tiktok.com/i18n/pixel/static/ 		152 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_965479e7.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiYzU5ZjYwMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.204.196 Hamburg, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-16-204-196.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
cde6db30cd94a59113eea90f7b63dcea7d429d7fa76ea7d5c832738333b07523

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

x-cache
TCP_MEM_HIT from a2-17-34-53.deploy.akamaitechnologies.com (AkamaiGHost/22.1.0-4f1ef2e9a8e1a0c8be2b8a74a525c274) (-)
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
x-tt-trace-id
00-250408154421450B6C381D84C87DA70E-3C9ED94C2756193D-00
content-length
39471
date
Sat, 26 Apr 2025 02:26:40 GMT
content-type
application/javascript; charset=UTF-8
x-tt-logid
20250408154421450B6C381D84C87DA70E
server
nginx
x-akamai-request-id
2f3930f5
x-tt-trace-host
017b3fe78a05ab65ad75cbd40ed9b24cc20bf99de6d76faa213b0050763ea45e9fea5b69479fbb53f7fe11190c5806b30c5513e1e0f29e00c410a447295ab370fe06141656688f5766744e4ee572d20711ec5a58bbc7ef66da988fd374296b65e1
pixel
analytics.tiktok.com/api/v2/ 		0
873 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiYzU5ZjYwMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.204.196 Hamburg, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-16-204-196.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://parasiterelief.com/

Response headers

x-cache-remote
TCP_MISS from a23-46-238-111.deploy.akamaitechnologies.com (AkamaiGHost/22.1.0-4f1ef2e9a8e1a0c8be2b8a74a525c274) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Sat, 26 Apr 2025 02:26:40 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=92, origin; dur=19, inner; dur=16
x-cache
TCP_MISS from a2-17-34-53.deploy.akamaitechnologies.com (AkamaiGHost/22.1.0-4f1ef2e9a8e1a0c8be2b8a74a525c274) (-)
date
Sat, 26 Apr 2025 02:26:40 GMT
x-akamai-request-id
31894fe5.2f3930f6
access-control-allow-headers
Authorization,*
x-tt-trace-host
0127a953beb4e497a716cef236a2464c188272d72d005e217e6e67bdf7b3fd361343172af73d68a086396a9922c94bf1c74325fd8079f047dd0e6c994ff7a1381169c068311f606325606da188fd82cb4e62f5da24e85837cff8e22bd797c5cdbbc550318d2eb258de49d02558a99a5f0e
x-origin-response-time
20,23.46.238.111
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-25042602264098711D4333DCA62140B1-628E25AA63822859-00
content-length
0
x-parent-response-time
108,2.17.34.53
x-tt-logid
2025042602264098711D4333DCA62140B1
server
nginx
pixel
analytics.tiktok.com/api/v2/ 		0
872 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiYzU5ZjYwMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.204.196 Hamburg, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-16-204-196.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://parasiterelief.com/

Response headers

x-cache-remote
TCP_MISS from a23-218-223-86.deploy.akamaitechnologies.com (AkamaiGHost/22.1.0-4f1ef2e9a8e1a0c8be2b8a74a525c274) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Sat, 26 Apr 2025 02:26:40 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=103, origin; dur=28, inner; dur=24
x-cache
TCP_MISS from a2-17-34-53.deploy.akamaitechnologies.com (AkamaiGHost/22.1.0-4f1ef2e9a8e1a0c8be2b8a74a525c274) (-)
date
Sat, 26 Apr 2025 02:26:40 GMT
x-akamai-request-id
ae0de9e0.2f3930f7
access-control-allow-headers
Authorization,*
x-tt-trace-host
0127a953beb4e497a716cef236a2464c1810482bb4fd6c3ba63012950b7e79e4a0e2c57bc94f71ff06d718b83a634f77cbc81ff47f9045068e9f731817635df638b7f5cab704063ac8082163d3673ede99971ea90616c1f1a3fa7ceb640e441da500ee321e026ef1a914d285fab809be0d
x-origin-response-time
29,23.218.223.86
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-2504260226408F46B456B3DE62220168-35150F506B31EEFC-00
content-length
0
x-parent-response-time
121,2.17.34.53
x-tt-logid
202504260226408F46B456B3DE62220168
server
nginx
qoe
www.youtube-nocookie.com/api/stats/ Frame F7B2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/api/stats/qoe?fmt=134&cpn=ei9uCDOtFNfEABUz&el=embedded&ns=yt&fexp=v1%2C24004644%2C434717%2C127326%2C26443548%2C53408%2C34656%2C78212%2C27818%2C18644%2C14869%2C75925%2C24262%2C2633%2C9252%2C3479%2C690%2C12340%2C3484%2C2773%2C2967%2C13982%2C7703%2C4217%2C3259%2C2%2C1900%2C241%2C2384%2C9428%2C515%2C4154%2C1599%2C997%2C4531%2C3264%2C4387%2C796%2C757%2C111%2C814%2C1152%2C4402%2C3677%2C891%2C486%2C2634%2C2214%2C484%2C455%2C1839%2C2524%2C2484%2C1121%2C2224%2C398%2C2121%2C234%2C1902%2C320&cl=750409904&seq=1&docid=Kdx01YmF6t8&ei=YEQMaPuJEZTKi9oPzcWzgA8&event=streamingstats&plid=AAYzpS5WeqbZKDqO&cbr=Chrome&cbrver=135.0.0.0&c=WEB_EMBEDDED_PLAYER&cver=1.20250422.22.00&cplayer=UNIPLAYER&cos=X11&cplatform=DESKTOP&vps=0.000:N,0.005:B,0.109:B,0.109:B&cat=streaming&cmt=0.005:0.000,0.109:0.000&vfs=0.109:134:134::r&view=0.109:926:521&bwe=0.109:655360&bat=0.109:1:1&vis=0.109:0&bh=0.109:0.000&qclc=ChBlaTl1Q0RPdEZOZkVBQlV6EAE
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/22f02d3d/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f14.1e100.net
Software
Video Stats Server /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Goog-Visitor-Id
CgszMVltWHM5UnVfMCjfiLHABjIKCgJERRIEEgAgWw%3D%3D
Referer
https://www.youtube-nocookie.com/embed/Kdx01YmF6t8?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sat, 26 Apr 2025 02:26:40 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
Video Stats Server
x-frame-options
SAMEORIGIN
videoplayback
rr8---sn-n02xgoxufvg3-2gbs.googlevideo.com/ Frame F7B2 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rr8---sn-n02xgoxufvg3-2gbs.googlevideo.com/videoplayback?expire=1745656000&ei=YEQMaPuJEZTKi9oPzcWzgA8&ip=149.88.24.171&id=o-AA2VHCHIvM6uwb3sBnLoUJyDmlULsTwGZcVR-kuGqGH3&itag=134&aitags=134%2C136%2C137%2C160%2C243&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&met=1745634400%2C&mh=zd&mm=31%2C29&mn=sn-n02xgoxufvg3-2gbs%2Csn-4g5lznl7&ms=au%2Crdu&mv=m&mvi=8&pl=24&rms=au%2Cau&initcwndbps=1563750&bui=AccgBcOIisrP-uEYuboebV08HPlYY_tA7VFMcxp0bwaVvlZqeCS5WcQbC3pDVEQTfC3MZ8Z056lXbjy8&spc=_S3wKpQPVkqAj2oqub8iGTOcJ6zAk4zlVJK4M4bOpsEbhvgukQCRbiCjIn9C5M3kNNU&vprv=1&svpuc=1&mime=video%2Fmp4&ns=RAXZPGr8O98JNOUAeB7WfcAQ&rqh=1&gir=yes&clen=85085020&dur=1883.875&lmt=1742912127300866&mt=1745634048&fvip=5&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=6209224&n=nmagnhWzfpegeQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Crqh%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=met%2Cmh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Crms%2Cinitcwndbps&lsig=ACuhMU0wRQIhAL-kCtv79T8f1brSfqCecpNUJP2bFinmMm9S438XVQuWAiBOiZOQvxL6-p14dEWTb1vUht1XJpW6IqP3SlOrb7Qhrg%3D%3D&alr=yes&sig=AJfQdSswRAIgOfRR2Qgqd3P0KEDz8WJ_ng61ocwL7HUKn_N6yQz9yi4CIB9owQIPILVmchjxskOi4r0d09tor71lPEDjq8QBI7f7&cpn=ei9uCDOtFNfEABUz&cver=1.20250422.22.00&range=0-171276&rn=1&rbuf=0&pot=IghRAVEDOQ0VYQ==&ump=1&srfvp=1
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/22f02d3d/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
95.168.222.147 Ceska Trebova, Czech Republic, ASN39392 (SuperNetwork SH.cz s.r.o., CZ),
Reverse DNS
unn-95-168-222-147.superhosting.cz
Software
gvs 1.0 /
Resource Hash
343c94d27c8b9f920f7e03615dd79e9eb4639aeacc3f4d1a4fb466c5ed5ee160
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.youtube-nocookie.com/

Response headers

cache-control
private, max-age=21300
timing-allow-origin
https://www.youtube-nocookie.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
client-protocol
quic
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Sat, 26 Apr 2025 02:26:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
access-control-allow-origin
https://www.youtube-nocookie.com
date
Sat, 26 Apr 2025 02:26:40 GMT
last-modified
Wed, 02 May 2007 10:26:10 GMT
content-type
application/vnd.yt-ump
vary
Origin
server
gvs 1.0
videoplayback
rr8---sn-n02xgoxufvg3-2gbs.googlevideo.com/ Frame F7B2 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rr8---sn-n02xgoxufvg3-2gbs.googlevideo.com/videoplayback?expire=1745656000&ei=YEQMaPuJEZTKi9oPzcWzgA8&ip=149.88.24.171&id=o-AA2VHCHIvM6uwb3sBnLoUJyDmlULsTwGZcVR-kuGqGH3&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&met=1745634400%2C&mh=zd&mm=31%2C29&mn=sn-n02xgoxufvg3-2gbs%2Csn-4g5lznl7&ms=au%2Crdu&mv=m&mvi=8&pl=24&rms=au%2Cau&initcwndbps=1563750&bui=AccgBcOIisrP-uEYuboebV08HPlYY_tA7VFMcxp0bwaVvlZqeCS5WcQbC3pDVEQTfC3MZ8Z056lXbjy8&spc=_S3wKpQPVkqAj2oqub8iGTOcJ6zAk4zlVJK4M4bOpsEbhvgukQCRbiCjIn9C5M3kNNU&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=RAXZPGr8O98JNOUAeB7WfcAQ&rqh=1&gir=yes&clen=32512896&dur=1883.901&lmt=1742912238757316&mt=1745634048&fvip=5&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=6208224&n=nmagnhWzfpegeQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Crqh%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=met%2Cmh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Crms%2Cinitcwndbps&lsig=ACuhMU0wRQIhAL-kCtv79T8f1brSfqCecpNUJP2bFinmMm9S438XVQuWAiBOiZOQvxL6-p14dEWTb1vUht1XJpW6IqP3SlOrb7Qhrg%3D%3D&alr=yes&sig=AJfQdSswRgIhAL7ohxVjBEHomoeKHSXmeKj2zzL0GoOL8FKPGu5jtok_AiEAiM2gE4k7I151dFnf_tvQvY6DXP9EPJFQAON1-_A3ofM%3D&cpn=ei9uCDOtFNfEABUz&cver=1.20250422.22.00&range=0-69102&rn=2&rbuf=0&pot=IggYIRgjcC1cQQ==&ump=1&srfvp=1
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/22f02d3d/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
95.168.222.147 Ceska Trebova, Czech Republic, ASN39392 (SuperNetwork SH.cz s.r.o., CZ),
Reverse DNS
unn-95-168-222-147.superhosting.cz
Software
gvs 1.0 /
Resource Hash
ca14aae4a646ad6d456e603809aba0f887e6a005858b4d0ad43b4fc514b5d8ec
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.youtube-nocookie.com/

Response headers

cache-control
private, max-age=21300
timing-allow-origin
https://www.youtube-nocookie.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
client-protocol
quic
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Sat, 26 Apr 2025 02:26:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
access-control-allow-origin
https://www.youtube-nocookie.com
date
Sat, 26 Apr 2025 02:26:40 GMT
last-modified
Wed, 02 May 2007 10:26:10 GMT
content-type
application/vnd.yt-ump
vary
Origin
server
gvs 1.0
captions.js
www.youtube-nocookie.com/s/player/22f02d3d/player_ias.vflset/de_DE/ Frame F7B2 		79 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/s/player/22f02d3d/player_ias.vflset/de_DE/captions.js
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/22f02d3d/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f14.1e100.net
Software
sffe /
Resource Hash
e277768ac5caa2cf314ff4b98f92382cd8182039ceaec80c2d1f756031c762a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.youtube-nocookie.com/embed/Kdx01YmF6t8?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3

Response headers

content-encoding
br
age
240692
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options
nosniff
expires
Thu, 23 Apr 2026 07:35:08 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 23 Apr 2025 07:35:08 GMT
last-modified
Wed, 23 Apr 2025 04:12:28 GMT
content-type
text/javascript
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
content-length
26926
x-xss-protection
0
server
sffe
endscreen.js
www.youtube-nocookie.com/s/player/22f02d3d/player_ias.vflset/de_DE/ Frame F7B2 		40 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/s/player/22f02d3d/player_ias.vflset/de_DE/endscreen.js
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/22f02d3d/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f14.1e100.net
Software
sffe /
Resource Hash
4948ae9b9ce5ffaa094ee10699aaea6f5ed4c056b824a62188e976dc3578106f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.youtube-nocookie.com/embed/Kdx01YmF6t8?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3

Response headers

content-encoding
br
age
240692
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options
nosniff
expires
Thu, 23 Apr 2026 07:35:08 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 23 Apr 2025 07:35:08 GMT
last-modified
Wed, 23 Apr 2025 04:12:28 GMT
content-type
text/javascript
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
content-length
9184
x-xss-protection
0
server
sffe
get_setting_values
www.youtube-nocookie.com/youtubei/v1/account/ Frame F7B2 		2 KB
917 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/youtubei/v1/account/get_setting_values?prettyPrint=false
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/22f02d3d/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f14.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
a2bea5487f8cb1a55a3acc4d697aaa8252d6a45ae6fb36628c318091c1a73140
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Youtube-Client-Version
1.20250422.22.00
X-Goog-Visitor-Id
CgszMVltWHM5UnVfMCjfiLHABjIKCgJERRIEEgAgWw%3D%3D
Referer
https://www.youtube-nocookie.com/embed/Kdx01YmF6t8?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
X-Youtube-Bootstrap-Logged-In
false
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Content-Type
application/json
X-Youtube-Client-Name
56

Response headers

content-encoding
br
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
897
date
Sat, 26 Apr 2025 02:26:40 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
vary
Origin, X-Origin, Referer
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
next
www.youtube-nocookie.com/youtubei/v1/ Frame F7B2 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/youtubei/v1/next?prettyPrint=false
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/22f02d3d/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f14.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
1ed0a5d8b95b8fbae77eb35275ffdf02ed05aa25bbbcfba70513606190bea2af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Youtube-Client-Version
1.20250422.22.00
X-Goog-Visitor-Id
CgszMVltWHM5UnVfMCjfiLHABjIKCgJERRIEEgAgWw%3D%3D
Referer
https://www.youtube-nocookie.com/embed/Kdx01YmF6t8?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
X-Youtube-Bootstrap-Logged-In
false
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Content-Type
application/json
X-Youtube-Client-Name
56

Response headers

content-encoding
br
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2009
date
Sat, 26 Apr 2025 02:26:40 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
vary
Origin, X-Origin, Referer
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
dc_pre=CJT-1fLS9IwDFaQLVQgdqswzrA;src=13811400;type=nda;cat=cl24_00;ord=1;num=5401911911756;npa=0;auiddc=*;ps=1;pcor=849949254;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=Kp...
adservice.google.com/ddm/fls/z/ Frame 26F7 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CJT-1fLS9IwDFaQLVQgdqswzrA;src=13811400;type=nda;cat=cl24_00;ord=1;num=5401911911756;npa=0;auiddc=*;ps=1;pcor=849949254;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KpA;gtm=45fe54n0z89138730978za201zb871036254;gcs=G111;gcd=13v3v3v2v5l1;dma_cps=syphamo;dma=1;dc_fmt=1;tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001;ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001;epver=2;~oref=https%3A%2F%2Fparasiterelief.com%2F%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dcleansevsl%26utm_campaign%3Dcleansecpa%26affid%3D492%26oid%3D109%26uid%3D389%26_ef_transaction_id%3Dd806e723fe844b28904ee28ec49ae968%26n%3D6109
Requested by
Host: 13811400.fls.doubleclick.net
URL: https://13811400.fls.doubleclick.net/activityi;dc_pre=CJT-1fLS9IwDFaQLVQgdqswzrA;src=13811400;type=nda;cat=cl24_00;ord=1;num=5401911911756;npa=0;auiddc=884641591.1745634400;ps=1;pcor=849949254;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KpA;gtm=45fe54n0z89138730978za201zb871036254;gcs=G111;gcd=13v3v3v2v5l1;dma_cps=syphamo;dma=1;dc_fmt=1;tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001;ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001;epver=2;~oref=https%3A%2F%2Fparasiterelief.com%2F%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dcleansevsl%26utm_campaign%3Dcleansecpa%26affid%3D492%26oid%3D109%26uid%3D389%26_ef_transaction_id%3Dd806e723fe844b28904ee28ec49ae968%26n%3D6109?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://13811400.fls.doubleclick.net/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Sat, 26 Apr 2025 02:26:40 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
clarity.js
www.clarity.ms/s/0.8.1/ 		70 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.8.1/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/lk2f3dtvw5?ref=gtm2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2e914ba245ff42449ed9ad8103d185ec7f8ddf5896a1b1a1b9c0a5427893c420

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

x-azure-ref
20250426T022640Z-177f9969f75tctlthC1FRAm3ds0000000c0g000000007b9m
cache-control
public, max-age=86400
x-ms-version
2018-03-28
content-encoding
br
etag
W/"0x8DD6722E0B7F6F4"
x-fd-int-roxy-purgeid
79034942
x-ms-request-id
2f2fa860-e01e-0003-26e7-b0cfbf000000
access-control-allow-origin
*
x-cache
TCP_HIT
date
Sat, 26 Apr 2025 02:26:40 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
last-modified
Wed, 19 Mar 2025 20:16:05 GMT
generate_204
www.youtube-nocookie.com/ Frame F7B2 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube-nocookie.com/generate_204?MvGSkg
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/Kdx01YmF6t8?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f14.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.youtube-nocookie.com/embed/Kdx01YmF6t8?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sat, 26 Apr 2025 02:26:40 GMT
cross-origin-resource-policy
cross-origin
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s08-in-f10.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube-nocookie.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube-nocookie.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sat, 26 Apr 2025 02:26:40 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame F7B2 		90 B
132 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/22f02d3d/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s08-in-f10.1e100.net
Software
ESF /
Resource Hash
646b7792d35d84adcdd21728d9ade542699c34cb60c58ee2753ecdb16a529a59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube-nocookie.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Content-Type
application/json+protobuf

Response headers

access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
content-encoding
gzip
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube-nocookie.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
date
Sat, 26 Apr 2025 02:26:40 GMT
x-xss-protection
0
content-type
application/json+protobuf; charset=UTF-8
vary
Origin, X-Origin, Referer
server
ESF
x-frame-options
SAMEORIGIN
j
rp.liadm.com/
Redirect Chain
  • https://rp.liadm.com/j?dtstmp=1745634400467&aid=b-00tu&se=e30&duid=2fd7b255045c--01jsqyp61h4cj5fc9n09vwr2x1&tv=v3.11.1&pu=https%3A%2F%2Fparasiterelief.com%2F%3Futm_source%3Dcpa%26utm_medium%3Daffil...
  • https://rp.liadm.com/j?dtstmp=1745634400467&aid=b-00tu&se=e30&duid=2fd7b255045c--01jsqyp61h4cj5fc9n09vwr2x1&tv=v3.11.1&pu=https%3A%2F%2Fparasiterelief.com%2F%3Futm_source%3Dcpa%26utm_medium%3Daffil...
13 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rp.liadm.com/j?dtstmp=1745634400467&aid=b-00tu&se=e30&duid=2fd7b255045c--01jsqyp61h4cj5fc9n09vwr2x1&tv=v3.11.1&pu=https%3A%2F%2Fparasiterelief.com%2F%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dcleansevsl%26utm_campaign%3Dcleansecpa%26affid%3D492%26oid%3D109%26uid%3D389%26_ef_transaction_id%3Dd806e723fe844b28904ee28ec49ae968%26n%3D6109&wpn=lc-bundle&wpv=v3.11.1&cd=.parasiterelief.com&pv=f3e32ad9-073b-4d0f-b814-f4c24cec0bdd&n3pc=true
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=492&oid=109&uid=389&_ef_transaction_id=d806e723fe844b28904ee28ec49ae968&n=6109
Protocol
H2
Server
34.225.110.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-110-11.compute-1.amazonaws.com
Software
/
Resource Hash
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

x-pixel-event-id
e2299c4e-fb87-4d6e-9539-6f0f0a643479
access-control-max-age
86400
access-control-expose-headers
*
access-control-allow-credentials
true
access-control-allow-methods
GET
access-control-allow-origin
https://parasiterelief.com
content-length
13
date
Sat, 26 Apr 2025 02:26:41 GMT
content-type
application/json

