www.scamfoo.com Open in urlscan Pro
163.172.255.115 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.scamfoo.com/site/mybridger.com/
Submission: On February 22 via manual (February 22nd 2023, 6:15:42 pm UTC) from US — Scanned from FR

Summary HTTP 371 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 44 IPs in 7 countries across 27 domains to perform 371 HTTP transactions. The main IP is 163.172.255.115, located in France and belongs to Online SAS, FR. The main domain is www.scamfoo.com.
TLS certificate: Issued by R3 on December 28th 2022. Valid for: 3 months.

This is the only time www.scamfoo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	163.172.255.115 163.172.255.115	12876 (Online SAS) (Online SAS)
4	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:400d:80c::200a	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2b	20446 (STACKPATH...) (STACKPATH-CDN)
16	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
11 13	2a00:1450:400... 2a00:1450:400d:808::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:400d:804::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80e::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:806::2004	15169 (GOOGLE) (GOOGLE)
6	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
7	199.232.196.134 199.232.196.134	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
2	185.180.12.68 185.180.12.68	60068 (CDN77 ^_^) (CDN77 ^_^)
22	2600:9000:223... 2600:9000:223d:5200:6:8656:f5c0:93a1	16509 (AMAZON-02) (AMAZON-02)
8	151.101.192.134 151.101.192.134	54113 (FASTLY) (FASTLY)
27	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	18.66.112.67 18.66.112.67	16509 (AMAZON-02) (AMAZON-02)
2	199.232.192.64 199.232.192.64	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:400d:807::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
48	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
2 6	108.138.189.32 108.138.189.32	16509 (AMAZON-02) (AMAZON-02)
32	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
3	2a02:2638:3::9 2a02:2638:3::9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638::2 2a02:2638::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
16	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
45	2406:2600:4::1 2406:2600:4::1	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
5	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
31	2a02:2638::c 2a02:2638::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
8	2a02:2638::21 2a02:2638::21	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	2a00:1450:400... 2a00:1450:400d:802::2003	15169 (GOOGLE) (GOOGLE)
6	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
6	2600:1f18:612... 2600:1f18:612b:4200:b1cf:6448:b8ed:e475	14618 (AMAZON-AES) (AMAZON-AES)
3 9	104.96.145.246 104.96.145.246	16625 (AKAMAI-AS) (AKAMAI-AS)
2	142.250.201.195 142.250.201.195	15169 (GOOGLE) (GOOGLE)
1	35.157.214.223 35.157.214.223	16509 (AMAZON-02) (AMAZON-02)
3 3	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
3	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
371	44

1 163.172.255.115 (France)

ASN12876 (Online SAS, FR)
PTR: 163-172-255-115.rev.poneytelecom.eu

www.scamfoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:80c::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:400d:808::2004 (Ireland) 11 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:804::2004 (Ireland)

ASN15169 (GOOGLE, US)

t2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80e::2004 (Ireland)

ASN15169 (GOOGLE, US)

t3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:806::2004 (Ireland)

ASN15169 (GOOGLE, US)

t0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 199.232.196.134 (United States)

ASN54113 (FASTLY, US)

scamfoo.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
referrer.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.180.12.68 (Vienna, Austria)

ASN60068 (CDN77 ^_^, GB)
PTR: edge-731.bunnyinfra.net

a.optnmstr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2600:9000:223d:5200:6:8656:f5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.192.134 (United States)

ASN54113 (FASTLY, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-67.fra56.r.cloudfront.net

api.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.192.64 (United States)

ASN54113 (FASTLY, US)

tempest.services.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:807::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

48 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstatb.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 108.138.189.32 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-138-189-32.mxp64.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-vid-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

45 2406:2600:4::1 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a02:2638::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:2638::21 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:802::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:1f18:612b:4200:b1cf:6448:b8ed:e475 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

taboola-supply-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.96.145.246 (Vienna, Austria) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-145-246.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.201.195 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s35-in-f3.1e100.net