Redirect headers

access-control-max-age
86400
access-control-expose-headers
*
location
/j?dtstmp=1745634400467&aid=b-00tu&se=e30&duid=2fd7b255045c--01jsqyp61h4cj5fc9n09vwr2x1&tv=v3.11.1&pu=https%3A%2F%2Fparasiterelief.com%2F%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dcleansevsl%26utm_campaign%3Dcleansecpa%26affid%3D492%26oid%3D109%26uid%3D389%26_ef_transaction_id%3Dd806e723fe844b28904ee28ec49ae968%26n%3D6109&wpn=lc-bundle&wpv=v3.11.1&cd=.parasiterelief.com&pv=f3e32ad9-073b-4d0f-b814-f4c24cec0bdd&n3pc=true
access-control-allow-credentials
true
access-control-allow-methods
GET
access-control-allow-origin
https://parasiterelief.com
content-length
0
date
Sat, 26 Apr 2025 02:26:40 GMT
p
tr.snapchat.com/ 		0
92 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/p
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://parasiterelief.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time
1
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://parasiterelief.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sat, 26 Apr 2025 02:26:40 GMT
server
API Gateway
UCAffiliateNetworkPixel
secure.parasiterelief.com/cgi-bin/ 		0
646 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.parasiterelief.com/cgi-bin/UCAffiliateNetworkPixel?t=0.28299011565443266&r=&u=https%3A%2F%2Fparasiterelief.com%2F%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dcleansevsl%26utm_campaign%3Dcleansecpa%26affid%3D492%26oid%3D109%26uid%3D389%26_ef_transaction_id%3Dd806e723fe844b28904ee28ec49ae968%26n%3D6109
Requested by
Host: secure.parasiterelief.com
URL: https://secure.parasiterelief.com/cgi-bin/UCAffiliateNetworkPixel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.238.57.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-57-138.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Sat, 26 Apr 2025 02:26:40 GMT
server
Apache
videoplayback
rr5---sn-4g5lznl7.googlevideo.com/ Frame F7B2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rr5---sn-4g5lznl7.googlevideo.com/videoplayback?expire=1745656000&ei=YEQMaPuJEZTKi9oPzcWzgA8&ip=149.88.24.171&id=o-AA2VHCHIvM6uwb3sBnLoUJyDmlULsTwGZcVR-kuGqGH3&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AccgBcOIisrP-uEYuboebV08HPlYY_tA7VFMcxp0bwaVvlZqeCS5WcQbC3pDVEQTfC3MZ8Z056lXbjy8&spc=_S3wKpQPVkqAj2oqub8iGTOcJ6zAk4zlVJK4M4bOpsEbhvgukQCRbiCjIn9C5M3kNNU&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=RAXZPGr8O98JNOUAeB7WfcAQ&rqh=1&gir=yes&clen=32512896&dur=1883.901&lmt=1742912238757316&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=6208224&n=nmagnhWzfpegeQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Crqh%2Cgir%2Cclen%2Cdur%2Clmt&alr=yes&sig=AJfQdSswRgIhAL7ohxVjBEHomoeKHSXmeKj2zzL0GoOL8FKPGu5jtok_AiEAiM2gE4k7I151dFnf_tvQvY6DXP9EPJFQAON1-_A3ofM%3D&cpn=ei9uCDOtFNfEABUz&cver=1.20250422.22.00&redirect_counter=1&cm2rm=sn-n02xgoxufvg3-2gbs7r&rrc=80&fexp=24350590,24350737,24350796,24350816,24350827,24350961,24350984,24351173,24351254,24351428,24351431,24351495,24351528,24351542,24351545,24351638,24351658,24351662,24351673,24351704&cms_redirect=yes&cmsv=e&met=1745634400,&mh=zd&mm=29&mn=sn-4g5lznl7&ms=rdu&mt=1745634048&mv=m&mvi=5&pl=24&rms=rdu,au&lsparams=met,mh,mm,mn,ms,mv,mvi,pl,rms&lsig=ACuhMU0wRAIgJS5iRDbqHCupIdimIt8jZuzbRanyxMfKJE1A4m158jECIBhy0IxMO5592tblSFjGjpis5bq7ZZEyrUYfh7wrEpzt&range=0-69102&rn=3&rbuf=0&pot=IgiCiYKP6oXG6Q==&ump=1&srfvp=1
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/22f02d3d/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.163.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s20-in-f10.1e100.net
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.youtube-nocookie.com/

Response headers

cache-control
private, max-age=21300
timing-allow-origin
https://www.youtube-nocookie.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
client-protocol
quic
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Sat, 26 Apr 2025 02:26:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
access-control-allow-origin
https://www.youtube-nocookie.com
date
Sat, 26 Apr 2025 02:26:40 GMT
last-modified
Tue, 25 Mar 2025 14:17:18 GMT
content-type
application/vnd.yt-ump
vary
Origin
server
gvs 1.0
videoplayback
rr5---sn-4g5lznl7.googlevideo.com/ Frame F7B2 		0
0
embedded_player
www.youtube-nocookie.com/youtubei/v1/ Frame F7B2 		39 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/youtubei/v1/embedded_player?prettyPrint=false
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/22f02d3d/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f14.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
19ada4ecb55ee2afc081edd3ff27ae4c29cea6705df73aebe9560056c5ba8103
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Youtube-Client-Version
1.20250422.22.00
X-Goog-Visitor-Id
CgszMVltWHM5UnVfMCjfiLHABjIKCgJERRIEEgAgWw%3D%3D
Referer
https://www.youtube-nocookie.com/embed/Kdx01YmF6t8?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
X-Youtube-Bootstrap-Logged-In
false
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Content-Type
application/json
X-Youtube-Client-Name
56

Response headers

content-encoding
br
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26697
date
Sat, 26 Apr 2025 02:26:40 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
vary
Origin, X-Origin, Referer
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
qoe
www.youtube-nocookie.com/api/stats/ Frame F7B2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/api/stats/qoe?fmt=134&afmt=251&cpn=ei9uCDOtFNfEABUz&el=embedded&ns=yt&fexp=v1%2C24004644%2C434717%2C127326%2C26443548%2C53408%2C34656%2C78212%2C27818%2C18644%2C14869%2C75925%2C24262%2C2633%2C9252%2C3479%2C690%2C12340%2C3484%2C2773%2C2967%2C13982%2C7703%2C4217%2C3259%2C2%2C1900%2C241%2C2384%2C9428%2C515%2C4154%2C1599%2C997%2C4531%2C3264%2C4387%2C796%2C757%2C111%2C814%2C1152%2C4402%2C3677%2C891%2C486%2C2634%2C2214%2C484%2C455%2C1839%2C2524%2C2484%2C1121%2C2224%2C398%2C2121%2C234%2C1902%2C320&cl=750409904&seq=2&docid=Kdx01YmF6t8&ei=YEQMaPuJEZTKi9oPzcWzgA8&event=streamingstats&plid=AAYzpS5WeqbZKDqO&cbr=Chrome&cbrver=135.0.0.0&c=WEB_EMBEDDED_PLAYER&cver=1.20250422.22.00&cplayer=UNIPLAYER&cos=X11&cplatform=DESKTOP&afs=0.110:251::i&cmt=0.285:0.000,0.287:0.000,0.287:0.000&vps=0.285:N,0.287:SU,0.287:SU&bwm=0.287:2917:0.215&bat=0.287:1:1&bh=0.287:0.000&qclc=ChBlaTl1Q0RPdEZOZkVBQlV6EAI
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/22f02d3d/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f14.1e100.net
Software
Video Stats Server /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Goog-Visitor-Id
CgszMVltWHM5UnVfMCjfiLHABjIKCgJERRIEEgAgWw%3D%3D
Referer
https://www.youtube-nocookie.com/embed/Kdx01YmF6t8?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sat, 26 Apr 2025 02:26:40 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
Video Stats Server
x-frame-options
SAMEORIGIN
sddefault.webp
i.ytimg.com/vi_webp/Kdx01YmF6t8/ Frame F7B2 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/Kdx01YmF6t8/sddefault.webp
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=492&oid=109&uid=389&_ef_transaction_id=d806e723fe844b28904ee28ec49ae968&n=6109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.246 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f22.1e100.net
Software
sffe /
Resource Hash
d80178f9583450bd4742fa22fd210a2195a06beae7af0539cdce10ee05d1137f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.youtube-nocookie.com/

Response headers

etag
"1743068986"
age
0
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options
nosniff
expires
Sat, 26 Apr 2025 04:26:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 26 Apr 2025 02:26:40 GMT
content-type
image/webp
vary
Origin
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
content-length
15248
x-xss-protection
0
server
sffe
rt
d1pqvb2h9xgm7r.cloudfront.net/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://d1pqvb2h9xgm7r.cloudfront.net/v1/rt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.167.226.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-167-226-105.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://parasiterelief.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
300
age
11455
alt-svc
h3=":443"; ma=86400
apigw-requestid
JmihWgBsoAMESYA=
date
Fri, 25 Apr 2025 23:15:45 GMT
via
1.1 112ea1671f1dfc4e484af72377a98408.cloudfront.net (CloudFront)
x-amz-cf-id
aecOM1XikeetBQq4x0qRAxdzGn4wrGLQTxfI74WvVylwdJlbGmjSJA==
x-amz-cf-pop
FRA60-P11
x-cache
Hit from cloudfront
rt
d1pqvb2h9xgm7r.cloudfront.net/v1/ 		515 B
884 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d1pqvb2h9xgm7r.cloudfront.net/v1/rt
Requested by
Host: d9i5ve8f04qxt.cloudfront.net
URL: https://d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/collect-g.js?mid=LHP&channel=secure.parasiterelief.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.167.226.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-167-226-105.fra60.r.cloudfront.net
Software
/
Resource Hash
074d6bb4517605e82a8d5cb76e4e041c19bf327e671bc8a578eafd986ffa76c3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Content-type
application/json
Referer
https://parasiterelief.com/

Response headers

access-control-expose-headers
date, x-api-id
x-amzn-requestid
c032c471-05c6-5292-b99d-a4f74366edbb
via
1.1 112ea1671f1dfc4e484af72377a98408.cloudfront.net (CloudFront)
apigw-requestid
Jm-fMg3moAMEbQA=
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
515
alt-svc
h3=":443"; ma=86400
date
Sat, 26 Apr 2025 02:26:40 GMT
content-type
text/xml
x-amz-cf-pop
FRA60-P11
x-amz-cf-id
njWUW3m5htgBqvG5XraAJsfnCu8Ias3le-_uFhXoVfckLldQsqZ-Rg==
rt
d1pqvb2h9xgm7r.cloudfront.net/v1/ 		515 B
815 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d1pqvb2h9xgm7r.cloudfront.net/v1/rt
Requested by
Host: d9i5ve8f04qxt.cloudfront.net
URL: https://d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/collect-g.js?mid=LHP&channel=secure.parasiterelief.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.167.226.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-167-226-105.fra60.r.cloudfront.net
Software
/
Resource Hash
66e4ade96e71292f3f73d563b7b72a37f7a7342a34ffc784ac02cee0ab762c47

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Content-type
application/json
Referer
https://parasiterelief.com/

Response headers

access-control-expose-headers
date, x-api-id
x-amzn-requestid
8ed94737-66af-5118-a071-27b1200ffced
via
1.1 1f06029d64b556175859a19159ff7f92.cloudfront.net (CloudFront)
apigw-requestid
Jm-fMi2GIAMEMGQ=
alt-svc
h3=":443"; ma=86400
access-control-allow-origin
*
content-length
515
x-amz-cf-id
_iK71IhkvbnBWZV9WkfZnMowKDsF8RFhlqHFtDU-E0MX_efb6-RmUw==
date
Sat, 26 Apr 2025 02:26:40 GMT
content-type
text/xml
x-cache
Miss from cloudfront
x-amz-cf-pop
FRA60-P11
rt
d1pqvb2h9xgm7r.cloudfront.net/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://d1pqvb2h9xgm7r.cloudfront.net/v1/rt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.167.226.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-167-226-105.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://parasiterelief.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
300
age
11455
alt-svc
h3=":443"; ma=86400
apigw-requestid
JmihWgBsoAMESYA=
date
Fri, 25 Apr 2025 23:15:45 GMT
via
1.1 112ea1671f1dfc4e484af72377a98408.cloudfront.net (CloudFront)
x-amz-cf-id
nXTFz859NN2xU335Fw_0YmNcnt2Rqh8h6Ylho2Mini-MGdOz0Y8u2w==
x-amz-cf-pop
FRA60-P11
x-cache
Hit from cloudfront
click
www.p8btrk.com/sdk/ 		87 B
427 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.p8btrk.com/sdk/click?effp=cb3e76bae20761d26d2cb074ae288b61&sec_ch_ua_platform=&sec_ch_ua_platform_version=&sec_ch_ua_model=&_ef_transaction_id=d806e723fe844b28904ee28ec49ae968&oid=109&affid=492&__cc=&async=json&uid=389&__qp=utm_source%7Cutm_medium%7Cutm_content%7Cutm_campaign%7Caffid%7Coid%7Cuid%7C_ef_transaction_id%7Cn&__rf=&__efckuq=76
Requested by
Host: www.p8btrk.com
URL: https://www.p8btrk.com/scripts/sdk/everflow.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.80.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.80.98.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
ac466bc96912aea14f30727015926ee013a7224523cdeb7f3ca493d574c19134

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

accept-ch
Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
access-control-allow-credentials
true
via
1.1 google
x-eflow-request-id
e9b6fc59-9009-4d9f-986a-3827bf40f802
access-control-allow-origin
https://parasiterelief.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
87
date
Sat, 26 Apr 2025 02:26:40 GMT
content-type
application/json; charset=utf-8
vary
Origin
server
nginx
collect
n.clarity.ms/ 		0
282 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://n.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.8.1/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.175.234.12 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://parasiterelief.com/

Response headers

Request-Context
appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
Access-Control-Allow-Origin
https://parasiterelief.com
Date
Sat, 26 Apr 2025 02:26:40 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
sync-container
i.liadm.com/ Frame 449B 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://i.liadm.com/sync-container?duid=2fd7b255045c--01jsqyp61h4cj5fc9n09vwr2x1&appId=b-00tu&euns=1&s=&version=v3.11.1&cd=.parasiterelief.com&pv=f3e32ad9-073b-4d0f-b814-f4c24cec0bdd
Requested by
Host: b-code.liadm.com
URL: https://b-code.liadm.com/b-00tu.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.175.159.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-159-191.compute-1.amazonaws.com
Software
/
Resource Hash
63e44c0db82beab91a6620b77a168d56986fe9b707fb512329f9bd582632c1a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://parasiterelief.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

Cache-Control
private, no-cache, max-age=0
Connection
keep-alive
Content-Length
1088
Content-Type
text/html; charset=UTF-8
Date
Sat, 26 Apr 2025 02:26:40 GMT
Request-Time
12
Strict-Transport-Security
max-age=31536000; includeSubDomains
trace-id
14b0152391d559f3
act
analytics.tiktok.com/api/v2/pixel/ 		0
870 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiYzU5ZjYwMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.204.196 Hamburg, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-16-204-196.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://parasiterelief.com/

Response headers

x-cache-remote
TCP_MISS from a23-220-104-22.deploy.akamaitechnologies.com (AkamaiGHost/22.1.0-4f1ef2e9a8e1a0c8be2b8a74a525c274) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Sat, 26 Apr 2025 02:26:40 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=100, origin; dur=20, inner; dur=16
x-cache
TCP_MISS from a2-17-34-53.deploy.akamaitechnologies.com (AkamaiGHost/22.1.0-4f1ef2e9a8e1a0c8be2b8a74a525c274) (-)
date
Sat, 26 Apr 2025 02:26:40 GMT
x-akamai-request-id
59ac2209.2f39312c
access-control-allow-headers
Authorization,*
x-tt-trace-host
0127a953beb4e497a716cef236a2464c18e3133067bcdef430fce39bdd155f13fa30880ad6430df98c73d63e44b17c7412024b35ae1135cc78d31052358d0902744f05573b2e4773e3b5af74d6bd0595e7f14d5aba18418d09cd1575b30f894e0b0f5e4e267712c11b0de94ac05b756017
x-origin-response-time
20,23.220.104.22
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-25042602264004CCBA1329EC1E238F99-67FA6884742E97FE-00
content-length
0
x-parent-response-time
108,2.17.34.53
x-tt-logid
2025042602264004CCBA1329EC1E238F99
server
nginx
v2
us.creativecdn.com/tags/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://us.creativecdn.com/tags/v2?type=json&tc=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
216.169.159.30 , United States, ASN203690 (RTB-HOUSE-ASH RTB Marketing and Tech Services Ltd, CY),
Reverse DNS
ip-216-169-159-30.rtbhouse.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://parasiterelief.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET, POST
access-control-allow-origin
https://parasiterelief.com
access-control-max-age
3600
content-length
0
date
Sat, 26 Apr 2025 02:26:40 GMT
vary
Origin
ig-membership
us.creativecdn.com/ Frame 39C4 		1 KB
940 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us.creativecdn.com/ig-membership?ntk=zF-Jnw1DAtSB_FK3zbiqLvZfECdz7W-kAl0_03pykBxr8YKXuJ5Upi7b1lVCWDnZQsIEdoTY3KicC9iSBZKMbnwskPJqKqIKQySEzo7tezKhvurnrM9sQNueW6Tm4CnmwN3hrsTic5l89-Zhww-Nd9UiJDfwy85shmWp1I3N6ENriOP0wX92IEGUTmlKYFUzs1tCEf9o_oQfzqvgCTp4AFL3bJBTrzYjHZvUqv9UN8nfJEqGImbTaTio6y61nVjnDzXlmRkYHlammrUAQ1wpMWx8aSbDambtAbWRdvGBCjDWmH7TE9cuOKd5mEPTU23_
Requested by
Host: tags.creativecdn.com
URL: https://tags.creativecdn.com/EuTwXXOV4Sc7dJbpixmK.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
216.169.159.30 , United States, ASN203690 (RTB-HOUSE-ASH RTB Marketing and Tech Services Ltd, CY),
Reverse DNS
ip-216-169-159-30.rtbhouse.net
Software
/
Resource Hash
28a90a45b011536e1283ce734d208241d59c582b039dedfc51942a845c9708eb

Request headers

Referer
https://parasiterelief.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
content-length
751
content-type
text/html;charset=utf-8
date
Sat, 26 Apr 2025 02:26:41 GMT Sat, 26 Apr 2025 02:26:41 GMT
expires
Sun, 27 Apr 2025 02:26:41 GMT
vary
Accept-Encoding
topics-membership
us.creativecdn.com/ Frame 165A 		1 KB
854 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us.creativecdn.com/topics-membership?ntk=0n7np3QkR2uWERG0yBm8HrR7npHhxu96mrEHmVKN4oS1vULeZg8b1Jl9VHKQFUlBVcJFIn4_wl0Vg0hzA4j9Nxt6ki-0PMryqg9CTMxif-qZRmCkO2AJb8LOKXhOTG97MjBedZ7ukCIN4E9bXKtdC1NeIWZFlUZ_oi_o1EeBcNhcOO6gdLa7-dvRtTlMiuDyCRS5GKlThIMUHvCdmru8W4cXUu1H3-zYx3L8XLTktWVLqwUvMZ1D9T22ADusefjGyynd9zXhuXeSW8pY5uXky9CRS7nt8wMnwo-zjupKsDkTqztWypb5I8rFcetQofYy
Requested by
Host: tags.creativecdn.com
URL: https://tags.creativecdn.com/EuTwXXOV4Sc7dJbpixmK.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
216.169.159.30 , United States, ASN203690 (RTB-HOUSE-ASH RTB Marketing and Tech Services Ltd, CY),
Reverse DNS
ip-216-169-159-30.rtbhouse.net
Software
/
Resource Hash
fade2ce6adae887b74ec513884f0afe3642fee2fb264425bc3c149748869b5ec

Request headers

Referer
https://parasiterelief.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
content-length
666
content-type
text/html;charset=utf-8
date
Sat, 26 Apr 2025 02:26:41 GMT Sat, 26 Apr 2025 02:26:41 GMT
expires
Sun, 27 Apr 2025 02:26:41 GMT
vary
Accept-Encoding
setuid
ib.adnxs.com/ 		0
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=315&code=gvTOeck-8qRryC5DjqJInGm9eZeLi5Z4w9EUXgX9AYo&consent=1
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=492&oid=109&uid=389&_ef_transaction_id=d806e723fe844b28904ee28ec49ae968&n=6109
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
x-proxy-origin
149.88.24.171; 149.88.24.171; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; *.adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid
5e9b0516-ef07-4ffd-b11f-eb979cd6e350
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Sat, 26 Apr 2025 02:26:41 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.23.4
501709.gif
idsync.rlcdn.com/ Frame 449B
Redirect Chain
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=7a3e7b6d-ee01-4b84-9e26-88a16df76519%3A1745634401.1291068&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D7a3e7b6d-ee01-4b84-9e26-88a16df...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5133329535650266858&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D7a3e7b6d-ee01-4b84-9e...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=7a3e7b6d-ee01-4b84-9e26-88a16df76519%3A1745634401.1291068&_=1745634401.1316233
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/501709.gif?partner_uid=7a3e7b6d-ee01-4b84-9e26-88a16df76519%3A1745634401.1291068&_=1745634401.1316233
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/sync-container?duid=2fd7b255045c--01jsqyp61h4cj5fc9n09vwr2x1&appId=b-00tu&euns=1&s=&version=v3.11.1&cd=.parasiterelief.com&pv=f3e32ad9-073b-4d0f-b814-f4c24cec0bdd
Protocol
H2
Server
35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://i.liadm.com/

Response headers

via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sat, 26 Apr 2025 02:26:41 GMT

Redirect headers

location
https://idsync.rlcdn.com/501709.gif?partner_uid=7a3e7b6d-ee01-4b84-9e26-88a16df76519%3A1745634401.1291068&_=1745634401.1316233
via
1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
content-length
447
x-amz-cf-id
Eo2z5zTaFn2fNlmxRjFVUO7UFiw9oFlPaNWAZ4ZJBBVTUJT8Pt8-ng==
date
Sat, 26 Apr 2025 02:26:41 GMT
content-type
text/html; charset=utf-8
vary
Cookie
server
lighttpd/1.4.69
x-amz-cf-pop
FRA56-C1
generic
match.adsrvr.org/track/cmf/ Frame 449B 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/sync-container?duid=2fd7b255045c--01jsqyp61h4cj5fc9n09vwr2x1&appId=b-00tu&euns=1&s=&version=v3.11.1&cd=.parasiterelief.com&pv=f3e32ad9-073b-4d0f-b814-f4c24cec0bdd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://i.liadm.com/

Response headers

content-length
70
date
Sat, 26 Apr 2025 02:26:41 GMT
content-type
image/gif
server
Kestrel
53233
i.liadm.com/s/ Frame 449B
Redirect Chain
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=8452463706568119056
0
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=8452463706568119056
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/sync-container?duid=2fd7b255045c--01jsqyp61h4cj5fc9n09vwr2x1&appId=b-00tu&euns=1&s=&version=v3.11.1&cd=.parasiterelief.com&pv=f3e32ad9-073b-4d0f-b814-f4c24cec0bdd
Protocol
HTTP/1.1
Server
54.175.159.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-159-191.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://i.liadm.com/

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Length
0
Date
Sat, 26 Apr 2025 02:26:41 GMT
trace-id
3f7099a644bbd213
Request-Time
0
Connection
keep-alive

Redirect headers

cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
location
https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=8452463706568119056
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
content-length
0
pragma
no-cache
date
Sat, 26 Apr 2025 02:26:40 GMT
28292
i.liadm.com/s/ Frame 449B
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-nP8h87gHgUBNq0-DFptC70U7DOUmsW9Rpixhrw
0
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-nP8h87gHgUBNq0-DFptC70U7DOUmsW9Rpixhrw
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/sync-container?duid=2fd7b255045c--01jsqyp61h4cj5fc9n09vwr2x1&appId=b-00tu&euns=1&s=&version=v3.11.1&cd=.parasiterelief.com&pv=f3e32ad9-073b-4d0f-b814-f4c24cec0bdd
Protocol
HTTP/1.1
Server
54.175.159.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-159-191.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://i.liadm.com/

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Length
0
Date
Sat, 26 Apr 2025 02:26:41 GMT
trace-id
6dc7012ac94173bf
Request-Time
0
Connection
keep-alive

Redirect headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache
location
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-nP8h87gHgUBNq0-DFptC70U7DOUmsW9Rpixhrw
pragma
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
802275
expires
Sat, 26 Apr 2025 00:00:00 GMT
x-errorlevel
0
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
date
Sat, 26 Apr 2025 02:26:40 GMT
server
Kestrel
demconf.jpg
dpm.demdex.net/ Frame 449B
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=127444&dpuuid=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=
42 B
730 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/sync-container?duid=2fd7b255045c--01jsqyp61h4cj5fc9n09vwr2x1&appId=b-00tu&euns=1&s=&version=v3.11.1&cd=.parasiterelief.com&pv=f3e32ad9-073b-4d0f-b814-f4c24cec0bdd
Protocol
H2
Server
108.128.223.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-223-16.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://i.liadm.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs
dcs-prod-irl1-2-v077-0734e8f12.edge-irl1.demdex.com 0 ms
content-encoding
gzip
pragma
no-cache
x-content-type-options
nosniff
x-tid
z6LiZUJ6Sqg=
x-error
300,104
expires
Thu, 01 Jan 1970 00:00:00 UTC
content-length
59
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date
Sat, 26 Apr 2025 02:26:41 GMT
content-type
image/gif

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=
dcs
dcs-prod-irl1-1-v077-02046ac58.edge-irl1.demdex.com 0 ms
pragma
no-cache
x-tid
HfUiJcJZSX8=
expires
Thu, 01 Jan 1970 00:00:00 UTC
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date
Sat, 26 Apr 2025 02:26:41 GMT
restricted
mid.rkdms.com/ Frame 449B
Redirect Chain
  • https://mid.rkdms.com/bct?pid=bcccb40a-06d2-44fe-bdd2-a91ef4a5bfd0&&puid=&liid=&_ct=im
  • https://mid.rkdms.com/restricted
0
0
89249
i.liadm.com/s/ Frame 449B
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=307
  • https://i.liadm.com/s/89249?bidder_id=246504&bidder_uuid=YzobK5prWdZEUeQ_XfYdH5VYGKs
0
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/89249?bidder_id=246504&bidder_uuid=YzobK5prWdZEUeQ_XfYdH5VYGKs
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/sync-container?duid=2fd7b255045c--01jsqyp61h4cj5fc9n09vwr2x1&appId=b-00tu&euns=1&s=&version=v3.11.1&cd=.parasiterelief.com&pv=f3e32ad9-073b-4d0f-b814-f4c24cec0bdd
Protocol
HTTP/1.1
Server
54.175.159.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-159-191.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://i.liadm.com/

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Length
0
Date
Sat, 26 Apr 2025 02:26:41 GMT
trace-id
dbd4c7209ef5561a
Request-Time
0
Connection
keep-alive

Redirect headers

Location
https://i.liadm.com/s/89249?bidder_id=246504&bidder_uuid=YzobK5prWdZEUeQ_XfYdH5VYGKs
Content-Length
111
Date
Sat, 26 Apr 2025 02:26:41 GMT
Content-Type
text/html; charset=utf-8
Connection
keep-alive
rt
d1pqvb2h9xgm7r.cloudfront.net/v1/ 		515 B
813 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d1pqvb2h9xgm7r.cloudfront.net/v1/rt
Requested by
Host: d9i5ve8f04qxt.cloudfront.net
URL: https://d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/collect-g.js?mid=LHP&channel=secure.parasiterelief.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.167.226.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-167-226-105.fra60.r.cloudfront.net
Software
/
Resource Hash
2f78347482d58752269a7b46dd5e22e8958f88dcb081d96d0cac3a994c284b8f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Content-type
application/json
Referer
https://parasiterelief.com/

Response headers

access-control-expose-headers
date, x-api-id
x-amzn-requestid
a425a00e-6d5b-559e-b654-c0882bfac77b
via
1.1 1f06029d64b556175859a19159ff7f92.cloudfront.net (CloudFront)
apigw-requestid
Jm-fQjmNoAMEYhA=
alt-svc
h3=":443"; ma=86400
access-control-allow-origin
*
content-length
515
x-amz-cf-id
NCt6-IOuW_NFglvp7Vsle8ER68A9rC4eSt5o_cA5CV1zPD5JJ89GKw==
date
Sat, 26 Apr 2025 02:26:41 GMT
content-type
text/xml
x-cache
Miss from cloudfront
x-amz-cf-pop
FRA60-P11
ig-membership
us.creativecdn.com/ Frame 39C4 		71 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://us.creativecdn.com/ig-membership?ntk=zF-Jnw1DAtSB_FK3zbiqLvZfECdz7W-kAl0_03pykBxr8YKXuJ5Upi7b1lVCWDnZQsIEdoTY3KicC9iSBZKMbnwskPJqKqIKQySEzo7tezKhvurnrM9sQNueW6Tm4CnmwN3hrsTic5l89-Zhww-Nd9UiJDfwy85shmWp1I3N6ENriOP0wX92IEGUTmlKYFUzs1tCEf9o_oQfzqvgCTp4AFL3bJBTrzYjHZvUqv9UN8nfJEqGImbTaTio6y61nVjnDzXlmRkYHlammrUAQ1wpMWx8aSbDambtAbWRdvGBCjDWmH7TE9cuOKd5mEPTU23_&lbl=null&ff=true&checked=true&bas=true&ra=true
Requested by
Host: us.creativecdn.com
URL: https://us.creativecdn.com/ig-membership?ntk=zF-Jnw1DAtSB_FK3zbiqLvZfECdz7W-kAl0_03pykBxr8YKXuJ5Upi7b1lVCWDnZQsIEdoTY3KicC9iSBZKMbnwskPJqKqIKQySEzo7tezKhvurnrM9sQNueW6Tm4CnmwN3hrsTic5l89-Zhww-Nd9UiJDfwy85shmWp1I3N6ENriOP0wX92IEGUTmlKYFUzs1tCEf9o_oQfzqvgCTp4AFL3bJBTrzYjHZvUqv9UN8nfJEqGImbTaTio6y61nVjnDzXlmRkYHlammrUAQ1wpMWx8aSbDambtAbWRdvGBCjDWmH7TE9cuOKd5mEPTU23_
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
216.169.159.30 , United States, ASN203690 (RTB-HOUSE-ASH RTB Marketing and Tech Services Ltd, CY),
Reverse DNS
ip-216-169-159-30.rtbhouse.net
Software
/
Resource Hash
7ae49d44ed8b5a8fb320a43b8db242b272dd3bdbc00cb042307ea9139bcaef57

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://us.creativecdn.com/ig-membership?ntk=zF-Jnw1DAtSB_FK3zbiqLvZfECdz7W-kAl0_03pykBxr8YKXuJ5Upi7b1lVCWDnZQsIEdoTY3KicC9iSBZKMbnwskPJqKqIKQySEzo7tezKhvurnrM9sQNueW6Tm4CnmwN3hrsTic5l89-Zhww-Nd9UiJDfwy85shmWp1I3N6ENriOP0wX92IEGUTmlKYFUzs1tCEf9o_oQfzqvgCTp4AFL3bJBTrzYjHZvUqv9UN8nfJEqGImbTaTio6y61nVjnDzXlmRkYHlammrUAQ1wpMWx8aSbDambtAbWRdvGBCjDWmH7TE9cuOKd5mEPTU23_

Response headers

expires
Thu, 01 Jan 1970 00:00:00 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-encoding
gzip
date
Sat, 26 Apr 2025 02:26:41 GMT, Sat, 26 Apr 2025 02:26:41 GMT
pragma
no-cache
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
collect
n.clarity.ms/ 		0
282 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://n.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.8.1/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.175.234.12 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://parasiterelief.com/

Response headers

Request-Context
appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
Access-Control-Allow-Origin
https://parasiterelief.com
Date
Sat, 26 Apr 2025 02:26:41 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
adnypeu
service3.purehealthresearch.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://service3.purehealthresearch.com/adnypeu
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=492&oid=109&uid=389&_ef_transaction_id=d806e723fe844b28904ee28ec49ae968&n=6109
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
134.209.162.206 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

Access-Control-Allow-Origin
*
Content-Length
0
Date
Sat, 26 Apr 2025 02:26:41 GMT
Server
nginx
Connection
keep-alive
Access-Control-Allow-Methods
GET
token_create.js
ct.pinterest.com/static/ct/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/static/ct/token_create.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.8821a9da.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.215.120.185 Hamburg, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-120-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
85ab852bfb2016bce3933a1c7107b1bce807179f46364db291ab1f86b89addbb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
cache-control
max-age=7200
content-encoding
gzip
etag
"6d0ca67bea866259c359c2d1e93bf622"
x-cdn
akamai
content-length
2092
date
Sat, 26 Apr 2025 02:26:41 GMT
akamai-grn
0.6d501302.1745634401.1a2aa3ec
content-type
application/javascript
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
ct.html
ct.pinterest.com/ Frame 9D43 		565 B
689 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/ct.html
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.8821a9da.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.215.120.185 Hamburg, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-120-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer
https://parasiterelief.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

akamai-grn
0.6d501302.1745634401.1a2aa3f3
alt-svc
h3=":443"; ma=604800
cache-control
max-age=86400
content-encoding
gzip
content-length
323
content-type
text/html; charset=utf-8
date
Sat, 26 Apr 2025 02:26:41 GMT
pinterest-version
29f111c367dfae75a4e9ab94cb5682ee4a3ac54a
referrer-policy
origin
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
vary
Accept-Encoding
x-cdn
akamai
x-envoy-upstream-service-time
0
x-pinterest-rid
2612100115995335
x-pinterest-rid-128bit
5c595477ecc7ce6724400b374ba899ff
sync
x.bidswitch.net/ Frame 2586 		43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=46&user_id=k-nTeb2bgHgUBNq0-DFptC70U7DOV3QWON4zbwqQ&expires=30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.136.108 Groningen, Netherlands, ASN19527 (GOOGLE-2, US),
Reverse DNS
108.136.214.35.bc.googleusercontent.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
date
Sat, 26 Apr 2025 02:26:41 GMT
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 2586 		170 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-Sy5MwrgHgUBNq0-DFptC70U7DOXNvXbuqTHX0Q&google_cm&google_hm=ay1TeTVNd3JnSGdVQk5xMC1ERnB0QzcwVTdET1hOdlhidXFUSFgwUQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
date
Sat, 26 Apr 2025 02:26:41 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 2586
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3271248601939601312
43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3271248601939601312
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
904784
expires
Mon, 26 Jul 1997 05:00:00 GMT
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
date
Sat, 26 Apr 2025 02:26:40 GMT
content-type
image/gif
server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3271248601939601312
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
149.88.24.171; 149.88.24.171; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; *.adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
5eb1773d-2976-4a01-be31-3e5e6e454fda
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Sat, 26 Apr 2025 02:26:41 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.23.4
rum
r.casalemedia.com/ Frame 2586
Redirect Chain
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-iEu4zbgHgUBNq0-DFptC70U7DOWEP4Jj1qQX2A
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-iEu4zbgHgUBNq0-DFptC70U7DOWEP4Jj1qQX2A&C=1
43 B
750 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-iEu4zbgHgUBNq0-DFptC70U7DOWEP4Jj1qQX2A&C=1
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f2ZpWNEoKVK2M8uh%2BH6CBIp7BoQ1EkdWpLDWbV7%2BEkQz49jYfL1yIkogA2vkp8V9eLoZhM3i0vT70%2FB5q362GU4UPfetliqWvpSWDhP0bOsK1KL2WfLVcAvta7v%2BWJDhZgrP"}],"group":"cf-nel","max_age":604800}
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date
Sat, 26 Apr 2025 02:26:41 GMT
content-type
image/gif
vary
Accept-Encoding
priority
u=3,i
cache-control
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
cf-ray
9362a302dec11daa-FRA
content-length
43
server
cloudflare

Redirect headers

cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xBzgGQvVKu%2BUf993lL6UHxYfq8lHm6ZhUeBtohfOy%2Bmya0ZRRYE73TDkpMo%2FEZLwsoTr852Tu5Ww7t3snbxIi%2F9yaYlvNufGfhuHwmjN2kYlDVbhtup0arLwPk%2BflZf5%2BxVV"}],"group":"cf-nel","max_age":604800}
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date
Sat, 26 Apr 2025 02:26:41 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
no-cache
location
/rum?cm_dsp_id=20&external_user_id=k-iEu4zbgHgUBNq0-DFptC70U7DOWEP4Jj1qQX2A&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
cf-ray
9362a302aeb51daa-FRA
content-length
0
server
cloudflare
ibs:dpid=28645&dpuuid=2PwfBl9DaWlsMTE0b1RxWjJ0SWZKTnpkMWNGbjFWa29kUWFUNmhUT3NGTGRWNlBJJTNE
dpm.demdex.net/ Frame 2586
Redirect Chain
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=2PwfBl9DaWlsMTE0b1RxWjJ0SWZKTnpkMWNGbjFWa29kUWFUNmhUT3NGTGRWNlBJJTNE
42 B
717 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=2PwfBl9DaWlsMTE0b1RxWjJ0SWZKTnpkMWNGbjFWa29kUWFUNmhUT3NGTGRWNlBJJTNE
Protocol
H2
Server
54.72.175.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-175-61.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs
dcs-prod-irl1-2-v077-036cc1bd1.edge-irl1.demdex.com 2 ms
content-encoding
gzip
pragma
no-cache
x-content-type-options
nosniff
x-tid
zY40saA3RDE=
expires
Thu, 01 Jan 1970 00:00:00 UTC
content-length
59
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date
Sat, 26 Apr 2025 02:26:41 GMT
content-type
image/gif