p4-hpwjbghamdl72-vuxl5tt62pknex5i-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.157.214.223 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-214-223.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.71.149.231 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
84	criteo.net static.criteo.net — Cisco Umbrella Rank: 630 pix.eu.criteo.net — Cisco Umbrella Rank: 8393 csm.eu.criteo.net — Cisco Umbrella Rank: 8410	2 MB
66	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 900 trc.taboola.com — Cisco Umbrella Rank: 644 trc-events.taboola.com — Cisco Umbrella Rank: 1739 vidstat.taboola.com — Cisco Umbrella Rank: 2678 am-trc-events.taboola.com — Cisco Umbrella Rank: 15378 images.taboola.com — Cisco Umbrella Rank: 1664 imprammp.taboola.com — Cisco Umbrella Rank: 13409 am-match.taboola.com — Cisco Umbrella Rank: 13192 wf.taboola.com — Cisco Umbrella Rank: 2758 am-vid-events.taboola.com — Cisco Umbrella Rank: 12919 sync.taboola.com — Cisco Umbrella Rank: 946 vidstatb.taboola.com — Cisco Umbrella Rank: 4572 pips.taboola.com — Cisco Umbrella Rank: 1555 cds.taboola.com — Cisco Umbrella Rank: 1624	2 MB
48	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 tpc.googlesyndication.com — Cisco Umbrella Rank: 137	616 KB
26	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 41	172 KB
24	gstatic.com t2.gstatic.com t3.gstatic.com t0.gstatic.com fonts.gstatic.com www.gstatic.com p4-hpwjbghamdl72-vuxl5tt62pknex5i-if-v6exp3-v4.metric.gstatic.com	219 KB
22	disquscdn.com c.disquscdn.com — Cisco Umbrella Rank: 4924	772 KB
17	criteo.com rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 13105 ads.eu.criteo.com — Cisco Umbrella Rank: 8334 rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 15146 gum.criteo.com — Cisco Umbrella Rank: 391 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 14647	246 KB
17	disqus.com scamfoo.disqus.com disqus.com — Cisco Umbrella Rank: 1214 tempest.services.disqus.com — Cisco Umbrella Rank: 15993 referrer.disqus.com — Cisco Umbrella Rank: 7187	139 KB
15	google.com 11 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 72	3 KB
13	rubiconproject.com 3 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 848 eus.rubiconproject.com — Cisco Umbrella Rank: 528 token.rubiconproject.com — Cisco Umbrella Rank: 542 pixel.rubiconproject.com — Cisco Umbrella Rank: 316	34 KB
9	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 183	432 KB
6	tremorhub.com taboola-supply-partners.tremorhub.com — Cisco Umbrella Rank: 3343	1 KB
6	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 295	2 KB
6	scorecardresearch.com 2 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 147	6 KB
6	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 196	28 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43	5 KB
4	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 768	114 KB
3	yahoo.com 3 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 273	570 B
2	google.fr adservice.google.fr — Cisco Umbrella Rank: 31439	696 B
2	omappapi.com a.omappapi.com — Cisco Umbrella Rank: 4807 api.omappapi.com — Cisco Umbrella Rank: 4970	4 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 284	146 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 863	463 B
1	optnmstr.com a.optnmstr.com — Cisco Umbrella Rank: 47556	19 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 699	33 KB
1	scamfoo.com www.scamfoo.com	8 KB
0	alexa.com Failed traffic.alexa.com Failed
371	27

	Domain	Requested by
45	static.criteo.net	ads.eu.criteo.com www.scamfoo.com
32	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
31	pix.eu.criteo.net	ads.eu.criteo.com www.scamfoo.com
26	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net www.scamfoo.com
22	c.disquscdn.com	scamfoo.disqus.com disqus.com c.disquscdn.com www.scamfoo.com
16	pagead2.googlesyndication.com	www.scamfoo.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
13	cdn.taboola.com	www.scamfoo.com cdn.taboola.com
13	www.google.com	11 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
12	images.taboola.com	www.scamfoo.com
9	www.googletagservices.com	googleads.g.doubleclick.net
9	fonts.gstatic.com	fonts.googleapis.com
8	csm.eu.criteo.net	ads.eu.criteo.com
8	vidstat.taboola.com	cdn.taboola.com vidstat.taboola.com
8	disqus.com	scamfoo.disqus.com c.disquscdn.com
6	eus.rubiconproject.com	imprammp.taboola.com am-match.taboola.com eus.rubiconproject.com
6	taboola-supply-partners.tremorhub.com	imprammp.taboola.com am-match.taboola.com
6	match.adsrvr.org	imprammp.taboola.com am-match.taboola.com
6	www.gstatic.com	googleads.g.doubleclick.net
6	sb.scorecardresearch.com	2 redirects cdn.taboola.com www.scamfoo.com
6	cdnjs.cloudflare.com	www.scamfoo.com ads.eu.criteo.com
6	fonts.googleapis.com	www.scamfoo.com client googleads.g.doubleclick.net
5	am-trc-events.taboola.com	www.scamfoo.com
5	cat.nl3.eu.criteo.com	ads.eu.criteo.com
5	trc.taboola.com	cdn.taboola.com www.scamfoo.com
5	ads.eu.criteo.com	googleads.g.doubleclick.net
5	referrer.disqus.com	www.scamfoo.com
5	t2.gstatic.com	www.scamfoo.com
4	wf.taboola.com	vidstat.taboola.com
4	am-match.taboola.com	vidstat.taboola.com
4	maxcdn.bootstrapcdn.com	www.scamfoo.com maxcdn.bootstrapcdn.com
3	token.rubiconproject.com	eus.rubiconproject.com
3	ups.analytics.yahoo.com	3 redirects
3	secure-assets.rubiconproject.com	3 redirects
3	trc-events.taboola.com	www.scamfoo.com
3	rtb.nl3.eu.criteo.com	googleads.g.doubleclick.net www.scamfoo.com
2	cds.taboola.com	cdn.taboola.com
2	pips.taboola.com	cdn.taboola.com
2	vidstatb.taboola.com	www.scamfoo.com
2	sync.taboola.com	am-match.taboola.com
2	p4-hpwjbghamdl72-vuxl5tt62pknex5i-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-hpwjbghamdl72-vuxl5tt62pknex5i-if-v6exp3-v4.metric.gstatic.com
2	am-vid-events.taboola.com	www.scamfoo.com
2	imprammp.taboola.com	vidstat.taboola.com
2	gum.criteo.com	cdn.taboola.com
2	rtb.fr.eu.criteo.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.fr	pagead2.googlesyndication.com
2	tempest.services.disqus.com	scamfoo.disqus.com
2	www.google-analytics.com	www.scamfoo.com www.google-analytics.com
2	scamfoo.disqus.com	www.scamfoo.com scamfoo.disqus.com
1	pixel.rubiconproject.com	eus.rubiconproject.com
1	x.bidswitch.net	imprammp.taboola.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	api.omappapi.com	a.optnmstr.com
1	a.omappapi.com	a.optnmstr.com
1	a.optnmstr.com	www.scamfoo.com
1	t0.gstatic.com	www.scamfoo.com
1	t3.gstatic.com	www.scamfoo.com
1	code.jquery.com	www.scamfoo.com
1	www.scamfoo.com
0	traffic.alexa.com Failed	www.scamfoo.com
371	60

This site contains links to these domains. Also see Links.