Redirect headers

strict-transport-security
max-age=31536000; preload;
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
location
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=2PwfBl9DaWlsMTE0b1RxWjJ0SWZKTnpkMWNGbjFWa29kUWFUNmhUT3NGTGRWNlBJJTNE
content-length
0
date
Sat, 26 Apr 2025 02:26:41 GMT
server
Kestrel
server-processing-duration-in-ticks
1072191
9.gif
id5-sync.com/s/966/ Frame 2586 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/s/966/9.gif?puid=k-2jkqgbgHgUBNq0-DFptC70U7DOW-jH9tDsc85A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.120 , Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns3203256.ip-141-95-33.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
p3p
CP="CAO PSA OUR"
date
Sat, 26 Apr 2025 02:26:41 GMT
content-type
image/gif;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
match
ad.360yield.com/ Frame 2586 		43 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-E3ZUSrgHgUBNq0-DFptC70U7DOWOIdb9hoCckg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.72.72.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-72-193.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

access-control-allow-origin
*
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date
Sat, 26 Apr 2025 02:26:41 GMT
content-type
image/gif
cksync.php
contextual.media.net/ Frame 2586 		86 B
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-jQi1g7gHgUBNq0-DFptC70U7DOXKB2JgU92Nrg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.180.24 Hamburg, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-23-180-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c8b624ad07331f0d6c28a75c54582cf826c19b8c7ef32eb5a0bb948fc2c7f374
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=0, no-cache, no-store
timing-allow-origin
*
pragma
no-cache
expires
Sat, 26 Apr 2025 02:26:41 GMT
x-mnet-hl2
E
alt-svc
h3=":443"; ma=93600
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-length
86
date
Sat, 26 Apr 2025 02:26:41 GMT
content-type
image/gif
server
Apache
push
exchange.mediavine.com/usersync/ Frame 2586 		0
879 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-Y9TSy7gHgUBNq0-DFptC70U7DOXn4yshR9tMfA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.185.212.71 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-212-71.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

cache-control
private, no-cache
content-encoding
gzip
date
Sat, 26 Apr 2025 02:26:41 GMT
content-type
text/html; charset=utf-8
vary
Origin, Accept-Encoding
access-control-allow-credentials
true
1017
jadserve.postrelease.com/suid/ Frame 2586 		43 B
423 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/1017?vk=k-Pm9n7bgHgUBNq0-DFptC70U7DOU4wfVAVFst7Q
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.242.121.227 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-242-121-227.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
expires
Mon, 1 Jan 1990 12:00:00 GMT
access-control-allow-origin
*
content-length
43
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Sat, 26 Apr 2025 02:26:42 GMT
content-type
image/gif
server
nginx
cookie-sync
sync.outbrain.com/ Frame 2586 		0
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k--bhXSrgHgUBNq0-DFptC70U7DOXpYvSTblscMQ&initiator=partner
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
70.42.32.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache
content-length
0
date
Sat, 26 Apr 2025 02:26:42 GMT
x-traceid
9a4a57c58e88d6307e7b6e2303c75003
Pug
simage2.pubmatic.com/AdServer/ Frame 2586 		42 B
581 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-2MwSLLgHgUBNq0-DFptC70U7DOVUDu2WYl-LPg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.231.98.109 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-store, no-cache, private
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sat, 26 Apr 2025 02:26:41 GMT
content-type
image/gif; charset=utf-8
server
nginx
tap.php
pixel.rubiconproject.com/ Frame 2586 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-YuatzbgHgUBNq0-DFptC70U7DOWQyHo3Tt52JA&expires=30
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
5e091a4bda7cb1b96cf60040ae4e8596
Pragma
no-cache
Content-Type
image/gif
/
rtb-csync.smartadserver.com/redir/ Frame 2586 		43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-NaIIl7gHgUBNq0-DFptC70U7DOUNt-tWH_WcJQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.172 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

date
Sat, 26 Apr 2025 02:26:40 GMT
content-type
image/gif
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 2586 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-6pkBBrgHgUBNq0-DFptC70U7DOUJjoaaoPNkgQ
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

x-fastly-to-nlb-rtt
7166
date
Sat, 26 Apr 2025 02:26:41 GMT
server
nginx
access-control-allow-credentials
true
um
criteo-sync.teads.tv/ Frame 2586 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-INa5gbgHgUBNq0-DFptC70U7DOWz5EaFSCAoyw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.253.92 Hamburg, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-253-92.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.1 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

expires
Sat, 26 Apr 2025 02:26:41 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
pragma
no-cache
date
Sat, 26 Apr 2025 02:26:41 GMT
content-type
image/gif
server
pekko-http/1.0.1
sync
criteo-partners.tremorhub.com/ Frame 2586 		43 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-partners.tremorhub.com/sync?UICR=k-d_2ll7gHgUBNq0-DFptC70U7DOXet3TXV2R_Wg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.100.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-100-41.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Sat, 26 Apr 2025 02:26:42 GMT
content-type
image/gif
server
nginx
xuid
eb2.3lift.com/ Frame 2586 		37 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=k-M4Inf7gHgUBNq0-DFptC70U7DOXfeQXzlXORMw&dongle=013b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
date
Sat, 26 Apr 2025 02:26:41 GMT
content-type
image/gif
getusermatch.php
a.twiago.com/rtb/ Frame 2586 		43 B
580 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-mv0SgrgHgUBNq0-DFptC70U7DOUx7i8U4oW4MA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.215.5.31 , Germany, ASN6786 (CRONON-BERLIN-AS Cronon GmbH, DE),
Reverse DNS
Software
Apache / PHP/7.3.29
Resource Hash
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

access-control-allow-origin
*
p3p
policyref="https://help.adspirit.de/w3c/adspirit.p3p", CP="NOI DSP COR NID PSAo PSDo IVAo IVDo OUR STP UNI COM NAV DEM"
content-length
43
date
Sat, 26 Apr 2025 02:26:41 GMT
content-type
image/gif
x-powered-by
PHP/7.3.29
server
Apache
m
ad.yieldlab.net/ Frame 2586 		0
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-CeIVKLgHgUBNq0-DFptC70U7DOUvKPXeN-glZA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.136 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-136.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

Expires
Fri, 25 Apr 2025 02:26:41 GMT
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Pragma
no-cache
Date
Sat, 26 Apr 2025 02:26:41 GMT
Connection
keep-alive
RX-d0df86cb-2e84-401d-86c9-f89a1d93294a-003
sync.targeting.unrulymedia.com/csync/ Frame 2586
Redirect Chain
  • https://sync.1rx.io/usersync/criteodsp/k-ej1DergHgUBNq0-DFptC70U7DOXYSbVzTdOrLw
  • https://sync.1rx.io/usersync/criteodsp/k-ej1DergHgUBNq0-DFptC70U7DOXYSbVzTdOrLw?zcc=1&cb=1745634401951
  • https://sync.targeting.unrulymedia.com/csync/RX-d0df86cb-2e84-401d-86c9-f89a1d93294a-003
43 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-d0df86cb-2e84-401d-86c9-f89a1d93294a-003
Protocol
H2
Server
46.228.174.117 , United Kingdom, ASN56396 (Amobee NEXXEN GROUP LTD, GB),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
date
Sat, 26 Apr 2025 02:26:42 GMT
content-length
43

Redirect headers

expires
0
cache-control
no-store, no-cache, must-revalidate
location
https://sync.targeting.unrulymedia.com/csync/RX-d0df86cb-2e84-401d-86c9-f89a1d93294a-003
date
Sat, 26 Apr 2025 02:26:42 GMT
pragma
no-cache
content-type
text/html
sync
x.bidswitch.net/ Frame 703B 		43 B
92 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=46&user_id=k-nTeb2bgHgUBNq0-DFptC70U7DOV3QWON4zbwqQ&expires=30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.136.108 Groningen, Netherlands, ASN19527 (GOOGLE-2, US),
Reverse DNS
108.136.214.35.bc.googleusercontent.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
date
Sat, 26 Apr 2025 02:26:41 GMT
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 703B 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-Sy5MwrgHgUBNq0-DFptC70U7DOXNvXbuqTHX0Q&google_cm&google_hm=ay1TeTVNd3JnSGdVQk5xMC1ERnB0QzcwVTdET1hOdlhidXFUSFgwUQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
date
Sat, 26 Apr 2025 02:26:41 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 703B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1004548486623423888
43 B
715 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1004548486623423888
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1068623
expires
Mon, 26 Jul 1997 05:00:00 GMT
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
date
Sat, 26 Apr 2025 02:26:41 GMT
content-type
image/gif
server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1004548486623423888
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
149.88.24.171; 149.88.24.171; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; *.adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
354d8d34-5020-4210-9da2-6c67acd2fd56
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Sat, 26 Apr 2025 02:26:41 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.23.4
rum
r.casalemedia.com/ Frame 703B 		43 B
752 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-iEu4zbgHgUBNq0-DFptC70U7DOWEP4Jj1qQX2A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=geNJB%2B5Pejtqtpplh6QyyxyNfdzg%2F5vrDIhiECR9JrlNowvppoOkvBhJN%2F6Ba2PHoKaI7295cQcYRGIuC%2BsNeGgaHDq%2FDt4dsOmg8fhMwCSvdLGQB2AB1e0ROYTqNHtpRvV4"}],"group":"cf-nel","max_age":604800}
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date
Sat, 26 Apr 2025 02:26:41 GMT
content-type
image/gif
vary
Accept-Encoding
priority
u=3,i
cache-control
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
cf-ray
9362a303df391daa-FRA
content-length
43
server
cloudflare
ibs:dpid=28645&dpuuid=2vclC19DaWlsMTE0b1RxWjJ0SWZKTnpkMWNIOGJqMG5pb2dGQXpxeHFDVVp4MDVNJTNE
dpm.demdex.net/ Frame 703B
Redirect Chain
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=2vclC19DaWlsMTE0b1RxWjJ0SWZKTnpkMWNIOGJqMG5pb2dGQXpxeHFDVVp4MDVNJTNE
42 B
716 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=2vclC19DaWlsMTE0b1RxWjJ0SWZKTnpkMWNIOGJqMG5pb2dGQXpxeHFDVVp4MDVNJTNE
Protocol
H2
Server
54.72.175.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-175-61.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs
dcs-prod-irl1-1-v077-04fc1d68d.edge-irl1.demdex.com 2 ms
content-encoding
gzip
pragma
no-cache
x-content-type-options
nosniff
x-tid
4MXrARfaRzE=
expires
Thu, 01 Jan 1970 00:00:00 UTC
content-length
59
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date
Sat, 26 Apr 2025 02:26:41 GMT
content-type
image/gif

Redirect headers

strict-transport-security
max-age=31536000; preload;
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
location
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=2vclC19DaWlsMTE0b1RxWjJ0SWZKTnpkMWNIOGJqMG5pb2dGQXpxeHFDVVp4MDVNJTNE
content-length
0
date
Sat, 26 Apr 2025 02:26:41 GMT
server
Kestrel
server-processing-duration-in-ticks
925816
9.gif
id5-sync.com/s/966/ Frame 703B 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/s/966/9.gif?puid=k-2jkqgbgHgUBNq0-DFptC70U7DOW-jH9tDsc85A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.120 , Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns3203256.ip-141-95-33.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
p3p
CP="CAO PSA OUR"
date
Sat, 26 Apr 2025 02:26:41 GMT
content-type
image/gif;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
match
ad.360yield.com/ Frame 703B 		43 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-E3ZUSrgHgUBNq0-DFptC70U7DOWOIdb9hoCckg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.72.72.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-72-193.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

access-control-allow-origin
*
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date
Sat, 26 Apr 2025 02:26:41 GMT
content-type
image/gif
cksync.php
contextual.media.net/ Frame 703B 		86 B
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-jQi1g7gHgUBNq0-DFptC70U7DOXKB2JgU92Nrg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.180.24 Hamburg, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-23-180-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c8b624ad07331f0d6c28a75c54582cf826c19b8c7ef32eb5a0bb948fc2c7f374
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=0, no-cache, no-store
timing-allow-origin
*
pragma
no-cache
expires
Sat, 26 Apr 2025 02:26:42 GMT
x-mnet-hl2
E
alt-svc
h3=":443"; ma=93600
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-length
86
date
Sat, 26 Apr 2025 02:26:42 GMT
content-type
image/gif
server
Apache
push
exchange.mediavine.com/usersync/ Frame 703B 		0
878 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-Y9TSy7gHgUBNq0-DFptC70U7DOXn4yshR9tMfA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.185.212.71 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-212-71.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

cache-control
private, no-cache
content-encoding
gzip
date
Sat, 26 Apr 2025 02:26:41 GMT
content-type
text/html; charset=utf-8
vary
Origin, Accept-Encoding
access-control-allow-credentials
true
1017
jadserve.postrelease.com/suid/ Frame 703B 		43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/1017?vk=k-Pm9n7bgHgUBNq0-DFptC70U7DOU4wfVAVFst7Q
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.242.121.227 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-242-121-227.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
expires
Mon, 1 Jan 1990 12:00:00 GMT
access-control-allow-origin
*
content-length
43
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Sat, 26 Apr 2025 02:26:42 GMT
content-type
image/gif
server
nginx
cookie-sync
sync.outbrain.com/ Frame 703B 		0
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k--bhXSrgHgUBNq0-DFptC70U7DOXpYvSTblscMQ&initiator=partner
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
70.42.32.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache
content-length
0
date
Sat, 26 Apr 2025 02:26:42 GMT
x-traceid
651766eef5ffa495c5c07200a337a35e
Pug
simage2.pubmatic.com/AdServer/ Frame 703B 		42 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-2MwSLLgHgUBNq0-DFptC70U7DOVUDu2WYl-LPg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.231.98.109 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-store, no-cache, private
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sat, 26 Apr 2025 02:26:41 GMT
content-type
image/gif; charset=utf-8
server
nginx
tap.php
pixel.rubiconproject.com/ Frame 703B 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-YuatzbgHgUBNq0-DFptC70U7DOWQyHo3Tt52JA&expires=30
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
5e091a4bda7cb1b96cf60040ae4e8596
Pragma
no-cache
Content-Type
image/gif
/
rtb-csync.smartadserver.com/redir/ Frame 703B 		43 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-NaIIl7gHgUBNq0-DFptC70U7DOUNt-tWH_WcJQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.172 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

date
Sat, 26 Apr 2025 02:26:41 GMT
content-type
image/gif
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 703B 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-6pkBBrgHgUBNq0-DFptC70U7DOUJjoaaoPNkgQ
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

x-fastly-to-nlb-rtt
12993
date
Sat, 26 Apr 2025 02:26:41 GMT
server
nginx
access-control-allow-credentials
true
um
criteo-sync.teads.tv/ Frame 703B 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-INa5gbgHgUBNq0-DFptC70U7DOWz5EaFSCAoyw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.253.92 Hamburg, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-253-92.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.1 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

expires
Sat, 26 Apr 2025 02:26:41 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
pragma
no-cache
date
Sat, 26 Apr 2025 02:26:41 GMT
content-type
image/gif
server
pekko-http/1.0.1
sync
criteo-partners.tremorhub.com/ Frame 703B 		43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-partners.tremorhub.com/sync?UICR=k-d_2ll7gHgUBNq0-DFptC70U7DOXet3TXV2R_Wg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.100.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-100-41.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Sat, 26 Apr 2025 02:26:42 GMT
content-type
image/gif
server
nginx
xuid
eb2.3lift.com/ Frame 703B 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=k-M4Inf7gHgUBNq0-DFptC70U7DOXfeQXzlXORMw&dongle=013b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
date
Sat, 26 Apr 2025 02:26:41 GMT
content-type
image/gif
getusermatch.php
a.twiago.com/rtb/ Frame 703B 		43 B
429 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-mv0SgrgHgUBNq0-DFptC70U7DOUx7i8U4oW4MA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.215.5.31 , Germany, ASN6786 (CRONON-BERLIN-AS Cronon GmbH, DE),
Reverse DNS
Software
Apache / PHP/7.3.29
Resource Hash
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

access-control-allow-origin
*
p3p
policyref="https://help.adspirit.de/w3c/adspirit.p3p", CP="NOI DSP COR NID PSAo PSDo IVAo IVDo OUR STP UNI COM NAV DEM"
content-length
43
date
Sat, 26 Apr 2025 02:26:42 GMT
content-type
image/gif
x-powered-by
PHP/7.3.29
server
Apache
m
ad.yieldlab.net/ Frame 703B 		0
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-CeIVKLgHgUBNq0-DFptC70U7DOUvKPXeN-glZA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.136 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-136.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

Expires
Fri, 25 Apr 2025 02:26:41 GMT
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Pragma
no-cache
Date
Sat, 26 Apr 2025 02:26:41 GMT
Connection
keep-alive
RX-0b380fe6-192d-48f5-bd67-83ebd38466c3-003
sync.targeting.unrulymedia.com/csync/ Frame 703B
Redirect Chain
  • https://sync.1rx.io/usersync/criteodsp/k-ej1DergHgUBNq0-DFptC70U7DOXYSbVzTdOrLw
  • https://sync.1rx.io/usersync/criteodsp/k-ej1DergHgUBNq0-DFptC70U7DOXYSbVzTdOrLw?zcc=1&cb=1745634402049
  • https://sync.targeting.unrulymedia.com/csync/RX-0b380fe6-192d-48f5-bd67-83ebd38466c3-003
43 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-0b380fe6-192d-48f5-bd67-83ebd38466c3-003
Protocol
H2
Server
46.228.174.117 , United Kingdom, ASN56396 (Amobee NEXXEN GROUP LTD, GB),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
date
Sat, 26 Apr 2025 02:26:42 GMT
content-length
43

Redirect headers

expires
0
cache-control
no-store, no-cache, must-revalidate
location
https://sync.targeting.unrulymedia.com/csync/RX-0b380fe6-192d-48f5-bd67-83ebd38466c3-003
date
Sat, 26 Apr 2025 02:26:42 GMT
pragma
no-cache
content-type
text/html
sync
x.bidswitch.net/ Frame 0C65 		43 B
92 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=46&user_id=k-nTeb2bgHgUBNq0-DFptC70U7DOV3QWON4zbwqQ&expires=30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.136.108 Groningen, Netherlands, ASN19527 (GOOGLE-2, US),
Reverse DNS
108.136.214.35.bc.googleusercontent.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
date
Sat, 26 Apr 2025 02:26:41 GMT
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 0C65 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-Sy5MwrgHgUBNq0-DFptC70U7DOXNvXbuqTHX0Q&google_cm&google_hm=ay1TeTVNd3JnSGdVQk5xMC1ERnB0QzcwVTdET1hOdlhidXFUSFgwUQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
date
Sat, 26 Apr 2025 02:26:41 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 0C65
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6050467209683081109
43 B
705 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6050467209683081109
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1479409
expires
Mon, 26 Jul 1997 05:00:00 GMT
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
date
Sat, 26 Apr 2025 02:26:41 GMT
content-type
image/gif
server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6050467209683081109
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
149.88.24.171; 149.88.24.171; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; *.adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
49038d99-f1e1-4c5e-bd29-ea569fea18b2
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Sat, 26 Apr 2025 02:26:41 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.23.4
rum
r.casalemedia.com/ Frame 0C65 		43 B
751 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-iEu4zbgHgUBNq0-DFptC70U7DOWEP4Jj1qQX2A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gQ7vxTHPblsz0BOUTD0PnJ9dMk64g1a%2FpdCz5sHhuT48MYW0UPZQ872Wf00E6w3uojj%2F%2FDMb38jAmVbVwvA%2F5zU8SN36KHke5KelL364k1RpGDmZ6NyErWWG42nTK2n6PjX3"}],"group":"cf-nel","max_age":604800}
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date
Sat, 26 Apr 2025 02:26:41 GMT
content-type
image/gif
vary
Accept-Encoding
priority
u=3,i
cache-control
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
cf-ray
9362a3042f5e1daa-FRA
content-length
43
server
cloudflare
ibs:dpid=28645&dpuuid=cODESF9DaWlsMTE0b1RxWjJ0SWZKTnpkMWNCQU14MnJkUENTWld0OXZHczJQTUJNJTNE
dpm.demdex.net/ Frame 0C65
Redirect Chain
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=cODESF9DaWlsMTE0b1RxWjJ0SWZKTnpkMWNCQU14MnJkUENTWld0OXZHczJQTUJNJTNE
42 B
716 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=cODESF9DaWlsMTE0b1RxWjJ0SWZKTnpkMWNCQU14MnJkUENTWld0OXZHczJQTUJNJTNE
Protocol
H2
Server
54.72.175.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-175-61.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs
dcs-prod-irl1-2-v077-0d18e414c.edge-irl1.demdex.com 2 ms
content-encoding
gzip
pragma
no-cache
x-content-type-options
nosniff
x-tid
UFk0aaRoTPw=
expires
Thu, 01 Jan 1970 00:00:00 UTC
content-length
59
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date
Sat, 26 Apr 2025 02:26:42 GMT
content-type
image/gif

Redirect headers

strict-transport-security
max-age=31536000; preload;
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
location
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=cODESF9DaWlsMTE0b1RxWjJ0SWZKTnpkMWNCQU14MnJkUENTWld0OXZHczJQTUJNJTNE
content-length
0
date
Sat, 26 Apr 2025 02:26:41 GMT
server
Kestrel
server-processing-duration-in-ticks
876123
9.gif
id5-sync.com/s/966/ Frame 0C65 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/s/966/9.gif?puid=k-2jkqgbgHgUBNq0-DFptC70U7DOW-jH9tDsc85A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.120 , Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns3203256.ip-141-95-33.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
p3p
CP="CAO PSA OUR"
date
Sat, 26 Apr 2025 02:26:41 GMT
content-type
image/gif;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
match
ad.360yield.com/ Frame 0C65 		43 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-E3ZUSrgHgUBNq0-DFptC70U7DOWOIdb9hoCckg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.72.72.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-72-193.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

access-control-allow-origin
*
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date
Sat, 26 Apr 2025 02:26:41 GMT
content-type
image/gif
cksync.php
contextual.media.net/ Frame 0C65 		86 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-jQi1g7gHgUBNq0-DFptC70U7DOXKB2JgU92Nrg
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2.23.180.24 Hamburg, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-23-180-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c8b624ad07331f0d6c28a75c54582cf826c19b8c7ef32eb5a0bb948fc2c7f374
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=0, no-cache, no-store
timing-allow-origin
*
pragma
no-cache
quic-version
0x00000001
expires
Sat, 26 Apr 2025 02:26:42 GMT
x-mnet-hl2
E
alt-svc
h3=":443"; ma=93600
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-length
86
date
Sat, 26 Apr 2025 02:26:42 GMT
content-type
image/gif
server
Apache
push
exchange.mediavine.com/usersync/ Frame 0C65 		0
878 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-Y9TSy7gHgUBNq0-DFptC70U7DOXn4yshR9tMfA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.185.212.71 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-212-71.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

cache-control
private, no-cache
content-encoding
gzip
date
Sat, 26 Apr 2025 02:26:41 GMT
content-type
text/html; charset=utf-8
vary
Origin, Accept-Encoding
access-control-allow-credentials
true
1017
jadserve.postrelease.com/suid/ Frame 0C65 		43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/1017?vk=k-Pm9n7bgHgUBNq0-DFptC70U7DOU4wfVAVFst7Q
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.242.121.227 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-242-121-227.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
expires
Mon, 1 Jan 1990 12:00:00 GMT
access-control-allow-origin
*
content-length
43
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Sat, 26 Apr 2025 02:26:42 GMT
content-type
image/gif
server
nginx
cookie-sync
sync.outbrain.com/ Frame 0C65 		0
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k--bhXSrgHgUBNq0-DFptC70U7DOXpYvSTblscMQ&initiator=partner
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
70.42.32.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache
content-length
0
date
Sat, 26 Apr 2025 02:26:42 GMT
x-traceid
f4efb4396d5f7a2ba69998c622181181
Pug
simage2.pubmatic.com/AdServer/ Frame 0C65 		42 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-2MwSLLgHgUBNq0-DFptC70U7DOVUDu2WYl-LPg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.231.98.109 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-store, no-cache, private
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sat, 26 Apr 2025 02:26:41 GMT
content-type
image/gif; charset=utf-8
server
nginx
tap.php
pixel.rubiconproject.com/ Frame 0C65 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-YuatzbgHgUBNq0-DFptC70U7DOWQyHo3Tt52JA&expires=30
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
5e091a4bda7cb1b96cf60040ae4e8596
Pragma
no-cache
Content-Type
image/gif
/
rtb-csync.smartadserver.com/redir/ Frame 0C65 		43 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-NaIIl7gHgUBNq0-DFptC70U7DOUNt-tWH_WcJQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.172 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

date
Sat, 26 Apr 2025 02:26:41 GMT
content-type
image/gif
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 0C65 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-6pkBBrgHgUBNq0-DFptC70U7DOUJjoaaoPNkgQ
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

x-fastly-to-nlb-rtt
12269
date
Sat, 26 Apr 2025 02:26:41 GMT
server
nginx
access-control-allow-credentials
true
um
criteo-sync.teads.tv/ Frame 0C65 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-INa5gbgHgUBNq0-DFptC70U7DOWz5EaFSCAoyw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.253.92 Hamburg, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-253-92.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.1 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

expires
Sat, 26 Apr 2025 02:26:42 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
pragma
no-cache
date
Sat, 26 Apr 2025 02:26:42 GMT
content-type
image/gif
server
pekko-http/1.0.1
sync
criteo-partners.tremorhub.com/ Frame 0C65 		43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-partners.tremorhub.com/sync?UICR=k-d_2ll7gHgUBNq0-DFptC70U7DOXet3TXV2R_Wg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.100.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-100-41.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Sat, 26 Apr 2025 02:26:42 GMT
content-type
image/gif
server
nginx
xuid
eb2.3lift.com/ Frame 0C65 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=k-M4Inf7gHgUBNq0-DFptC70U7DOXfeQXzlXORMw&dongle=013b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
date
Sat, 26 Apr 2025 02:26:41 GMT
content-type
image/gif
getusermatch.php
a.twiago.com/rtb/ Frame 0C65 		43 B
429 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-mv0SgrgHgUBNq0-DFptC70U7DOUx7i8U4oW4MA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.215.5.31 , Germany, ASN6786 (CRONON-BERLIN-AS Cronon GmbH, DE),
Reverse DNS
Software
Apache / PHP/7.3.29
Resource Hash
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

access-control-allow-origin
*
p3p
policyref="https://help.adspirit.de/w3c/adspirit.p3p", CP="NOI DSP COR NID PSAo PSDo IVAo IVDo OUR STP UNI COM NAV DEM"
content-length
43
date
Sat, 26 Apr 2025 02:26:42 GMT
content-type
image/gif
x-powered-by
PHP/7.3.29
server
Apache
m
ad.yieldlab.net/ Frame 0C65 		0
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-CeIVKLgHgUBNq0-DFptC70U7DOUvKPXeN-glZA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.136 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-136.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

Expires
Fri, 25 Apr 2025 02:26:42 GMT
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Pragma
no-cache
Date
Sat, 26 Apr 2025 02:26:42 GMT
Connection
keep-alive
RX-d0df86cb-2e84-401d-86c9-f89a1d93294a-003
sync.targeting.unrulymedia.com/csync/ Frame 0C65
Redirect Chain
  • https://sync.1rx.io/usersync/criteodsp/k-ej1DergHgUBNq0-DFptC70U7DOXYSbVzTdOrLw
  • https://sync.targeting.unrulymedia.com/csync/RX-d0df86cb-2e84-401d-86c9-f89a1d93294a-003
43 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-d0df86cb-2e84-401d-86c9-f89a1d93294a-003
Protocol
H2
Server
46.228.174.117 , United Kingdom, ASN56396 (Amobee NEXXEN GROUP LTD, GB),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
date
Sat, 26 Apr 2025 02:26:42 GMT
content-length
43

Redirect headers

expires
0
cache-control
no-store, no-cache, must-revalidate
location
https://sync.targeting.unrulymedia.com/csync/RX-d0df86cb-2e84-401d-86c9-f89a1d93294a-003
date
Sat, 26 Apr 2025 02:26:42 GMT
pragma
no-cache
content-type
text/html
sync
x.bidswitch.net/ Frame EE14 		43 B
92 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=46&user_id=k-nTeb2bgHgUBNq0-DFptC70U7DOV3QWON4zbwqQ&expires=30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.136.108 Groningen, Netherlands, ASN19527 (GOOGLE-2, US),
Reverse DNS
108.136.214.35.bc.googleusercontent.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
date
Sat, 26 Apr 2025 02:26:42 GMT
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame EE14 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-Sy5MwrgHgUBNq0-DFptC70U7DOXNvXbuqTHX0Q&google_cm&google_hm=ay1TeTVNd3JnSGdVQk5xMC1ERnB0QzcwVTdET1hOdlhidXFUSFgwUQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
date
Sat, 26 Apr 2025 02:26:42 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame EE14
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8054633381625834642
43 B
723 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8054633381625834642
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1326050
expires
Mon, 26 Jul 1997 05:00:00 GMT
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
date
Sat, 26 Apr 2025 02:26:41 GMT
content-type
image/gif
server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8054633381625834642
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
149.88.24.171; 149.88.24.171; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; *.adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
8bb93ffd-80dd-45c2-a819-bdacef7e9b84
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Sat, 26 Apr 2025 02:26:41 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.23.4
rum
r.casalemedia.com/ Frame EE14 		43 B
750 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-iEu4zbgHgUBNq0-DFptC70U7DOWEP4Jj1qQX2A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P%2FwUVlo4BOoWp5uIxjUgRjVVxSlPVwqnTqXGPZ3J%2BZ917NoQ226Gf0ud5PDSc12Z4sRn4u1LMeWnAx8FH2ayN8N5LdVSfQLUdurJ8FRELSV0izES2Vcp9qTeh3XmMpTVX%2BtJ"}],"group":"cf-nel","max_age":604800}
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date
Sat, 26 Apr 2025 02:26:42 GMT
content-type
image/gif
vary
Accept-Encoding
priority
u=3,i
cache-control
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
cf-ray
9362a304dfa41daa-FRA
content-length
43
server
cloudflare
ibs:dpid=28645&dpuuid=hUIssl9DaWlsMTE0b1RxWjJ0SWZKTnpkMWNKcDhRd3VaR05UNUFmaU1QaG9ldWlzJTNE
dpm.demdex.net/ Frame EE14
Redirect Chain
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=hUIssl9DaWlsMTE0b1RxWjJ0SWZKTnpkMWNKcDhRd3VaR05UNUFmaU1QaG9ldWlzJTNE
42 B
717 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=hUIssl9DaWlsMTE0b1RxWjJ0SWZKTnpkMWNKcDhRd3VaR05UNUFmaU1QaG9ldWlzJTNE
Protocol
H2
Server
54.72.175.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-175-61.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs
dcs-prod-irl1-2-v077-0eb166344.edge-irl1.demdex.com 2 ms
content-encoding
gzip
pragma
no-cache
x-content-type-options
nosniff
x-tid
VFFzRo+3QyU=
expires
Thu, 01 Jan 1970 00:00:00 UTC
content-length
59
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date
Sat, 26 Apr 2025 02:26:42 GMT
content-type
image/gif

Redirect headers

strict-transport-security
max-age=31536000; preload;
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
location
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=hUIssl9DaWlsMTE0b1RxWjJ0SWZKTnpkMWNKcDhRd3VaR05UNUFmaU1QaG9ldWlzJTNE
content-length
0
date
Sat, 26 Apr 2025 02:26:41 GMT
server
Kestrel
server-processing-duration-in-ticks
681198
9.gif
id5-sync.com/s/966/ Frame EE14 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/s/966/9.gif?puid=k-2jkqgbgHgUBNq0-DFptC70U7DOW-jH9tDsc85A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.120 , Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns3203256.ip-141-95-33.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
p3p
CP="CAO PSA OUR"
date
Sat, 26 Apr 2025 02:26:41 GMT
content-type
image/gif;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
match
ad.360yield.com/ Frame EE14 		43 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-E3ZUSrgHgUBNq0-DFptC70U7DOWOIdb9hoCckg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.72.72.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-72-193.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

access-control-allow-origin
*
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date
Sat, 26 Apr 2025 02:26:42 GMT
content-type
image/gif
cksync.php
contextual.media.net/ Frame EE14 		86 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-jQi1g7gHgUBNq0-DFptC70U7DOXKB2JgU92Nrg
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2.23.180.24 Hamburg, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-23-180-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c8b624ad07331f0d6c28a75c54582cf826c19b8c7ef32eb5a0bb948fc2c7f374
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=0, no-cache, no-store
timing-allow-origin
*
pragma
no-cache
quic-version
0x00000001
expires
Sat, 26 Apr 2025 02:26:42 GMT
x-mnet-hl2
E
alt-svc
h3=":443"; ma=93600
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-length
86
date
Sat, 26 Apr 2025 02:26:42 GMT
content-type
image/gif
server
Apache
push
exchange.mediavine.com/usersync/ Frame EE14 		0
878 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-Y9TSy7gHgUBNq0-DFptC70U7DOXn4yshR9tMfA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.185.212.71 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-212-71.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

cache-control
private, no-cache
content-encoding
gzip
date
Sat, 26 Apr 2025 02:26:42 GMT
content-type
text/html; charset=utf-8
vary
Origin, Accept-Encoding
access-control-allow-credentials
true
1017
jadserve.postrelease.com/suid/ Frame EE14 		43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/1017?vk=k-Pm9n7bgHgUBNq0-DFptC70U7DOU4wfVAVFst7Q
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.242.121.227 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-242-121-227.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
expires
Mon, 1 Jan 1990 12:00:00 GMT
access-control-allow-origin
*
content-length
43
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Sat, 26 Apr 2025 02:26:43 GMT
content-type
image/gif
server
nginx
cookie-sync
sync.outbrain.com/ Frame EE14 		0
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k--bhXSrgHgUBNq0-DFptC70U7DOXpYvSTblscMQ&initiator=partner
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
70.42.32.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache
content-length
0
date
Sat, 26 Apr 2025 02:26:42 GMT
x-traceid
47e65f728866e1f921cd05e49de94311
Pug
simage2.pubmatic.com/AdServer/ Frame EE14 		42 B
432 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-2MwSLLgHgUBNq0-DFptC70U7DOVUDu2WYl-LPg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.231.98.109 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-store, no-cache, private
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sat, 26 Apr 2025 02:26:42 GMT
content-type
image/gif; charset=utf-8
server
nginx
tap.php
pixel.rubiconproject.com/ Frame EE14 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-YuatzbgHgUBNq0-DFptC70U7DOWQyHo3Tt52JA&expires=30
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
5e091a4bda7cb1b96cf60040ae4e8596
Pragma
no-cache
Content-Type
image/gif
/
rtb-csync.smartadserver.com/redir/ Frame EE14 		43 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-NaIIl7gHgUBNq0-DFptC70U7DOUNt-tWH_WcJQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.172 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

date
Sat, 26 Apr 2025 02:26:41 GMT
content-type
image/gif
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame EE14 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-6pkBBrgHgUBNq0-DFptC70U7DOUJjoaaoPNkgQ
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

x-fastly-to-nlb-rtt
11634
date
Sat, 26 Apr 2025 02:26:42 GMT
server
nginx
access-control-allow-credentials
true
um
criteo-sync.teads.tv/ Frame EE14 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-INa5gbgHgUBNq0-DFptC70U7DOWz5EaFSCAoyw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.253.92 Hamburg, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-253-92.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.1 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

expires
Sat, 26 Apr 2025 02:26:42 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
pragma
no-cache
date
Sat, 26 Apr 2025 02:26:42 GMT
content-type
image/gif
server
pekko-http/1.0.1
sync
criteo-partners.tremorhub.com/ Frame EE14 		43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-partners.tremorhub.com/sync?UICR=k-d_2ll7gHgUBNq0-DFptC70U7DOXet3TXV2R_Wg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.100.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-100-41.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Sat, 26 Apr 2025 02:26:42 GMT
content-type
image/gif
server
nginx
xuid
eb2.3lift.com/ Frame EE14 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=k-M4Inf7gHgUBNq0-DFptC70U7DOXfeQXzlXORMw&dongle=013b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
date
Sat, 26 Apr 2025 02:26:42 GMT
content-type
image/gif
getusermatch.php
a.twiago.com/rtb/ Frame EE14 		43 B
429 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-mv0SgrgHgUBNq0-DFptC70U7DOUx7i8U4oW4MA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.215.5.31 , Germany, ASN6786 (CRONON-BERLIN-AS Cronon GmbH, DE),
Reverse DNS
Software
Apache / PHP/7.3.29
Resource Hash
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

access-control-allow-origin
*
p3p
policyref="https://help.adspirit.de/w3c/adspirit.p3p", CP="NOI DSP COR NID PSAo PSDo IVAo IVDo OUR STP UNI COM NAV DEM"
content-length
43
date
Sat, 26 Apr 2025 02:26:42 GMT
content-type
image/gif
x-powered-by
PHP/7.3.29
server
Apache
m
ad.yieldlab.net/ Frame EE14 		0
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-CeIVKLgHgUBNq0-DFptC70U7DOUvKPXeN-glZA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.136 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-136.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

Expires
Fri, 25 Apr 2025 02:26:42 GMT
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Pragma
no-cache
Date
Sat, 26 Apr 2025 02:26:42 GMT
Connection
keep-alive
RX-0b380fe6-192d-48f5-bd67-83ebd38466c3-003
sync.targeting.unrulymedia.com/csync/ Frame EE14
Redirect Chain
  • https://sync.1rx.io/usersync/criteodsp/k-ej1DergHgUBNq0-DFptC70U7DOXYSbVzTdOrLw
  • https://sync.targeting.unrulymedia.com/csync/RX-0b380fe6-192d-48f5-bd67-83ebd38466c3-003
43 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-0b380fe6-192d-48f5-bd67-83ebd38466c3-003
Protocol
H2
Server
46.228.174.117 , United Kingdom, ASN56396 (Amobee NEXXEN GROUP LTD, GB),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
date
Sat, 26 Apr 2025 02:26:42 GMT
content-length
43

Redirect headers

expires
0
cache-control
no-store, no-cache, must-revalidate
location
https://sync.targeting.unrulymedia.com/csync/RX-0b380fe6-192d-48f5-bd67-83ebd38466c3-003
date
Sat, 26 Apr 2025 02:26:42 GMT
pragma
no-cache
content-type
text/html
sync
x.bidswitch.net/ Frame 2435 		43 B
92 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=46&user_id=k-nTeb2bgHgUBNq0-DFptC70U7DOV3QWON4zbwqQ&expires=30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.136.108 Groningen, Netherlands, ASN19527 (GOOGLE-2, US),
Reverse DNS
108.136.214.35.bc.googleusercontent.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
date
Sat, 26 Apr 2025 02:26:42 GMT
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 2435 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-Sy5MwrgHgUBNq0-DFptC70U7DOXNvXbuqTHX0Q&google_cm&google_hm=ay1TeTVNd3JnSGdVQk5xMC1ERnB0QzcwVTdET1hOdlhidXFUSFgwUQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
date
Sat, 26 Apr 2025 02:26:42 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 2435
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4263765338744639494
43 B
705 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4263765338744639494
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1343332
expires
Mon, 26 Jul 1997 05:00:00 GMT
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
date
Sat, 26 Apr 2025 02:26:41 GMT
content-type
image/gif
server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4263765338744639494
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
149.88.24.171; 149.88.24.171; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; *.adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
862f452f-6a50-47ec-89aa-904bcf57121c
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Sat, 26 Apr 2025 02:26:41 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.23.4
rum
r.casalemedia.com/ Frame 2435 		43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-iEu4zbgHgUBNq0-DFptC70U7DOWEP4Jj1qQX2A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bUC8Js7Lk3YrHFlfkImVlvkdjVphPO6kfAxFWAKvm84nY29WhPoaAzrExap3IJW76lCK6dzQfXWgamz4%2FieGDt9S1sMFRbJIuUu3WGl%2BFm0GWEUSAF5j5brWsgKATUXO0EuS"}],"group":"cf-nel","max_age":604800}
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date
Sat, 26 Apr 2025 02:26:42 GMT
content-type
image/gif
vary
Accept-Encoding
priority
u=3,i
cache-control
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
cf-ray
9362a30598071daa-FRA
content-length
43
server
cloudflare
ibs:dpid=28645&dpuuid=9MrHsl9DaWlsMTE0b1RxWjJ0SWZKTnpkMWNFbGQ0b0lZJTJCeWgzY0JRSnpQNTBVMFElM0Q
dpm.demdex.net/ Frame 2435
Redirect Chain
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=9MrHsl9DaWlsMTE0b1RxWjJ0SWZKTnpkMWNFbGQ0b0lZJTJCeWgzY0JRSnpQNTBVMFElM0Q
42 B
716 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=9MrHsl9DaWlsMTE0b1RxWjJ0SWZKTnpkMWNFbGQ0b0lZJTJCeWgzY0JRSnpQNTBVMFElM0Q
Protocol
H2
Server
54.72.175.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-175-61.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs
dcs-prod-irl1-1-v077-0be91a86a.edge-irl1.demdex.com 2 ms
content-encoding
gzip
pragma
no-cache
x-content-type-options
nosniff
x-tid
wij9eZQ+S14=
expires
Thu, 01 Jan 1970 00:00:00 UTC
content-length
59
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date
Sat, 26 Apr 2025 02:26:42 GMT
content-type
image/gif