Domain
www.apivoid.com
www.mywot.com
www.google.com
www.avira.com
badbitcoin.org
trafficlight.bitdefender.com
www.spam404.com
www.spamhaus.org
www.surbl.org
threatlog.com
www.alexa.com
www.mcafeesecure.com
www.ip2location.com
www.imagesmaller.com
www.mp3louder.com
www.privalicy.com

Subject Issuer	Validity	Valid
www.scamfoo.com R3	`2022-12-28` - `2023-03-28`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.disqus.com Sectigo RSA Domain Validation Secure Server CA	`2022-04-20` - `2023-04-20`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
a.optnmstr.com R3	`2023-01-14` - `2023-04-14`	3 months	crt.sh
a.disquscdn.com Amazon	`2022-09-30` - `2023-10-29`	a year	crt.sh
a.omappapi.com R3	`2023-01-14` - `2023-04-14`	3 months	crt.sh
api.opmnstr.com Amazon	`2023-01-10` - `2024-02-08`	a year	crt.sh
*.services.disqus.com GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-11-04` - `2023-12-06`	a year	crt.sh
*.google.fr GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
*.scorecardresearch.com Amazon	`2022-12-30` - `2024-01-28`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-04` - `2023-04-05`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-22` - `2023-03-26`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-18` - `2023-05-20`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-04` - `2023-03-31`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-15`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-17`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-17` - `2023-04-04`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-05` - `2023-05-04`	a year	crt.sh

This page contains 42 frames:

Primary Page: https://www.scamfoo.com/site/mybridger.com/
Frame ID: 263B2B3E5DD1789362F573D669D03C70
Requests: 49 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20190131/zrt_lookup.html
Frame ID: DA39BD5638DCCB696A6BFC6EADA5DF4C
Requests: 1 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=scamfoo&t_i=126513&t_u=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F&t_d=Is%20Mybridger.com%20Scam%2C%20Fraudulent%20or%20Safe%3F%20%7C%20ScamFoo&t_t=Is%20Mybridger.com%20Scam%2C%20Fraudulent%20or%20Safe%3F%20%7C%20ScamFoo&s_o=default
Frame ID: 794848C5911465EF4766C2C7F1A963AB
Requests: 22 HTTP requests in this frame