Redirect headers

strict-transport-security
max-age=31536000; preload;
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
location
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=9MrHsl9DaWlsMTE0b1RxWjJ0SWZKTnpkMWNFbGQ0b0lZJTJCeWgzY0JRSnpQNTBVMFElM0Q
content-length
0
date
Sat, 26 Apr 2025 02:26:41 GMT
server
Kestrel
server-processing-duration-in-ticks
814171
9.gif
id5-sync.com/s/966/ Frame 2435 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/s/966/9.gif?puid=k-2jkqgbgHgUBNq0-DFptC70U7DOW-jH9tDsc85A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.120 , Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns3203256.ip-141-95-33.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
p3p
CP="CAO PSA OUR"
date
Sat, 26 Apr 2025 02:26:42 GMT
content-type
image/gif;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
match
ad.360yield.com/ Frame 2435 		43 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-E3ZUSrgHgUBNq0-DFptC70U7DOWOIdb9hoCckg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.72.72.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-72-193.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

access-control-allow-origin
*
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date
Sat, 26 Apr 2025 02:26:42 GMT
content-type
image/gif
cksync.php
contextual.media.net/ Frame 2435 		86 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-jQi1g7gHgUBNq0-DFptC70U7DOXKB2JgU92Nrg
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2.23.180.24 Hamburg, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-23-180-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c8b624ad07331f0d6c28a75c54582cf826c19b8c7ef32eb5a0bb948fc2c7f374
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=0, no-cache, no-store
timing-allow-origin
*
pragma
no-cache
quic-version
0x00000001
expires
Sat, 26 Apr 2025 02:26:42 GMT
x-mnet-hl2
E
alt-svc
h3=":443"; ma=93600
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-length
86
date
Sat, 26 Apr 2025 02:26:42 GMT
content-type
image/gif
server
Apache
push
exchange.mediavine.com/usersync/ Frame 2435 		0
878 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-Y9TSy7gHgUBNq0-DFptC70U7DOXn4yshR9tMfA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.185.212.71 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-212-71.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

cache-control
private, no-cache
content-encoding
gzip
date
Sat, 26 Apr 2025 02:26:42 GMT
content-type
text/html; charset=utf-8
vary
Origin, Accept-Encoding
access-control-allow-credentials
true
1017
jadserve.postrelease.com/suid/ Frame 2435 		43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/1017?vk=k-Pm9n7bgHgUBNq0-DFptC70U7DOU4wfVAVFst7Q
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.242.121.227 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-242-121-227.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
expires
Mon, 1 Jan 1990 12:00:00 GMT
access-control-allow-origin
*
content-length
43
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Sat, 26 Apr 2025 02:26:43 GMT
content-type
image/gif
server
nginx
cookie-sync
sync.outbrain.com/ Frame 2435 		0
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k--bhXSrgHgUBNq0-DFptC70U7DOXpYvSTblscMQ&initiator=partner
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
70.42.32.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache
content-length
0
date
Sat, 26 Apr 2025 02:26:42 GMT
x-traceid
8eef50bc47a4d74fc907e196e8d1d984
Pug
simage2.pubmatic.com/AdServer/ Frame 2435 		42 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-2MwSLLgHgUBNq0-DFptC70U7DOVUDu2WYl-LPg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.231.98.109 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-store, no-cache, private
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sat, 26 Apr 2025 02:26:42 GMT
content-type
image/gif; charset=utf-8
server
nginx
tap.php
pixel.rubiconproject.com/ Frame 2435 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-YuatzbgHgUBNq0-DFptC70U7DOWQyHo3Tt52JA&expires=30
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
5e091a4bda7cb1b96cf60040ae4e8596
Pragma
no-cache
Content-Type
image/gif
/
rtb-csync.smartadserver.com/redir/ Frame 2435 		43 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-NaIIl7gHgUBNq0-DFptC70U7DOUNt-tWH_WcJQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.172 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

date
Sat, 26 Apr 2025 02:26:41 GMT
content-type
image/gif
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 2435 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-6pkBBrgHgUBNq0-DFptC70U7DOUJjoaaoPNkgQ
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

x-fastly-to-nlb-rtt
11072
date
Sat, 26 Apr 2025 02:26:42 GMT
server
nginx
access-control-allow-credentials
true
um
criteo-sync.teads.tv/ Frame 2435 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-INa5gbgHgUBNq0-DFptC70U7DOWz5EaFSCAoyw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.253.92 Hamburg, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-253-92.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.1 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

expires
Sat, 26 Apr 2025 02:26:42 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
pragma
no-cache
date
Sat, 26 Apr 2025 02:26:42 GMT
content-type
image/gif
server
pekko-http/1.0.1
sync
criteo-partners.tremorhub.com/ Frame 2435 		43 B
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-partners.tremorhub.com/sync?UICR=k-d_2ll7gHgUBNq0-DFptC70U7DOXet3TXV2R_Wg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.100.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-100-41.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Sat, 26 Apr 2025 02:26:42 GMT
content-type
image/gif
server
nginx
xuid
eb2.3lift.com/ Frame 2435 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=k-M4Inf7gHgUBNq0-DFptC70U7DOXfeQXzlXORMw&dongle=013b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
date
Sat, 26 Apr 2025 02:26:42 GMT
content-type
image/gif
getusermatch.php
a.twiago.com/rtb/ Frame 2435 		43 B
429 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-mv0SgrgHgUBNq0-DFptC70U7DOUx7i8U4oW4MA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.215.5.31 , Germany, ASN6786 (CRONON-BERLIN-AS Cronon GmbH, DE),
Reverse DNS
Software
Apache / PHP/7.3.29
Resource Hash
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

access-control-allow-origin
*
p3p
policyref="https://help.adspirit.de/w3c/adspirit.p3p", CP="NOI DSP COR NID PSAo PSDo IVAo IVDo OUR STP UNI COM NAV DEM"
content-length
43
date
Sat, 26 Apr 2025 02:26:42 GMT
content-type
image/gif
x-powered-by
PHP/7.3.29
server
Apache
m
ad.yieldlab.net/ Frame 2435 		0
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-CeIVKLgHgUBNq0-DFptC70U7DOUvKPXeN-glZA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.136 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-136.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

Expires
Fri, 25 Apr 2025 02:26:42 GMT
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Pragma
no-cache
Date
Sat, 26 Apr 2025 02:26:42 GMT
Connection
keep-alive
RX-0b380fe6-192d-48f5-bd67-83ebd38466c3-003
sync.targeting.unrulymedia.com/csync/ Frame 2435
Redirect Chain
  • https://sync.1rx.io/usersync/criteodsp/k-ej1DergHgUBNq0-DFptC70U7DOXYSbVzTdOrLw
  • https://sync.targeting.unrulymedia.com/csync/RX-0b380fe6-192d-48f5-bd67-83ebd38466c3-003
43 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-0b380fe6-192d-48f5-bd67-83ebd38466c3-003
Protocol
H2
Server
46.228.174.117 , United Kingdom, ASN56396 (Amobee NEXXEN GROUP LTD, GB),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
date
Sat, 26 Apr 2025 02:26:42 GMT
content-length
43

Redirect headers

expires
0
cache-control
no-store, no-cache, must-revalidate
location
https://sync.targeting.unrulymedia.com/csync/RX-0b380fe6-192d-48f5-bd67-83ebd38466c3-003
date
Sat, 26 Apr 2025 02:26:42 GMT
pragma
no-cache
content-type
text/html
setuid
ib.adnxs.com/ Frame 2586 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=52&code=k-Tnz0XrgHgUBNq0-DFptC70U7DOX6yBEcsyBUMw
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin
149.88.24.171; 149.88.24.171; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; *.adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid
4dd0658b-78d6-4a02-be87-70eafdc9043a
content-length
43
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Sat, 26 Apr 2025 02:26:41 GMT
x-xss-protection
0
content-type
image/gif
server
nginx/1.23.4
favicon.png
parasiterelief.com/img/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://parasiterelief.com/img/favicon.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
100.28.91.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-28-91-13.compute-1.amazonaws.com
Software
nginx / Express
Resource Hash
20d1160d4baa8eb4c0ad192f9497de3a531a2a2d4357006ea7d5bb29f8b0d838

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=492&oid=109&uid=389&_ef_transaction_id=d806e723fe844b28904ee28ec49ae968&n=6109

Response headers

Cache-Control
public, max-age=0
ETag
W/"788-18a9414c193"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1928
Date
Sat, 26 Apr 2025 02:26:41 GMT
Content-Type
image/png
X-Powered-By
Express
Server
nginx
Last-Modified
Thu, 14 Sep 2023 14:25:02 GMT
setuid
ib.adnxs.com/ Frame 703B 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=52&code=k-Tnz0XrgHgUBNq0-DFptC70U7DOX6yBEcsyBUMw
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=492&oid=109&uid=389&_ef_transaction_id=d806e723fe844b28904ee28ec49ae968&n=6109
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin
149.88.24.171; 149.88.24.171; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; *.adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid
42cef888-19e3-44f8-aa0b-fc70ee652465
content-length
43
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Sat, 26 Apr 2025 02:26:41 GMT
x-xss-protection
0
content-type
image/gif
server
nginx/1.23.4
setuid
ib.adnxs.com/ Frame 0C65 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=52&code=k-Tnz0XrgHgUBNq0-DFptC70U7DOX6yBEcsyBUMw
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=492&oid=109&uid=389&_ef_transaction_id=d806e723fe844b28904ee28ec49ae968&n=6109
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin
149.88.24.171; 149.88.24.171; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; *.adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid
88c5c1d4-e4eb-4eb2-8fca-c02ab7d428a9
content-length
43
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Sat, 26 Apr 2025 02:26:41 GMT
x-xss-protection
0
content-type
image/gif
server
nginx/1.23.4
setuid
ib.adnxs.com/ Frame EE14 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=52&code=k-Tnz0XrgHgUBNq0-DFptC70U7DOX6yBEcsyBUMw
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=492&oid=109&uid=389&_ef_transaction_id=d806e723fe844b28904ee28ec49ae968&n=6109
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin
149.88.24.171; 149.88.24.171; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; *.adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid
2d6a7275-32cb-4d46-9646-baf3c1422896
content-length
43
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Sat, 26 Apr 2025 02:26:41 GMT
x-xss-protection
0
content-type
image/gif
server
nginx/1.23.4
g.pixel
aa.agkn.com/adscores/ Frame 2586
Redirect Chain
  • https://gum.criteo.com/sync?c=9&r=1&a=1&u=https%3A%2F%2Faa.agkn.com%2Fadscores%2Fg.pixel%3Fsid%3D9212273938%26ct%3D%40USERID%40
  • https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=NKvlH19DaWlsMTE0b1RxWjJ0SWZKTnpkMWNJZEtUcXhRMklXaExheE9aMVklMkJaZ1UlM0Q
43 B
496 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=NKvlH19DaWlsMTE0b1RxWjJ0SWZKTnpkMWNJZEtUcXhRMklXaExheE9aMVklMkJaZ1UlM0Q
Protocol
H2
Server
54.76.71.127 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-71-127.eu-west-1.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
access-control-allow-methods
GET, OPTIONS
expires
0
access-control-allow-origin
*
content-length
43
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
date
Sat, 26 Apr 2025 02:26:42 GMT
content-type
image/gif
server
AAWebServer
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type

Redirect headers

strict-transport-security
max-age=31536000; preload;
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
location
https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=NKvlH19DaWlsMTE0b1RxWjJ0SWZKTnpkMWNJZEtUcXhRMklXaExheE9aMVklMkJaZ1UlM0Q
content-length
0
date
Sat, 26 Apr 2025 02:26:41 GMT
server
Kestrel
server-processing-duration-in-ticks
871626
g.pixel
aa.agkn.com/adscores/ Frame 703B
Redirect Chain
  • https://gum.criteo.com/sync?c=9&r=1&a=1&u=https%3A%2F%2Faa.agkn.com%2Fadscores%2Fg.pixel%3Fsid%3D9212273938%26ct%3D%40USERID%40
  • https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=ygXY-l9DaWlsMTE0b1RxWjJ0SWZKTnpkMWNKa1FRSTdCa2d5T1ZRTHZESVN6U01jJTNE
43 B
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=ygXY-l9DaWlsMTE0b1RxWjJ0SWZKTnpkMWNKa1FRSTdCa2d5T1ZRTHZESVN6U01jJTNE
Protocol
H2
Server
54.76.71.127 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-71-127.eu-west-1.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
access-control-allow-methods
GET, OPTIONS
expires
0
access-control-allow-origin
*
content-length
43
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
date
Sat, 26 Apr 2025 02:26:42 GMT
content-type
image/gif
server
AAWebServer
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type

Redirect headers

strict-transport-security
max-age=31536000; preload;
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
location
https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=ygXY-l9DaWlsMTE0b1RxWjJ0SWZKTnpkMWNKa1FRSTdCa2d5T1ZRTHZESVN6U01jJTNE
content-length
0
date
Sat, 26 Apr 2025 02:26:41 GMT
server
Kestrel
server-processing-duration-in-ticks
896942
setuid
ib.adnxs.com/ Frame 2435 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=52&code=k-Tnz0XrgHgUBNq0-DFptC70U7DOX6yBEcsyBUMw
Requested by
Host: parasiterelief.com
URL: https://parasiterelief.com/?utm_source=cpa&utm_medium=affiliate&utm_content=cleansevsl&utm_campaign=cleansecpa&affid=492&oid=109&uid=389&_ef_transaction_id=d806e723fe844b28904ee28ec49ae968&n=6109
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin
149.88.24.171; 149.88.24.171; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; *.adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid
384e3035-3f0d-405c-901f-394b8b255c58
content-length
43
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Sat, 26 Apr 2025 02:26:42 GMT
x-xss-protection
0
content-type
image/gif
server
nginx/1.23.4
g.pixel
aa.agkn.com/adscores/ Frame 0C65
Redirect Chain
  • https://gum.criteo.com/sync?c=9&r=1&a=1&u=https%3A%2F%2Faa.agkn.com%2Fadscores%2Fg.pixel%3Fsid%3D9212273938%26ct%3D%40USERID%40
  • https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=BFpiwl9DaWlsMTE0b1RxWjJ0SWZKTnpkMWNQcEYyUkNFUEF2Q0ROVWs2T1FoYmE0JTNE
43 B
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=BFpiwl9DaWlsMTE0b1RxWjJ0SWZKTnpkMWNQcEYyUkNFUEF2Q0ROVWs2T1FoYmE0JTNE
Protocol
H2
Server
54.76.71.127 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-71-127.eu-west-1.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
access-control-allow-methods
GET, OPTIONS
expires
0
access-control-allow-origin
*
content-length
43
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
date
Sat, 26 Apr 2025 02:26:42 GMT
content-type
image/gif
server
AAWebServer
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type

Redirect headers

strict-transport-security
max-age=31536000; preload;
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
location
https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=BFpiwl9DaWlsMTE0b1RxWjJ0SWZKTnpkMWNQcEYyUkNFUEF2Q0ROVWs2T1FoYmE0JTNE
content-length
0
date
Sat, 26 Apr 2025 02:26:41 GMT
server
Kestrel
server-processing-duration-in-ticks
781376
g.pixel
aa.agkn.com/adscores/ Frame EE14
Redirect Chain
  • https://gum.criteo.com/sync?c=9&r=1&a=1&u=https%3A%2F%2Faa.agkn.com%2Fadscores%2Fg.pixel%3Fsid%3D9212273938%26ct%3D%40USERID%40
  • https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=aWqf6V9DaWlsMTE0b1RxWjJ0SWZKTnpkMWNJc3U1VkxLa1Z2Y01BZVE5N0d3YnBRJTNE
43 B
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=aWqf6V9DaWlsMTE0b1RxWjJ0SWZKTnpkMWNJc3U1VkxLa1Z2Y01BZVE5N0d3YnBRJTNE
Protocol
H2
Server
54.76.71.127 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-71-127.eu-west-1.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
access-control-allow-methods
GET, OPTIONS
expires
0
access-control-allow-origin
*
content-length
43
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
date
Sat, 26 Apr 2025 02:26:42 GMT
content-type
image/gif
server
AAWebServer
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type

Redirect headers

strict-transport-security
max-age=31536000; preload;
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
location
https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=aWqf6V9DaWlsMTE0b1RxWjJ0SWZKTnpkMWNJc3U1VkxLa1Z2Y01BZVE5N0d3YnBRJTNE
content-length
0
date
Sat, 26 Apr 2025 02:26:42 GMT
server
Kestrel
server-processing-duration-in-ticks
797043
g.pixel
aa.agkn.com/adscores/ Frame 2435
Redirect Chain
  • https://gum.criteo.com/sync?c=9&r=1&a=1&u=https%3A%2F%2Faa.agkn.com%2Fadscores%2Fg.pixel%3Fsid%3D9212273938%26ct%3D%40USERID%40
  • https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=r9KaJ19DaWlsMTE0b1RxWjJ0SWZKTnpkMWNHUUpxRkNiWjQ1QmxQZGx4azUwTEc0JTNE
43 B
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=r9KaJ19DaWlsMTE0b1RxWjJ0SWZKTnpkMWNHUUpxRkNiWjQ1QmxQZGx4azUwTEc0JTNE
Protocol
H2
Server
54.76.71.127 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-71-127.eu-west-1.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
access-control-allow-methods
GET, OPTIONS
expires
0
access-control-allow-origin
*
content-length
43
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
date
Sat, 26 Apr 2025 02:26:42 GMT
content-type
image/gif
server
AAWebServer
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type

Redirect headers

strict-transport-security
max-age=31536000; preload;
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
location
https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=r9KaJ19DaWlsMTE0b1RxWjJ0SWZKTnpkMWNHUUpxRkNiWjQ1QmxQZGx4azUwTEc0JTNE
content-length
0
date
Sat, 26 Apr 2025 02:26:42 GMT
server
Kestrel
server-processing-duration-in-ticks
896042
log_event
www.youtube-nocookie.com/youtubei/v1/ Frame F7B2 		28 B
50 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/youtubei/v1/log_event?alt=json
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/22f02d3d/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f14.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-YouTube-Page-CL
750409904
X-YouTube-Utc-Offset
120
Referer
https://www.youtube-nocookie.com/embed/Kdx01YmF6t8?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
X-YouTube-Device
cbr=Chrome&cbrver=135.0.0.0&ceng=WebKit&cengver=537.36&cos=X11&cplatform=DESKTOP
X-YouTube-Client-Name
56
X-YouTube-Ad-Signals
dt=1745634400075&flash=0&frm=2&u_tz=120&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=250%2C250%2C250%2C250%2C1600%2C0%2C1600%2C1200%2C926%2C521&vis=1&wgl=true&ca_type=image
X-YouTube-Client-Version
1.20250422.22.00
X-Goog-Visitor-Id
CgszMVltWHM5UnVfMCjfiLHABjIKCgJERRIEEgAgWw%3D%3D
X-Goog-Request-Time
1745634402490
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
X-YouTube-Time-Zone
Europe/Berlin
Content-Type
application/json
X-YouTube-Page-Label
youtube.player.web_20250422_22_RC00

Response headers

content-encoding
br
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
date
Sat, 26 Apr 2025 02:26:42 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
vary
Origin, X-Origin, Referer
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
collect
n.clarity.ms/ 		0
282 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://n.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.8.1/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.175.234.12 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://parasiterelief.com/

Response headers

Request-Context
appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
Access-Control-Allow-Origin
https://parasiterelief.com
Date
Sat, 26 Apr 2025 02:26:43 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-SSVM2TL5G6&gtm=45je54n0v871036254za200zb9138730978&_p=1745634399773&gcs=G111&gcd=13v3v3v2v5l1&npa=0&dma_cps=syphamo&dma=1&tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004&ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&cid=1433402319.1745634400&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AEAAAAI&_s=2&sid=1745634400&sct=1&seg=0&dl=https%3A%2F%2Fparasiterelief.com%2F%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dcleansevsl%26utm_campaign%3Dcleansecpa%26affid%3D492%26oid%3D109%26uid%3D389%26_ef_transaction_id%3Dd806e723fe844b28904ee28ec49ae968%26n%3D6109&dt=Cleanse24&_tu=CA&en=scroll&epn.percent_scrolled=90&_et=19&tfd=5852
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SSVM2TL5G6&l=dataLayer&cx=c&gtm=45He54n0v9138730978za200&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://parasiterelief.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:153:0
report-to
{"group":"ascnsrsggc:153:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:153:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://parasiterelief.com
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsggc:153:0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 26 Apr 2025 02:26:45 GMT
content-type
text/plain
server
Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
a.quora.com
URL
https://a.quora.com/qevents.js
Domain
rr5---sn-4g5lznl7.googlevideo.com
URL
https://rr5---sn-4g5lznl7.googlevideo.com/videoplayback?expire=1745656000&ei=YEQMaPuJEZTKi9oPzcWzgA8&ip=149.88.24.171&id=o-AA2VHCHIvM6uwb3sBnLoUJyDmlULsTwGZcVR-kuGqGH3&itag=134&aitags=134%2C136%2C137%2C160%2C243&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AccgBcOIisrP-uEYuboebV08HPlYY_tA7VFMcxp0bwaVvlZqeCS5WcQbC3pDVEQTfC3MZ8Z056lXbjy8&spc=_S3wKpQPVkqAj2oqub8iGTOcJ6zAk4zlVJK4M4bOpsEbhvgukQCRbiCjIn9C5M3kNNU&vprv=1&svpuc=1&mime=video%2Fmp4&ns=RAXZPGr8O98JNOUAeB7WfcAQ&rqh=1&gir=yes&clen=85085020&dur=1883.875&lmt=1742912127300866&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=6209224&n=nmagnhWzfpegeQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Crqh%2Cgir%2Cclen%2Cdur%2Clmt&alr=yes&sig=AJfQdSswRAIgOfRR2Qgqd3P0KEDz8WJ_ng61ocwL7HUKn_N6yQz9yi4CIB9owQIPILVmchjxskOi4r0d09tor71lPEDjq8QBI7f7&cpn=ei9uCDOtFNfEABUz&cver=1.20250422.22.00&redirect_counter=1&cm2rm=sn-n02xgoxufvg3-2gbs7r&rrc=80&fexp=24350590,24350737,24350796,24350816,24350827,24350961,24350984,24351173,24351254,24351428,24351431,24351495,24351528,24351542,24351545,24351638,24351658,24351662,24351673,24351704&cms_redirect=yes&cmsv=e&met=1745634400,&mh=zd&mm=29&mn=sn-4g5lznl7&ms=rdu&mt=1745634048&mv=m&mvi=5&pl=24&rms=rdu,au&lsparams=met,mh,mm,mn,ms,mv,mvi,pl,rms&lsig=ACuhMU0wRQIgaX-3w_Kui5BVzgdiIoOyxm35S_iErT8x2OTPWB4Kc3UCIQCIS84SK2_VPV3DuEOHpCC0B3aY6NgZJ5-m0gGQ42CXEw%3D%3D&range=0-171276&rn=4&rbuf=0&pot=Igj9Jv0glSq5Rg==&ump=1&srfvp=1
Domain
mid.rkdms.com
URL
https://mid.rkdms.com/restricted