Frame: https://disqus.com/recommendations/?base=default&f=scamfoo&t_u=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F&t_d=Is%20Mybridger.com%20Scam%2C%20Fraudulent%20or%20Safe%3F%20%7C%20ScamFoo&t_t=Is%20Mybridger.com%20Scam%2C%20Fraudulent%20or%20Safe%3F%20%7C%20ScamFoo
Frame ID: 0C7139F84E1882B2B64FC1B7C702481D
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2303590238526826&output=html&adk=1812271804&adf=3025194257&lmt=1677089733&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x945_l%7C260x945_r&format=0x0&url=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677089733192&bpp=6&bdt=518&idt=284&shv=r20230216&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8232058220225&frm=20&pv=2&ga_vid=880433619.1677089733&ga_sid=1677089734&ga_hid=1012116864&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44777877%2C44759837%2C31072348%2C44779794&oid=2&pvsid=271215218793982&tmod=480944890&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=313
Frame ID: 7121D10DD257C9CDF4C463198CD091B8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2303590238526826&output=html&h=280&slotname=1433402308&adk=207406793&adf=289864595&pi=t.ma~as.1433402308&w=728&fwrn=4&fwrnh=100&lmt=1677089733&rafmt=1&format=728x280&url=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677089733198&bpp=2&bdt=524&idt=314&shv=r20230216&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8232058220225&frm=20&pv=1&ga_vid=880433619.1677089733&ga_sid=1677089734&ga_hid=1012116864&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=708&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44777877%2C44759837%2C31072348%2C44779794&oid=2&pvsid=271215218793982&tmod=480944890&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=Mo%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Cd4HZvSP4v&p=https%3A//www.scamfoo.com&dtd=320
Frame ID: 2344283382F1FDCDF0943F520CF90658
Requests: 8 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/disqus-network/loader.js
Frame ID: 9D4A4FCBD7920CAE93B8B15A07E8ACB4
Requests: 35 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/disqus-network/loader.js
Frame ID: E55285CBF2C5ED208E45F9F464E0FEED
Requests: 29 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2303590238526826&output=html&h=280&slotname=1433402308&adk=207406793&adf=1071414349&pi=t.ma~as.1433402308&w=728&fwrn=4&fwrnh=100&lmt=1677089733&rafmt=1&format=728x280&url=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677089733200&bpp=1&bdt=526&idt=335&shv=r20230216&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=1&correlator=8232058220225&frm=20&pv=1&ga_vid=880433619.1677089733&ga_sid=1677089734&ga_hid=1012116864&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=2339&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44777877%2C44759837%2C31072348%2C44779794&oid=2&pvsid=271215218793982&tmod=480944890&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=Mo%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=KJRCufyNED&p=https%3A//www.scamfoo.com&dtd=338
Frame ID: B528C7DDE0266A9110F9C8303E0D5AFC
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2303590238526826&output=html&h=280&slotname=1433402308&adk=207406793&adf=2620106563&pi=t.ma~as.1433402308&w=728&fwrn=4&fwrnh=100&lmt=1677089733&rafmt=1&format=728x280&url=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677089733201&bpp=1&bdt=527&idt=343&shv=r20230216&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C728x280&nras=1&correlator=8232058220225&frm=20&pv=1&ga_vid=880433619.1677089733&ga_sid=1677089734&ga_hid=1012116864&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=3790&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44777877%2C44759837%2C31072348%2C44779794&oid=2&pvsid=271215218793982&tmod=480944890&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=Mo%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=pvoMnEiiY8&p=https%3A//www.scamfoo.com&dtd=346