Verdicts & Comments Add Verdict or Comment

100 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| dataLayer function| fbq function| _fbq object| lazySizesConfig object| lazySizes function| init function| adjustVideoPlayerSize function| onYouTubeIframeAPIReady function| getVideoStartTime function| onProgress function| updateTime function| setTapImageSource function| showTapImage function| hideTapImage function| showNextStepButton function| videoChangeGo function| handleKeyboardEvent function| isFacebookApp function| smoothScrollTo function| calculateScrollTopPosition function| showCookiesBanner function| acceptCookies function| setCookie function| getCookie function| toOrderForm object| scriptUrl object| ttPolicy object| YT object| YTConfig boolean| yt_embedsEnableIframeApiSendFullEmbedUrl boolean| yt_embedsEnableAutoplayAndVisibilitySignals function| onYTReady object| google_tag_manager object| google_tag_data function| pintrk function| qp string| qpGtm object| rtbhEvents function| snaptr object| criteo_q string| TiktokAnalyticsObject object| ttq function| twq function| clarity function| esk function| ___esk object| uetq object| _scPxHelper object| _scPxTeller object| Criteo object| cto_csm_CspLogger object| gaGlobal object| regeneratorRuntime object| twttr function| _b64dec function| UET function| UET_init function| UET_push object| ueto_2e02beb113 object| ueto_77585668a6 object| cspDomains object| tagConfig object| EF object| TimeMe boolean| _ucaloaded string| _ucav function| ucGetCssSelectorShort function| ucParentsCalc function| ucCalculateSelector function| ucaPushPageEvent object| _uca function| ucaEvent function| ucaCustomField function| ucaCustomFields boolean| ucaInit object| LI object| liQHub object| liQ function| gtag function| TiktokJelly object| _jelly_sdks function| ucAnpFailback function| ucRemoveBadMacros function| ucAnpCallback object| liQ_instances

101 Cookies

Domain/Path Name / Value
sc-static.net/scevent.min.js Name: X-AB
Value: 43ce6cbb108c4d239cb1d3508fd1226b
i.liadm.com/s Name: _li_ss
Value: CjYKBgj5ARDQGgoFCAoQ0BoKBgjdARDQGgoGCKUBENAaCgYIogEQ0BoKBgjSARDQGgoFCH4Q0Bo
.liadm.com/j Name: lidid
Value: 5408b5ec-eb21-4ee9-9fb1-62f73831e44e
.youtube.com/ Name: YSC
Value: TDkTS-pW6EI
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: 4Ydfz24QvVo
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJERRIEEgAgTQ%3D%3D
.youtube.com/ Name: __Secure-ROLLOUT_TOKEN
Value: CMvH_pXop4PepAEQq9i_8tL0jAMYq9i_8tL0jAM%3D
.parasiterelief.com/ Name: _gcl_au
Value: 1.1.884641591.1745634400
parasiterelief.com/ Name: __rtbh.lid
Value: %7B%22eventType%22%3A%22lid%22%2C%22id%22%3A%22UKol0U9BJKCLYwRMlM7f%22%2C%22expiryDate%22%3A%222026-04-26T02%3A26%3A40.006Z%22%7D
.parasiterelief.com/ Name: _scid
Value: H8T7Yotes1HAyz3-WVWI8wzZt-D3dx3i
.parasiterelief.com/ Name: _scid_r
Value: H8T7Yotes1HAyz3-WVWI8wzZt-D3dx3i
.parasiterelief.com/ Name: _ga
Value: GA1.1.1433402319.1745634400
.parasiterelief.com/ Name: _ga_SSVM2TL5G6
Value: GS1.1.1745634400.1.0.1745634400.60.0.0
.criteo.com/ Name: uid
Value: c58c577a-ee2d-48a8-9b75-fd95c1ece6a6
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.snapchat.com/ Name: sc_at
Value: v2|H4sIAAAAAAAAAAXBiRHAMAgDsIm4s2uSsA7kmYLhK9Wsr8hnlLb5QFqiwu5WvJNBxerm8jHlDjR+WM1KXzIAAAA=
.pinterest.com/ Name: ar_debug
Value: 1
.tiktok.com/ Name: _ttp
Value: 2wFPZ7EDDhdZx9gOgb8VYt5ybuQ
.parasiterelief.com/ Name: _ScCbts
Value: %5B%5D
.eskimi.com/ Name: __eConsent
Value: 1
.eskimi.com/ Name: __eDId
Value: 457acc44-e734-4b2c-9cac-29d515d13566
.eskimi.com/ Name: __eP
Value: 1
.parasiterelief.com/ Name: cto_bundle
Value: IJarCV9ZMnA5V1NKWVVyQUF1b01aNnZLZlR1WWJvNjZVcEtWdThFbElhTjNIaHFZR0hBUk5NakVLY0RLdSUyRklwTEN4R09hZEtWTDgwRUlqQ3d0OW9BYVdYNzJ3b3hGZW84c2w5dHk3U1EwcCUyRmZHVXFpNWl3MkxPc0hTOUF1NE9uV1lzUUJvTGtpQU54MFN6WVNIQVJFUEElMkZpUFBLbkElMkZzeDNCRHdseXFqSWRPcFhzRSUzRA
.parasiterelief.com/ Name: _pin_unauth
Value: dWlkPU5qZGxPR1F3TlRRdE9EVTFaaTAwTTJZeExXSmlNV0l0TTJGa01qTTRZall3TlRJdw
.parasiterelief.com/ Name: _li_dcdm_c
Value: .parasiterelief.com
.t.co/ Name: muc_ads
Value: b59b745f-f601-4039-84ae-823c7a338d94
.t.co/ Name: __cf_bm
Value: wcxveRcLzOP3G_AmdO38YoZk5IhkOuHXwx.MDXPw5E0-1745634400-1.0.1.1-8n7SpXDKR.m9YcxGoYaZJ6d8aqmivmLM_bzjJPT0NO53EE26BS2oyPEf3.GHSqAsB9LhrTSi24SmX3oEUh1NB4chKVeLZ5e4I9f1KUvTJxY
.parasiterelief.com/ Name: _lc2_fpi
Value: 2fd7b255045c--01jsqyp61h4cj5fc9n09vwr2x1
.parasiterelief.com/ Name: _lc2_fpi_js
Value: 2fd7b255045c--01jsqyp61h4cj5fc9n09vwr2x1
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.parasiterelief.com/ Name: _tt_enable_cookie
Value: 1
.parasiterelief.com/ Name: _ttp
Value: 01JSQYP634BY11SJYP7MRXRYF5_.tt.1
.parasiterelief.com/ Name: ttcsid
Value: 1745634400357::iGWOyQ4mUxmOZrtMffCz.1.1745634400358
.twitter.com/ Name: guest_id_marketing
Value: v1%3A174563440023717126
.twitter.com/ Name: guest_id_ads
Value: v1%3A174563440023717126
.twitter.com/ Name: personalization_id
Value: "v1_Y3aGp3XodHn1B2jIJagQ5Q=="
.twitter.com/ Name: guest_id
Value: v1%3A174563440023717126
.twitter.com/ Name: __cf_bm
Value: C87dVe7jfboHDI9k4sYL78_sz0E0UN2pjAHt5YvPVIE-1745634400-1.0.1.1-Jue3VRvnuXLeNMUZwEDmP3KNC5DLkV23N5OJ1Nm2BPx8Odi80u7sLIEKjr6oWR4s1AmnH8ACP0lTFNKwmEmjUR8VUMtnXU2gDaTL1is5fIo
.ct.pinterest.com/ Name: _pinterest_ct_ua
Value: "TWc9PSZUTjNGL1F5Q0tWd3JITElvY0VrU0YxbjFwaWgyQlk3Y0syRUZ5aGlKWTRwNERiV3pSaS9MUmVFTHFwTlVQcWhTOGtUN0o1b0V5OUxDWVBlazVMVWZvakRGOVYzellsWkkvQjlzUnpsWTRlZz0mNTdUVEVudGtRcWVTVlZYdyt1dFhreHlCSVJVPQ=="
.doubleclick.net/ Name: ar_debug
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUmtlsiECI22kRNryz8jd9nZV6mCVTpKQq0Uqy_eQ8Uundl_OYfUxGVTcxOeeEU
.parasiterelief.com/ Name: ucacid
Value: 1057034287.209870
secure.parasiterelief.com/ Name: AWSALB
Value: 0rwRvUQz2t2PsrQmwn6fLF/WwIPsJlHLoI8aS5rMWf5d89Ue1qMHZHVMzEFg79I/Sq7u4sw8XVC+dVml82pijgTyHa4i++3jR6qJJHCsTYStR3Mwd31trjIsgKxP
secure.parasiterelief.com/ Name: AWSALBCORS
Value: 0rwRvUQz2t2PsrQmwn6fLF/WwIPsJlHLoI8aS5rMWf5d89Ue1qMHZHVMzEFg79I/Sq7u4sw8XVC+dVml82pijgTyHa4i++3jR6qJJHCsTYStR3Mwd31trjIsgKxP
.secure.parasiterelief.com/ Name: LHP-ANP
Value: 9044
secure.parasiterelief.com/ Name: JSESSIONID
Value: abc60txXaUljVAkOUhwsA
secure.parasiterelief.com/ Name: LBJSESSIONID
Value: abc60txXaUljVAkOUhwsA.n464
.parasiterelief.com/ Name: ttcsid_CF31TNRC77U6J4TVF330
Value: 1745634400357::o7NOc_5ui9N2j_kIy8pD.1.1745634400698
www.p8btrk.com/ Name: uniqueClick
Value: f142c4fe-c409-4516-ab6e-c72af09a2f8e:1745634400
www.p8btrk.com/ Name: transaction_id
Value: d806e723fe844b28904ee28ec49ae968
parasiterelief.com/ Name: ef_witness
Value: 1
parasiterelief.com/ Name: ef_affid
Value: 492
parasiterelief.com/ Name: ef_tid_c_o_109
Value: d806e723fe844b28904ee28ec49ae968
parasiterelief.com/ Name: ef_tid_c_a_6
Value: d806e723fe844b28904ee28ec49ae968
.creativecdn.com/ Name: g
Value: BlRYyjyBJMjt58M87dmb_1745634400724
.creativecdn.com/ Name: c
Value: BlRYyjyBJMjt58M87dmb_EuTwXXOV4Sc7dJbpixmK_1745634400724
.creativecdn.com/ Name: ts
Value: 1745634400
.liadm.com/ Name: lidid
Value: 5408b5ec-eb21-4ee9-9fb1-62f73831e44e
.creativecdn.com/ Name: ar_debug
Value: 1
.parasiterelief.com/ Name: _li_ss
Value: CjYKBgj5ARDQGgoFCAoQ0BoKBgjdARDQGgoGCKUBENAaCgYIogEQ0BoKBgjSARDQGgoFCH4Q0Bo
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.turn.com/ Name: uid
Value: 8452463706568119056
.demdex.net/ Name: demdex
Value: 18562585311664702043836762888381221036
.rezync.com/ Name: zync-uuid
Value: 7a3e7b6d-ee01-4b84-9e26-88a16df76519:1745634401.1291068
.dpm.demdex.net/ Name: dpm
Value: 18562585311664702043836762888381221036
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0NjY2sjQ1NjUzNTAyM7MwtRDiM9SNcs_OCTZP9HAzj3AGAJ5jeE4lAAAA
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_wXBwRHAIAgEwE_aIcMpHmA3OpJCUrm7_-O-evnmkSqF2A6TrEaJWOD5nAM54TbYzRQvWkIZF3hGxHw6AAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1XIsRGAIAwF0AmsmCMeH8JPcBs44kCWlk5q6Vm-dyWzUcMml0RkiE5X6VEo7gNcp7GhHzBtrKoZO0pHpt9p-7I4n7_tBdh1vYBaAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0NjY2sjQ1NjUzNTAyM7MwtRDiM9SNcs_OCTZP9HAzj3AGAJ5jeE4lAAAA
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-633a1b2b-9a6b-59d6-4451-e43f5df61d1f.VotsJ7EiI0H%2F4FF7ariEer8KlTdLaZtNPhWllU8%2F13s
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-633a1b2b-9a6b-59d6-4451-e43f5df61d1f.VotsJ7EiI0H%2F4FF7ariEer8KlTdLaZtNPhWllU8%2F13s
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AYzobK5prWdZEUeQ_XfYdH5VYGKs.iaZO%2FAxx1MQv28BZezMhILx3yjX%2BR%2FASaikzui2tRtM
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AYzobK5prWdZEUeQ_XfYdH5VYGKs.iaZO%2FAxx1MQv28BZezMhILx3yjX%2BR%2FASaikzui2tRtM
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIDwNQ-PaKgdISLnCZ0VDhHP-m6ZOBZCsN4MHeJDMPZNBENYBGAQg4YixwAYwAToEV7wH0kIEW2Opyg.KNNyiMaZs2M4NLMcaB0NC%2Fy9tGHOgGyMaWYoiUIZtqc
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIDwNQ-PaKgdISLnCZ0VDhHP-m6ZOBZCsN4MHeJDMPZNBENYBGAQg4YixwAYwAToEV7wH0kIEW2Opyg.KNNyiMaZs2M4NLMcaB0NC%2Fy9tGHOgGyMaWYoiUIZtqc
live.rezync.com/ Name: sd-session-id
Value: .eJwNzEsOwjAMANG7eN2gOI6dz2WqlhgpggbUtBsq7k6WIz3NBfNH921p2g7Ix37qBPdXHdUhX9Drd9MnZGAkIpeYWNg6kcgRfhN07b2-21zLMGEhDasUo2rR-DV6k9SJiXFBKY8gjClj8CzkvcUbuoRWxucPtKUleg.aAxEYQ.cLM3NmMy6c8vCMmLI0AcrrxZHlc
parasiterelief.com/ Name: /:watchVideoTime:Kdx01YmF6t8
Value: 0
.casalemedia.com/ Name: CMID
Value: aAxEYbmqPa4ANQuTAwK9oAAA
.casalemedia.com/ Name: CMPS
Value: 3273
.casalemedia.com/ Name: CMPRO
Value: 3273
exchange.mediavine.com/ Name: mv_tokens
Value: %7B%22mv_uuid%22%3A%22e3babfc0-2245-11f0-b8c8-7d089a008a18%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: mv_tokens_eu-v1
Value: %7B%22mv_uuid%22%3A%22e3babfc0-2245-11f0-b8c8-7d089a008a18%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: am_tokens
Value: %7B%22mv_uuid%22%3A%22e3babfc0-2245-11f0-b8c8-7d089a008a18%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: am_tokens_eu-v1
Value: %7B%22mv_uuid%22%3A%22e3babfc0-2245-11f0-b8c8-7d089a008a18%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: criteo
Value: %7B%22id%22%3A%22k-Y9TSy7gHgUBNq0-DFptC70U7DOXn4yshR9tMfA%22%2C%22version%22%3A%22criteo%22%7D
.pubmatic.com/ Name: KRTBCOOKIE_97
Value: 3385-uid:k-2MwSLLgHgUBNq0-DFptC70U7DOVUDu2WYl-LPg&KRTB&23037-uid:k-2MwSLLgHgUBNq0-DFptC70U7DOVUDu2WYl-LPg&KRTB&23144-uid:k-2MwSLLgHgUBNq0-DFptC70U7DOVUDu2WYl-LPg&KRTB&23286-uid:k-2MwSLLgHgUBNq0-DFptC70U7DOVUDu2WYl-LPg
.media.net/ Name: data-c
Value: k-jQi1g7gHgUBNq0-DFptC70U7DOXKB2JgU92Nrg~~3
a.twiago.com/ Name: deuxesse_uxid
Value: b4108b85feadea041c0127cbde72f81a94cf6ec9688b66c00d97fc2b0176cab6
.adnxs.com/ Name: XANDR_PANID
Value: gynTkKlB_Oe8i6OFexbgFtnzf_SKjWGBZ4rwW-WFqSyPGxikwnuYypZ0uFML8SSJdDMV1XvoBsTWK9Yj1yzMJpdEexM9S40w_5zYXgdhgug.
.adnxs.com/ Name: uuid2
Value: 8054633381625834642
.adnxs.com/ Name: anj
Value: dTM7k!M4/rCxrEQF']wIg2E>8nmLbf!A#F-.TSyx/AFZ3=0`^#/i8C8Y.#mF7p1X[hu97']j@Zhle^/'eFZ8DieJE[aG+mY`u:nlf5W6y(j#iP(Md+>)fy*H2O->G
.media.net/ Name: visitor-id
Value: 3886360012868105000V10
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-0b380fe6-192d-48f5-bd67-83ebd38466c3-003%22%7D
.agkn.com/ Name: ab
Value: 0001%3Axev9EIEsbQnvv3%2F0QTdoETtdlJC9KXPS
.pubmatic.com/ Name: PugT
Value: 1745634402
.tremorhub.com/ Name: tv_UICR
Value: k-d_2ll7gHgUBNq0-DFptC70U7DOXet3TXV2R_Wg
.media.net/ Name: data-c-ts
Value: 1745634402
.criteo.com/ Name: cto_bundle
Value: zrLRRV80c2p4UTNENEh3SExDR0Y4TlEyT0pRRVZpaklYakN5NFQ1NTRabVIxY0kyM3M3QmozV1hFVCUyRm1oSW0xbUFFQkc2OThoZlQ2WmE2b1VlUURPNG5abXpFTDdXZXVvQUV3YXpuTDhvbDhNTUF5Vkp1TWtsVXJlVjZ4dzVzNFpuMmxSQUg4JTJCUlRobFUyS016eEgyUWR5VnJBJTNEJTNE
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-0b380fe6-192d-48f5-bd67-83ebd38466c3-003%22%7D
.postrelease.com/ Name: opt_out
Value: 1
.tremorhub.com/ Name: tvid
Value: a350296089d64bbb96e601c60e202ffb