Frame ID: 723007FD649A9C87003ED97793F65A3B
Requests: 7 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_ZbxQAI8IwIFWNNAAnw4ruSF5zdO9WoqLZkag&u=%7CVmn2Rt7oCW1O%2BkoIFcFnlGHduR38db6%2BEku6yTWr1Qo%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8R0XTFg4n334JzDG0QxBnFq9TvfAZh2JF1Lf6idO3NjDE4el-hrBSYKDO-TBm-TWVPJQlv7FpMyij_dVDv1x90Za5hlfiIyiF5_Stq2bO-2TD5x8cLgiUhxlVdmcpSuIsFJJfrOTdq4FZSJqomQq1J5tx-JIOvRTgDSFKgEavoVTVFBqTs_aAT4R3l_7SHsn5lZ0m6ONhjxXjAoMwIK11fKbEWeNkxNjxasQVn0Y-ewum2r3Ppc3P_HKlF1R8OxD89g0chBD3QoyOKumkAyyhgB30-g7f6A804Azw5pkFP6PIWeTBiDvBVtbPdSbl0_R1l6d7FlS-sn5K-5x-8mbOOThg6F8sg7qBiV49fLtdV5GOIXdfGuiEnYyCB6YWh0Jw0x9O9J2U2kyTpOzk1LD7cLMQO0mA-z8_8KyX3OCGt56a5yPyO17Ok8bz77vnm3M1Eb_GHrY2FEEVHYmAlT2nHpdyNCz6_RXFXnY9dM4czWtsKtbtteOlPLCdHwQrc6FNs45-24GUcnE0vwd1-yW1Y13hBch80azhr44patO-fKBalZLN9xeui3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8KX4xVv2Y4zhI83G1fAP4uGnoArJntKxXL3xlPdwwI23ARABIABg-wGCARdjYS1wdWItMjMwMzU5MDIzODUyNjgyNsgBCakCxWIdQTnesT6oAwGqBNsBT9Cn_Obm5bDEID_OH20QyWUI7w5nvP8yopRfZXAfuRSX4d3hKTCKUHEdrg3ZR9e65E7jtkVKz8z-t5qfnMMqtZ-PUAFI6iCwcu78R3bouuoMTTUPOzaDl_7jvoRfjaDTcJ7nB2NTF3vptO3dvp5d-HRgNGi-20ovTwhCX7VK3C1koAa2fpq_k7jsU_l0IGvFqYQzjuvbBvRo4AqjRxG5irEMQv601csibhxiBffn3ZT5GQ26cZDe4D_XDjzdYJS-DrfK1GyJF5jSZ4c7kOVg22ptN9I_KV7Art_igAb-wcKCuN-mjagBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0j7GoNgQjbobzh_-Nq-SIHl6PPnQ%26client%3Dca-pub-2303590238526826%26adurl%3D
Frame ID: 2C38000BFA584DDE7F94D8B4F6B1A371
Requests: 18 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_ZbxQAI9dgIFUBiAAckh5JmRzHbJkX1XKwhYQ&u=%7CVmn2Rt7oCW1DvJxlNXgEU1uYlq5mZG8zROTAa%2BDRfo8%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8R0XTFg4n334JzDG0QxBnFq9TvfAZh2JF1Lf6idO3NjDJ2YjBJsR_QXoovszDeOkdBVSyXNKBQv_l3Wj924zlZkCmQoPwAVK--4USbOQEtYWOc969fAW-HcU6weC0PWh7x4UGOL9D-xzB28op5UoBmuE6H-LRyTWYK7fTeadkmrkduuL_FFY7lRSajiJvZ4ZZO82EPElnZCr9Q2tcBizlWbljqBWtukIoXIXWbpFj4uYsLSC5cj47PMuiXgrWvmYqzeHVql9StpI4MfTuSGtqXpJCOMvvMxiUn6E43O2yNcyuXGI0yTXYaRz47Ahe36jngTcDCA_Kzk7xT0hFNywy9WRO0auQKIkdbaUOhUBjCHq17NdeC9YOniGgWYf1ZiaS0ab_uE3XH2piThgr3x1wQZQJvWH71TyJm3km29GeD--LRVMOoahfKElT8b5rIkUZQLTXEnynLFYux01MrMrRAeC1Px1UC6fJTx2lweYjHAj63YHOwj9k843TujrNIzDHU9Ddjx-UY7N5zg-QiycnjfKqSPAYa8Tx9axuaqeb8xNBIVxqZVP0mg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC70NkxVv2Y9jrI-KA1fAPh8mcuAXJntKxXIX-l_dwwI23ARABIABg-wGCARdjYS1wdWItMjMwMzU5MDIzODUyNjgyNsgBCakCda6mCKjXsT6oAwGqBNsBT9CCN8ozHyasX9p4KCMU3BqM4P1j1_M7hswXnaRt5T3Yojf6alV4yFxppHMpUJ6V4QMAdgYtAkLtHZaq54SkqwDhXBbNP8Y8_z4ERjjnjR3XBeTDH9k_EhA6GxPYay5VzZV_peW0Cu_dXjnPWlbHPprxDQXGgL1KOmJu3QNXxf4bB8q2iPscmvKBvH92VEkSmQfUhm-2fdgGQC5XtfyHroFPEtkIYG-Z5QVJTTVliHWJyjnbbpEOMbDSjD0QqfNwQTJzuheXtzd1LkUJvlmgNgpRxMT0uppC0sXYgAb-wcKCuN-mjagBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3vFK8bOXWVLHymCngyLPd_SYrjcA%26client%3Dca-pub-2303590238526826%26adurl%3D
Frame ID: 8B4AB5E6FD71D62006718D61F7C79A25
Requests: 23 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_ZbxQAIddoIFWDKAAZfkdY3UwCxBWCQiX5URQ&u=%7CVmn2Rt7oCW2jpJkovDTFG8pe6NutlfC4ZiRv9BOR1lw%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8R0XTFg4n334JzDG0QxBnFq9TvfAZh2JF1Lf6idO3NjDHbFxs5Esp_7naQDXfhhBovVrEQEv6wHPU2-P_Ym_HTpTeRIQ1JGZmpZvobhPBnAgKapjog-e4nykE3jZQOQ82ifMhUBmokPnd4rnEdwiiGXtaPHUnJ2-xGOPFNfVUy7k26T_FrN_nYPx121Xxfkgu0Q2MnQCwBjCViWxEjX1lF6b5ZUgBCpVm1kwGJjP-K0xc3vwzZTkajTj0YMo6-Dpz9fMDiD_PmS_cM-ZU4G72eHTqqpARbRwPd-LPsZck4bTlVauFi_wFWB8qT-nBc4WIWmm8A-BPVvpTOSlNaAG8CTV-zuoW9foa3eXpcKtnufG46kVUy1-aujlh-ydG0T9zeiqvd4eWyh2Z9dwlM5aN0lBFXBol3Lyd09cPkp_yu0yLnkThafUGK9QIlA6RgSE48pO5ZdwcWCR1dQVT19xsci04sbO-z6uuxAUmcqE2qT62FEN7y0lWj_MKxRfAU0cKFJSdZO0JR6MnJcYdDV1hum7mhC8hC17z8rKEy6TLH4SeeocFupWXE9A1kXWqY6GwE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzZckxVv2Y9rrIcrB1fAPkb-ZqAzJntKxXM3x4t2IAcCNtwEQASAAYPsBggEXY2EtcHViLTIzMDM1OTAyMzg1MjY4MjbIAQmpAsViHUE53rE-qAMBqgTVAU_QFcBR-h3IVJyvpZtot02lt8NPJsuHWhB_CK14-5NoGdumvYxr8nV8ongaAIke0ebJfOkMp2yoRBVMSD7uS3ynrnD_hai2UX8yWKN-Mson5_WMoFvFsNzsFpc48GZJtHuzmoXH8xqy6UeJ79Beaiy8OWATTg8g5slSB3qMYTFY629eh8Uo3Z9wzM73EVBIAmPLUZ4fh1ur5iYr8rk9UALiGWzxBg5Qo9bKsDlPVrquZ5ztLEeaKq3rjvoYZsB7_mDpW1iXgA6JaZgfmkzn82zePe3fX4AG_sHCgrjfpo2oAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0XSiaw9UGu4yRgW2_Qnr8Rwin1dw%26client%3Dca-pub-2303590238526826%26adurl%3D
Frame ID: 0EFFB78E780EDF9C87C0F85B8338B465
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2303590238526826&output=html&h=280&adk=1816755489&adf=1230875943&pi=t.aa~a.3921975827~i.3~rp.4&w=938&fwrn=4&fwrnh=100&lmt=1677089734&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1521673879&ad_type=text_image&format=938x280&url=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F&fwr=0&pra=3&rh=200&rw=938&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677089734942&bpp=1&bdt=2268&idt=2&shv=r20230216&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6e6481329ffb4785-224c1d62f8dc00f2%3AT%3D1677089733%3ART%3D1677089733%3AS%3DALNI_MaVKg2u9jZeMyporVRPEU2KTJF9jw&gpic=UID%3D00000bbae2df8668%3AT%3D1677089733%3ART%3D1677089733%3AS%3DALNI_MavvGqaBMjc9LdOwIXZ7KyV4RAHqw&prev_fmts=0x0%2C728x280%2C728x280%2C728x280&nras=2&correlator=8232058220225&frm=20&pv=1&ga_vid=880433619.1677089733&ga_sid=1677089734&ga_hid=1012116864&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=1776&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44777877%2C44759837%2C31072348%2C44779794&oid=2&psts=AD37Y7vpb-npXAVK2ZmOJ00Bx3uHhxKZwGW2Q4XQzigXGMcC0z6k63oGbK_QJ3TS3smDDIUnP-el5_j4kAt8%2CAD37Y7uTwM0IEVytyoKj8G3HGB_3bUKLRelxBMVWkk10UK_l_2szM9fxBBnzjEFcCPEtZ-e2O7FwSYqlAHom&pvsid=271215218793982&tmod=480944890&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=E6VldsSkG4&p=https%3A//www.scamfoo.com&dtd=9
Frame ID: 500BF22FFFAD658BD6F4486E1033C3BB
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2303590238526826&output=html&h=280&adk=1282251284&adf=3758370479&pi=t.aa~a.2417213347~rp.4&w=938&fwrn=4&fwrnh=100&lmt=1677089734&rafmt=1&to=qs&pwprc=1521673879&format=938x280&url=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677089734960&bpp=1&bdt=2286&idt=1&shv=r20230216&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6e6481329ffb4785-224c1d62f8dc00f2%3AT%3D1677089733%3ART%3D1677089733%3AS%3DALNI_MaVKg2u9jZeMyporVRPEU2KTJF9jw&gpic=UID%3D00000bbae2df8668%3AT%3D1677089733%3ART%3D1677089733%3AS%3DALNI_MavvGqaBMjc9LdOwIXZ7KyV4RAHqw&prev_fmts=0x0%2C728x280%2C728x280%2C728x280%2C938x280&nras=3&correlator=8232058220225&frm=20&pv=1&ga_vid=880433619.1677089733&ga_sid=1677089734&ga_hid=1012116864&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=4008&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44777877%2C44759837%2C31072348%2C44779794&oid=2&psts=AD37Y7vpb-npXAVK2ZmOJ00Bx3uHhxKZwGW2Q4XQzigXGMcC0z6k63oGbK_QJ3TS3smDDIUnP-el5_j4kAt8%2CAD37Y7uTwM0IEVytyoKj8G3HGB_3bUKLRelxBMVWkk10UK_l_2szM9fxBBnzjEFcCPEtZ-e2O7FwSYqlAHom&pvsid=271215218793982&tmod=480944890&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=v8tOOG3rQU&p=https%3A//www.scamfoo.com&dtd=12
Frame ID: AFAFCDBA4D0FC547F6D6F9255DA467D1
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1
Frame ID: C8CFF8159757E3DFC2267D1416AB5302
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1
Frame ID: DFA742CCE943FB1495C2CED2C301DED7
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1
Frame ID: 56768D0AF4C8DA636CB000FA5EF4CE0D
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1
Frame ID: 0E6958DC901A64299DC57F9CB3DD82E4