11 Console Messages

Source Level URL
Text
network error URL: https://a.quora.com/qevents.js
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://idsync.rlcdn.com/501709.gif?partner_uid=7a3e7b6d-ee01-4b84-9e26-88a16df76519%3A1745634401.1291068&_=1745634401.1316233
Message:
Failed to load resource: the server responded with a status of 451 ()
other warning URL: https://us.creativecdn.com/ig-membership?ntk=zF-Jnw1DAtSB_FK3zbiqLvZfECdz7W-kAl0_03pykBxr8YKXuJ5Upi7b1lVCWDnZQsIEdoTY3KicC9iSBZKMbnwskPJqKqIKQySEzo7tezKhvurnrM9sQNueW6Tm4CnmwN3hrsTic5l89-Zhww-Nd9UiJDfwy85shmWp1I3N6ENriOP0wX92IEGUTmlKYFUzs1tCEf9o_oQfzqvgCTp4AFL3bJBTrzYjHZvUqv9UN8nfJEqGImbTaTio6y61nVjnDzXlmRkYHlammrUAQ1wpMWx8aSbDambtAbWRdvGBCjDWmH7TE9cuOKd5mEPTU23_
Message:
In the future, Permissions Policy feature join-ad-interest-group will not be enabled by default in cross-origin iframes or same-origin iframes nested in cross-origin iframes. Calling joinAdInterestGroup will be rejected with NotAllowedError if it is not explicitly enabled
other warning URL: https://us.creativecdn.com/ig-membership?ntk=zF-Jnw1DAtSB_FK3zbiqLvZfECdz7W-kAl0_03pykBxr8YKXuJ5Upi7b1lVCWDnZQsIEdoTY3KicC9iSBZKMbnwskPJqKqIKQySEzo7tezKhvurnrM9sQNueW6Tm4CnmwN3hrsTic5l89-Zhww-Nd9UiJDfwy85shmWp1I3N6ENriOP0wX92IEGUTmlKYFUzs1tCEf9o_oQfzqvgCTp4AFL3bJBTrzYjHZvUqv9UN8nfJEqGImbTaTio6y61nVjnDzXlmRkYHlammrUAQ1wpMWx8aSbDambtAbWRdvGBCjDWmH7TE9cuOKd5mEPTU23_
Message:
In the future, Permissions Policy feature join-ad-interest-group will not be enabled by default in cross-origin iframes or same-origin iframes nested in cross-origin iframes. Calling joinAdInterestGroup will be rejected with NotAllowedError if it is not explicitly enabled
other warning URL: https://us.creativecdn.com/ig-membership?ntk=zF-Jnw1DAtSB_FK3zbiqLvZfECdz7W-kAl0_03pykBxr8YKXuJ5Upi7b1lVCWDnZQsIEdoTY3KicC9iSBZKMbnwskPJqKqIKQySEzo7tezKhvurnrM9sQNueW6Tm4CnmwN3hrsTic5l89-Zhww-Nd9UiJDfwy85shmWp1I3N6ENriOP0wX92IEGUTmlKYFUzs1tCEf9o_oQfzqvgCTp4AFL3bJBTrzYjHZvUqv9UN8nfJEqGImbTaTio6y61nVjnDzXlmRkYHlammrUAQ1wpMWx8aSbDambtAbWRdvGBCjDWmH7TE9cuOKd5mEPTU23_
Message:
In the future, Permissions Policy feature join-ad-interest-group will not be enabled by default in cross-origin iframes or same-origin iframes nested in cross-origin iframes. Calling joinAdInterestGroup will be rejected with NotAllowedError if it is not explicitly enabled
other warning URL: https://us.creativecdn.com/ig-membership?ntk=zF-Jnw1DAtSB_FK3zbiqLvZfECdz7W-kAl0_03pykBxr8YKXuJ5Upi7b1lVCWDnZQsIEdoTY3KicC9iSBZKMbnwskPJqKqIKQySEzo7tezKhvurnrM9sQNueW6Tm4CnmwN3hrsTic5l89-Zhww-Nd9UiJDfwy85shmWp1I3N6ENriOP0wX92IEGUTmlKYFUzs1tCEf9o_oQfzqvgCTp4AFL3bJBTrzYjHZvUqv9UN8nfJEqGImbTaTio6y61nVjnDzXlmRkYHlammrUAQ1wpMWx8aSbDambtAbWRdvGBCjDWmH7TE9cuOKd5mEPTU23_
Message:
In the future, Permissions Policy feature join-ad-interest-group will not be enabled by default in cross-origin iframes or same-origin iframes nested in cross-origin iframes. Calling joinAdInterestGroup will be rejected with NotAllowedError if it is not explicitly enabled
other warning URL: https://us.creativecdn.com/ig-membership?ntk=zF-Jnw1DAtSB_FK3zbiqLvZfECdz7W-kAl0_03pykBxr8YKXuJ5Upi7b1lVCWDnZQsIEdoTY3KicC9iSBZKMbnwskPJqKqIKQySEzo7tezKhvurnrM9sQNueW6Tm4CnmwN3hrsTic5l89-Zhww-Nd9UiJDfwy85shmWp1I3N6ENriOP0wX92IEGUTmlKYFUzs1tCEf9o_oQfzqvgCTp4AFL3bJBTrzYjHZvUqv9UN8nfJEqGImbTaTio6y61nVjnDzXlmRkYHlammrUAQ1wpMWx8aSbDambtAbWRdvGBCjDWmH7TE9cuOKd5mEPTU23_
Message:
In the future, Permissions Policy feature join-ad-interest-group will not be enabled by default in cross-origin iframes or same-origin iframes nested in cross-origin iframes. Calling joinAdInterestGroup will be rejected with NotAllowedError if it is not explicitly enabled
other warning URL: https://us.creativecdn.com/ig-membership?ntk=zF-Jnw1DAtSB_FK3zbiqLvZfECdz7W-kAl0_03pykBxr8YKXuJ5Upi7b1lVCWDnZQsIEdoTY3KicC9iSBZKMbnwskPJqKqIKQySEzo7tezKhvurnrM9sQNueW6Tm4CnmwN3hrsTic5l89-Zhww-Nd9UiJDfwy85shmWp1I3N6ENriOP0wX92IEGUTmlKYFUzs1tCEf9o_oQfzqvgCTp4AFL3bJBTrzYjHZvUqv9UN8nfJEqGImbTaTio6y61nVjnDzXlmRkYHlammrUAQ1wpMWx8aSbDambtAbWRdvGBCjDWmH7TE9cuOKd5mEPTU23_
Message:
In the future, Permissions Policy feature join-ad-interest-group will not be enabled by default in cross-origin iframes or same-origin iframes nested in cross-origin iframes. Calling joinAdInterestGroup will be rejected with NotAllowedError if it is not explicitly enabled
other warning URL: https://us.creativecdn.com/ig-membership?ntk=zF-Jnw1DAtSB_FK3zbiqLvZfECdz7W-kAl0_03pykBxr8YKXuJ5Upi7b1lVCWDnZQsIEdoTY3KicC9iSBZKMbnwskPJqKqIKQySEzo7tezKhvurnrM9sQNueW6Tm4CnmwN3hrsTic5l89-Zhww-Nd9UiJDfwy85shmWp1I3N6ENriOP0wX92IEGUTmlKYFUzs1tCEf9o_oQfzqvgCTp4AFL3bJBTrzYjHZvUqv9UN8nfJEqGImbTaTio6y61nVjnDzXlmRkYHlammrUAQ1wpMWx8aSbDambtAbWRdvGBCjDWmH7TE9cuOKd5mEPTU23_
Message:
In the future, Permissions Policy feature join-ad-interest-group will not be enabled by default in cross-origin iframes or same-origin iframes nested in cross-origin iframes. Calling joinAdInterestGroup will be rejected with NotAllowedError if it is not explicitly enabled
other warning URL: https://us.creativecdn.com/ig-membership?ntk=zF-Jnw1DAtSB_FK3zbiqLvZfECdz7W-kAl0_03pykBxr8YKXuJ5Upi7b1lVCWDnZQsIEdoTY3KicC9iSBZKMbnwskPJqKqIKQySEzo7tezKhvurnrM9sQNueW6Tm4CnmwN3hrsTic5l89-Zhww-Nd9UiJDfwy85shmWp1I3N6ENriOP0wX92IEGUTmlKYFUzs1tCEf9o_oQfzqvgCTp4AFL3bJBTrzYjHZvUqv9UN8nfJEqGImbTaTio6y61nVjnDzXlmRkYHlammrUAQ1wpMWx8aSbDambtAbWRdvGBCjDWmH7TE9cuOKd5mEPTU23_
Message:
In the future, Permissions Policy feature join-ad-interest-group will not be enabled by default in cross-origin iframes or same-origin iframes nested in cross-origin iframes. Calling joinAdInterestGroup will be rejected with NotAllowedError if it is not explicitly enabled
other warning URL: https://us.creativecdn.com/ig-membership?ntk=zF-Jnw1DAtSB_FK3zbiqLvZfECdz7W-kAl0_03pykBxr8YKXuJ5Upi7b1lVCWDnZQsIEdoTY3KicC9iSBZKMbnwskPJqKqIKQySEzo7tezKhvurnrM9sQNueW6Tm4CnmwN3hrsTic5l89-Zhww-Nd9UiJDfwy85shmWp1I3N6ENriOP0wX92IEGUTmlKYFUzs1tCEf9o_oQfzqvgCTp4AFL3bJBTrzYjHZvUqv9UN8nfJEqGImbTaTio6y61nVjnDzXlmRkYHlammrUAQ1wpMWx8aSbDambtAbWRdvGBCjDWmH7TE9cuOKd5mEPTU23_
Message:
In the future, Permissions Policy feature join-ad-interest-group will not be enabled by default in cross-origin iframes or same-origin iframes nested in cross-origin iframes. Calling joinAdInterestGroup will be rejected with NotAllowedError if it is not explicitly enabled

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

13811400.fls.doubleclick.net
a.quora.com
a.twiago.com
aa.agkn.com
ad.360yield.com
ad.doubleclick.net
ad.yieldlab.net
adservice.google.com
analytics.tiktok.com
analytics.twitter.com
b-code.liadm.com
bat.bing.com
bat.bing.net
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
ct.pinterest.com
d.turn.com
d1pqvb2h9xgm7r.cloudfront.net
d9i5ve8f04qxt.cloudfront.net
dis.criteo.com
dpm.demdex.net
dsp-ap.eskimi.com
dsp-media.eskimi.com
dsp-trk.eskimi.com
dynamic.criteo.com
eb2.3lift.com
exchange.mediavine.com
fonts.googleapis.com
fonts.gstatic.com
gum.criteo.com
i.liadm.com
i.ytimg.com
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
jadserve.postrelease.com
jnn-pa.googleapis.com
live.rezync.com
match.adsrvr.org
mid.rkdms.com
n.clarity.ms
p.rfihub.com
parasiterelief.com
pixel.rubiconproject.com
q.quora.com
r.casalemedia.com
region1.analytics.google.com
region1.google-analytics.com
rp.liadm.com
rr5---sn-4g5lznl7.googlevideo.com
rr8---sn-n02xgoxufvg3-2gbs.googlevideo.com
rtb-csync.smartadserver.com
s.pinimg.com
sc-static.net
secure.parasiterelief.com
service3.purehealthresearch.com
simage2.pubmatic.com
sslwidget.criteo.com
static.ads-twitter.com
stats.g.doubleclick.net
sync-t1.taboola.com
sync.1rx.io
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
t.co
tags.creativecdn.com
td.doubleclick.net
tr.snapchat.com
tr6.snapchat.com
us.creativecdn.com
widget.as.criteo.com
widget.us.criteo.com
www.clarity.ms
www.google.com
www.google.de
www.googletagmanager.com
www.p8btrk.com
www.youtube-nocookie.com
www.youtube.com
x.bidswitch.net
yt3.ggpht.com
a.quora.com
mid.rkdms.com
rr5---sn-4g5lznl7.googlevideo.com
100.28.91.13
103.231.98.109
104.18.27.193
108.128.223.16
108.177.15.155
13.107.246.45
13.32.23.228
134.209.162.206
141.226.228.48
141.95.33.120
142.250.184.202
142.250.185.110
142.250.185.130
142.250.185.131
142.250.185.161
142.250.185.198
142.250.185.246
142.250.186.162
142.250.186.166
142.250.186.78
146.75.120.157
150.171.28.10
157.240.0.6
162.159.140.229
162.159.153.247
169.150.247.36
172.175.234.12
172.217.16.195
172.217.18.100
172.217.18.8
172.66.0.227
178.250.1.11
178.250.1.8
178.250.1.9
18.185.212.71
182.161.74.16
184.30.16.136
185.89.211.116
188.42.63.48
188.42.63.49
193.0.160.131
195.181.170.19
2.16.204.196
2.16.253.92
2.23.180.24
216.169.159.30
216.239.34.36
216.58.206.74
23.215.120.185
3.163.248.4
3.167.226.105
3.167.227.50
3.216.100.41
34.196.252.155
34.225.110.11
34.238.57.138
34.98.80.218
35.190.43.134
35.214.136.108
35.244.174.68
44.242.121.227
46.228.164.13
46.228.174.117
52.223.40.198
54.175.159.191
54.72.175.61
54.72.72.193
54.76.71.127
65.9.66.36
69.173.144.139
70.42.32.159
74.119.117.16
74.125.163.170
76.223.111.18
81.17.55.172
85.215.5.31
95.168.222.147
06143eedcd4f9c6a6a7a8709abda840f06f8f9fec4fe643df1e4730e85f3514d
074d6bb4517605e82a8d5cb76e4e041c19bf327e671bc8a578eafd986ffa76c3
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
106d82c3325d9bced5cea1fa654c707e94e9f7790eedd8b4c7b312e0cda024b1
107463d357453795afffc9881abd53e89938b84b9cba17e3b25fa3f19584332d
1549a7df807d849f223840eaefbbaf7716e150221099b8ec102e48b18334cd43
15fce230b1703e8559fa88b5bb7ef99d51c1ec981cbbb221e3231a02877d97b1
19ada4ecb55ee2afc081edd3ff27ae4c29cea6705df73aebe9560056c5ba8103
1ed0a5d8b95b8fbae77eb35275ffdf02ed05aa25bbbcfba70513606190bea2af
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2
20c945dd45453f8119a64d82799d8571eabcced2774eb191ef7bbebdc98f9fe1
20d1160d4baa8eb4c0ad192f9497de3a531a2a2d4357006ea7d5bb29f8b0d838
22755a821cfc08dcbfdd717c4bb61c242c11cee9d71c9d73a34a9075e8808502
28a90a45b011536e1283ce734d208241d59c582b039dedfc51942a845c9708eb
29e0af459d692fbde057c7f92a42a148a7935668856191c251971d79770a5cee
2a926bde4bb093f62a3297465dd48e0447f5687f36a8a4dcffce2e83a6254e04
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2e914ba245ff42449ed9ad8103d185ec7f8ddf5896a1b1a1b9c0a5427893c420
2f78347482d58752269a7b46dd5e22e8958f88dcb081d96d0cac3a994c284b8f
303decce9975dcdb67c4be4347b959925851bfef174da276f5e48d55fc34a690
30b7f0adc63bb1e3010cee77e9aa68b9aa8511ec29abb030a2a7d710473951a9
321ed67858b1984d619cda28040b7dcf5ff3a369620ebf4bf15969eb8bae1737
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
343c94d27c8b9f920f7e03615dd79e9eb4639aeacc3f4d1a4fb466c5ed5ee160
378f8d35cc9df5cd8dcca28562f11b244b5cce0df98a8807f98a506610f01153
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3bb5fdf2030456fac4167dd69ab5137a70fd2bbf29931859454ead1057cb0a71
3c7f0e1d41363f08cfbee1612dc2e7d191295684b9611f255414481449b6f027
3ca9e609ef3f582aec6955e30de3ea1a0a33186bf6b10105d9e8391c4ba8ad21
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3efc71c659cfeabad814a119386ca397e6e3a143f53e02555719b70c02657cf1
405f97b29f07e51f3eeca509f0fcad555a687da609a979fab7d478cb374dd95a
423bd4e7c8e6cd68b9f81fcb40d206864f5e1f05946e9b54cf9f3f2f24fad433
4895538d33634a75734cee5bcf1a8fcf60ee121473c0130388f01b18c0442a59
4948ae9b9ce5ffaa094ee10699aaea6f5ed4c056b824a62188e976dc3578106f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d430f5541792738f4195a4ab4940b83fadba766ee6445e1dbc3699f25fc392d
4dcc63f7d8103225fdef27e536a7ef191efca98ee1c806bc1795ad1d483e235e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e687af4507ee911e92498208c154c59437d0ee76ae1c07cfebe4f056415e095
533bed525f0f843098d42b35984562c3704a30b76a2dedfc72c4736de42a8305
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
559d22c7029220e679549149b41e59cc081db8f29b027b7e0c9937e9cad81500
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
634911f7bbbfcc81630dedae58254734198bab073943f1c7fb725311e1104270
63e44c0db82beab91a6620b77a168d56986fe9b707fb512329f9bd582632c1a6
646b7792d35d84adcdd21728d9ade542699c34cb60c58ee2753ecdb16a529a59
66e4ade96e71292f3f73d563b7b72a37f7a7342a34ffc784ac02cee0ab762c47
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
759043dafa55d63c0788faf5611e14607e598d740d5bc64ecc772d841014d04c
772cd94446dda1927d6ad35b0dc0f5a0365355991f4a6d07b4d8b4d6e79b2fc8
79ab52ce2f8125c16dcdd9dc05415aeee02f633607022a9a90a92a91bb767c63
7ae49d44ed8b5a8fb320a43b8db242b272dd3bdbc00cb042307ea9139bcaef57
7d9bce3c0ed9c0feb96d2b7de663cefd43069a940bf3484c5b1fa66946dd3e2f
813307432e6cbd281b09de60dd60ce3d04f4f7416cb505ca16697edf87fd710c
845944fd98cff955be89d38a65136c0b34e901aaa7576ca7f6389a29f8877afa
85ab852bfb2016bce3933a1c7107b1bce807179f46364db291ab1f86b89addbb
871278650326a7f27dbb9c6442242bc9d702b4a96db81edc2b86138d1cfd6d9e
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8fdbfa23058836e9a847e16898c904faa58a54b48830af1df5a344bb69b591e6
95e69570e8e390f7ff1264bdb4ee08053210e6dac2cf85fee8c418e073a48403
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9cbb567162928ebcea94da122cbd96b6a134ff0d31ec9f92a289aee0f0a277b2
9dce8e874f6e7a89f7f3ac819f413767dd02e9401ffdc980f80ee60978c3923d
9e109e9f294480040f4b56214b80e1ff2c1e7bca9a5f6ca504ef1f5678befa24
9e4a29715e349b9f5fbafd3ddd174d8b72e7005ff497da13781b673b6990d3f9
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0fd31c9d35d7ce7a1415c9933cabec117731e87841f668608a51cdcbe648037
a2bea5487f8cb1a55a3acc4d697aaa8252d6a45ae6fb36628c318091c1a73140
a386b0da87f0649ef0478bc43b05a8827ba7730f480f5450dfd92f7735a44ad0
aae619d8496b3b9180fd5cf42ac6c51150d785f307eb7afe0328d3e006b4c72c
ac466bc96912aea14f30727015926ee013a7224523cdeb7f3ca493d574c19134
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ac89958fd75e99eba92cdb3f927cce205bd05c2c6ffe643c4bf52ca6558d61b3
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
b7876717cc8d2ae0ba33553df0da46e77800bd9cd614bdc2ea84b988e84165db
b8610a09a25de7f667082d21b6fa3ebeeb53de1625978089df7a270799630a94
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
be941e5f7d4a147750c438cf40407bcddff4c38c14c490b0df8972b089715649
c2f87a1c825ebabd93e81bdc453bde35a564e8b1c597c071cc2cd066c3952a99
c58f785818b93e3b26713a94f24353f9621a96e4bb346eb3e93aa29886828870
c8b624ad07331f0d6c28a75c54582cf826c19b8c7ef32eb5a0bb948fc2c7f374
c9826309b452d120fd6d1cfc0cf457b923024f39d7098265a4c5e1e27d6a96e7
ca14aae4a646ad6d456e603809aba0f887e6a005858b4d0ad43b4fc514b5d8ec
ca72769c3da7356e93ad4127f8e3ec4d2bd94911ec760f7071974149bfa0d8d6
ca90cdeec52fa19974c76902451e5341f30853d59d2e14fcc327cfc80cfb2253
ccf770067f160613d2e02f3ade8147245c71f2c06dcd0505a9cb58820038bdee
cde6db30cd94a59113eea90f7b63dcea7d429d7fa76ea7d5c832738333b07523
cf2f6b3614bdc2584d5532a81f676fb200f9fd7312512452e3e5306861099ac5
d0fcc74c8549bfee94585e573ccfb5f47f8e63e8694ab5a46300e462577086a1
d36b373b44b77f016e4b7df913ba2da2a8025456f016bc794861f210c0e3ada3
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d80178f9583450bd4742fa22fd210a2195a06beae7af0539cdce10ee05d1137f
d86dc3454bdf2110a74e7ba300b641a0700839347df9e6d08232dbbcde4fcde4
dcdffd8fd5c00ca0ac42d4998e82c8a62bbc15d0c461f33e7f889dd3344ccec4
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e0993bbdff1b01883ab0db97fbf4813270ec4fe1b587a3941bbaf67b38e16275
e277768ac5caa2cf314ff4b98f92382cd8182039ceaec80c2d1f756031c762a2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb03366b7463331036ef4c68e80e870cbba9bdf5faa895c7d73d6e6bfdf6f5d1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f334e0f736a0e1375dbb6b1301d9cd6a602af3c64268167999c37cae9d0fa55b
f3bfa170050f83e66a1726f4ccf689b6fc8700fce990ec07c444e537d6faa968
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
fade2ce6adae887b74ec513884f0afe3642fee2fb264425bc3c149748869b5ec
fb06b1b75bea144d3a76f2f5df471bc445e910e6cafee16929785707cadbe929
ff285c3beb06a42b03ce3a8a860f160216bf3c3ea5c0aae96125c23c017c45b4