Requests: 7 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_ZbxQAJVVkEf4lsAAMoXEzPSeO8_Xqb-LkxSg&u=%7CVmn2Rt7oCW38LQDsaL0071vTnRwJNwbWp7OlAsrJV%2FU%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9QtxaN2yFPYz7E27bdan5Oj7k42CU8oFGZHTaUmqAemxOBSpoOgQyLw66gecPY-rhZAeTFhBSx2tENI0sDDS18Gsovo8aLnMV7qfQ4bLn1mu-_4ZNC_J4totCRilsRqYzyNAQ9giD3b-vhz4KFVUlGEd4NirF16L3JdUoVtNR57UBJh-sVMJMbnUjQoP_2qGwPeDom491WsigmYmRf3VmP9YOYDA83yqahhyUUwOubvPc9cDdv04GRV7IOxJCTo2ueXOMRt6MxzvEHJr2IFOSES4gZYTEcY0wu5FeklDakCqIPKm4SiYc1V69lCiUvmd1prGH3z2HsB81wp9NBnsYGAXy2WCVDFTliM8ia-8O7SXanrZobwNxrNyfcOVB2U0PKFCIj-7-1DhjzLTu5BXJS6ByVJK7mtNvD8MPnye2B3IPI2vhiVzgZZKdstauoeGFZyc1fUdNJ1UGKzp6yH-IIhPD4EDJuFdes62w-BzT7LZlKqTkJNGRzdigv0-GZ1OsZCM5_iG7yX3qcS7J0bSBaFSWFprrEAObptz9FbW_t9XGjvIN9Ha3pmaXtZrSokMr2ms6vw84nqCO12yUf9jeA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkPszxVv2Y9mqJeyS_tMP3NCMwA7JntKxXNWdkfdwwI23ARABIABg-wGCARdjYS1wdWItMjMwMzU5MDIzODUyNjgyNsgBCakCda6mCKjXsT6oAwGqBNUBT9ARj03owM3SmPxeHJdqpmlrZ988BExmgJPq5PcpPtxMFtpVS78WcRLUVTGrnO40PmddlYpkyFq29nNRAyNS9I1TLMrx3DOn1WYVDP4OHxsfrAO0RLyZ_mXANDgwCxTAsw01MhEKP33Pe7vImQ2CN5Cvgcp9m5BVxo4ZC-TUbOMAbV2fsGWPjAViiU9Ds3HA8yAdZx5P3q4GMb-wXo1csBcV7uPrj_LYgCj6SD_qKW8fDNbkUDpfjYGoT6dnyOzg7x5u2z2iRraxw0-5aF_EnesYQMXPgAb-wcKCuN-mjagBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1twrFj7eBR2An1Wi83SENvHLUr6A%26client%3Dca-pub-2303590238526826%26adurl%3D
Frame ID: D18F2B75C60F9AFF9791E887864CE29E
Requests: 22 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 2FC762D45AC4EEAE4F6E07D6D4E4432B
Requests: 7 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7ZxMCFgOmyueWjOy3swSmyueWjOy3swUAAAAGBuIHJGLxmEbD3WotGi03a9FquXFLXMOJWzGauWzGkW2yGDmMQCIWj2k03K3WotFysxatlhu3xDWcuBWjmctmHNkmi5HDDStoOh0-171e9_vdNR-H2-b32zV-t1_zNL38aufF8jT5XJa7xu_2ywEAAADg4f___x8CAAAAIAIAAABAAgAAAIAioOLfQuACAAAAAOP___9fAyCJowAelqfnHwAAAAAgAAAAACQAA25NJQAlhpUn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAHEMHZqqofn71n0QFx0WMAAAAALi8qSOOJnVCZVH1___fbwVwBQAQYKhn5decpTso8RYGAAAgIJYUGFPbsAv7OLZAD4vfb3bYNX63y_7_________zf7P_tGEhuBI04AqhB_VfgEBANZ-AQEA2NQNAOAtAC7kMNB0Onyue73u97trPg63ze-3a_xuv-gIWjEYrC4gZgcAAABw9____4-XFBhT27AL-6gHYibnxLEYrnbL1Wa2HC6cq8lmsBu5lruNxTNY-LYHD7mV4xp5d-43YYvRajLZLIez5WIyGI6Go9H-BmIxGOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEKVo0mKxGo8liMlyNJqvZcrHbbZCiVavZaDMYrmaT2W63Gg6Gy9EIJ2wxWk0mm-VwtlxMBsPRcDQaIkx5PMuJZTdY6za-3Vq03DjWEpdjtJZZTJuRYzMYLoyjtej1MT1cNpdjNNuiYADLXiRPi3QiWTlHnpVnuNuYZhabY7ebuWaGjW03XM2Wo-XCMxFLNCeLdCK77Gsm58SxGK52y9VmthwunKvJZrAbuZa7jcUzWPj2LY9nObHsBmvdxrdbi5Ybx1ricozWMotpM3JsBsOFcbQWvT6mh8vmcoxm-8ZstxsMl7vNaN-Y7XaD4XK3Ge07TKZn6nM2CjdroUclMScjM93NYVC4DBbvU7W6GLujg7fkPDpV2rKyszP6_X6_3-_3-_1-v0HrOZgNCt-1GxObM7e-9HeaGMQGgyKWCC7Sicjpebw-b83H4bb5_RaxRGm6SCd6zdP08qudF8vT5HNZ7hq_2yKWCE4X6UT0Mp4u6j825GQumUzmksVkrtitEgAAAAAAAADAEubMmwAAAACcBjIZDUerdR7IaLWcDFfLBZjYL9EFBgEAAAAAAChu_NiBnJ7H6_PWfBxum99vZYAHp0XmzZ8JYq1WyxoAAEAAGwAAIIBbN--BJNEo_v___z8OAABARo4eAABAfB8AAAAAAAAAgL8gBpvZbg!&cmcv=&pix=undefined&cb=1677089735591&uv=3256&tms=1677089735591&abt=dpa_vA!esv_vC!ufm&ru=https://www.scamfoo.com/site/mybridger.com/&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=bbc44875-4493-459c-b58b-14fef8d621da&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: B9B3EFB72F5E41346499E2CB68CA05A9
Requests: 3 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7ZxMCFgOmyueWjOy3swSmyueWjOy3swUAAAAGBuIHJGLxmEbD3WotGi03a9FquXFLXMOJWzGauWzGkW2yGDmMQCIWj2k03K3WotFysxatlhu3xDWcuBWjmctmHNkmi5HDDStoOh0-171e9_vdNR-H2-b32zV-t1_zNL38aufF8jT5XJa7xu_2ywEAAADg4f___x8CAAAAIAIAAABAAgAAAIAioOLfQuACAAAAAOP___9fAyCJowAelqfnHwAAAAAgAAAAACQAA25NJQAlhpUn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAHEMHZqqofn71n0QFx0WMAAAAALi8qSOOJnVCZVH1___fbwVwBQAQYKhn5decpTso8RYGAAAgIJYUGFPbsAv7OLZAD4vfb3bYNX63y_7_________zf7P_tGEhuBI04AqhB_VfgEBANZ-AQEA2NQNAOAtAC7kMNB0Onyue73u97trPg63ze-3a_xuv-gIWjEYrC4gZgcAAABw9____4-XFBhT27AL-6gHYibnxLEYrnbL1Wa2HC6cq8lmsBu5lruNxTNY-LYHD7mV4xp5d-43YYvRajLZLIez5WIyGI6Go9H-BmIxGOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEKVo0mKxGo8liMlyNJqvZcrHbbZCiVavZaDMYrmaT2W63Gg6Gy9EIJ2wxWk0mm-VwtlxMBsPRcDQaIkx5PMuJZTdY6za-3Vq03DjWEpdjtJZZTJuRYzMYLoyjtej1MT1cNpdjNNuiYADLXiRPi3QiWTlHnpVnuNuYZhabY7ebuWaGjW03XM2Wo-XCMxFLNCeLdCK77Gsm58SxGK52y9VmthwunKvJZrAbuZa7jcUzWPj2LY9nObHsBmvdxrdbi5Ybx1ricozWMotpM3JsBsOFcbQWvT6mh8vmcoxm-8ZstxsMl7vNaN-Y7XaD4XK3Ge07TKZn6nM2CjdroUclMScjM93NYVC4DBbvU7W6GLujg7fkPDpV2rKyszP6_X6_3-_3-_1-v0HrOZgNCt-1GxObM7e-9HeaGMQGgyKWCC7Sicjpebw-b83H4bb5_RaxRGm6SCd6zdP08qudF8vT5HNZ7hq_2yKWCE4X6UT0Mp4u6j825GQumUzmksVkrtitEgAAAAAAAADAEubMmwAAAACcBjIZDUerdR7IaLWcDFfLBZjYL9EFBgEAAAAAAChu_NiBnJ7H6_PWfBxum99vZYAHp0XmzZ8JYq1WyxoAAEAAGwAAIIBbN--BJNEo_v___z8OAABARo4eAABAfB8AAAAAAAAAgL8gBpvZbg!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 46BFA06FA92D51089AD9F850156BE1E1
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 5FB92D503B7A1B1553721C9F5818BD47
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A019ABF79F2A17D9D0064CBB4CF462C0
Requests: 2 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V77YoCFgOsD8lGfQDXPASsD8lGfQDXPAUAAAAGBuIHJOGZ7JajyWitsawca9FkZlwrfKvNWrSxOBzOkcXhHC6MQBKeyW45mozWGsvKsRZNZsa1wrfarEUbi8PhHFkczuHCDStoOh0-171e9_vdNR-H2-b32zV-t1_zNL38aufF8jT5XJa7xu_2ywEAAADg4f___x8CAAAAIAIAAABAAgAAAIAioOLfQuACAAAAAOP___9fAyCJowAelqfnHwAAAAAgAAAAACQAA25NJQAlhpUn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAHENgh7TiJN5FC0QFeUWMAAAAALi8qSOOJnVCZVH1___fbwVwBQAQYKhn9QeVpTso8RYGAAAgIJYUGFPbsAv7OLZAD4vfb3bYNX63y_7_________zf7P_tGEhuBI04AqhB_VfgEBANZ-AQEA2NQNAOAtAC7kMNB0Onyue73u97trPg63ze-3a_xuv-gIWjEYrC4gZgcAAABw9____4-XFBhT27AL-6gHYqbFaGGYGAYb43Aym3gWHudqtty4RraVcWOxDba3nHPe-o_gneU3YYvRajLZLIez5WIyGI6Go9H-BmIxGOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEKVo0mKxGo8liMlyNJqvZcrHbbZCiVavZaDMYrmaT2W63Gg6Gy9EIJ2wxWk0mm-VwtlxMBsPRcDQaIkzZbAvjaDFYSwazyVo0WBnWyo3FtZZYjIOJZbgwLnzDtej1MT1cNpdjNNuiYADLXiRPi3QisYxGhtHGtliOdoOJb-HcjFamlW0yWkxWG9dsNhFLNCeLdCK77GumxWhhmBgGG-NwMpt4Fh7narbcuEa2lXFjsQ32LZttYRwtBmvJYDZZiwYrw1q5sbjWEotxMLEMF8aFb7gWvT6mh8vmcoxm-8ZstxsMl7vNaN-Y7XaD4XK3Ge07TKZn6nM2CjdroUclMScjM93NYVC4DBbvU7W6GLujg7fkPDpV2rKyszP6_X6_3-_3-_1-v0HrOZgNCt-1GxObM7e-9HeaGMQGgyKWCC7Sicjpebw-b83H4bb5_RaxRGm6SCd6zdP08qudF8vT5HNZ7hq_2yKWCE4X6UT0Mp4u6j825GQumUzmksVkrtitEgAAAAAAAADAEubMmwAAAACcBjIZDUerdR7IaLWcDFfLBZjYL9EFBgEAAAAAAChu_NiBnJ7H6_PWfBxum99vZYAHp0XmzZ8JYq1WyxoAAEAAGwAAIIBbN--BJNEo_v___z8OAABARo4eAABAfB8AAAAAAAAAgH-gVYMB!&cmcv=&pix=undefined&cb=1677089735697&uv=3257&tms=1677089735697&abt=ufm!ul3257_vA&ru=https://www.scamfoo.com/site/mybridger.com/&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=a3279424-c2e1-42f8-a753-4cbaa9dba98a&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: B3D1212A592B473ECA9D144F5BE35060
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V77YoCFgOsD8lGfQDXPASsD8lGfQDXPAUAAAAGBuIHJOGZ7JajyWitsawca9FkZlwrfKvNWrSxOBzOkcXhHC6MQBKeyW45mozWGsvKsRZNZsa1wrfarEUbi8PhHFkczuHCDStoOh0-171e9_vdNR-H2-b32zV-t1_zNL38aufF8jT5XJa7xu_2ywEAAADg4f___x8CAAAAIAIAAABAAgAAAIAioOLfQuACAAAAAOP___9fAyCJowAelqfnHwAAAAAgAAAAACQAA25NJQAlhpUn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAHENgh7TiJN5FC0QFeUWMAAAAALi8qSOOJnVCZVH1___fbwVwBQAQYKhn9QeVpTso8RYGAAAgIJYUGFPbsAv7OLZAD4vfb3bYNX63y_7_________zf7P_tGEhuBI04AqhB_VfgEBANZ-AQEA2NQNAOAtAC7kMNB0Onyue73u97trPg63ze-3a_xuv-gIWjEYrC4gZgcAAABw9____4-XFBhT27AL-6gHYqbFaGGYGAYb43Aym3gWHudqtty4RraVcWOxDba3nHPe-o_gneU3YYvRajLZLIez5WIyGI6Go9H-BmIxGOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEKVo0mKxGo8liMlyNJqvZcrHbbZCiVavZaDMYrmaT2W63Gg6Gy9EIJ2wxWk0mm-VwtlxMBsPRcDQaIkzZbAvjaDFYSwazyVo0WBnWyo3FtZZYjIOJZbgwLnzDtej1MT1cNpdjNNuiYADLXiRPi3QisYxGhtHGtliOdoOJb-HcjFamlW0yWkxWG9dsNhFLNCeLdCK77GumxWhhmBgGG-NwMpt4Fh7narbcuEa2lXFjsQ32LZttYRwtBmvJYDZZiwYrw1q5sbjWEotxMLEMF8aFb7gWvT6mh8vmcoxm-8ZstxsMl7vNaN-Y7XaD4XK3Ge07TKZn6nM2CjdroUclMScjM93NYVC4DBbvU7W6GLujg7fkPDpV2rKyszP6_X6_3-_3-_1-v0HrOZgNCt-1GxObM7e-9HeaGMQGgyKWCC7Sicjpebw-b83H4bb5_RaxRGm6SCd6zdP08qudF8vT5HNZ7hq_2yKWCE4X6UT0Mp4u6j825GQumUzmksVkrtitEgAAAAAAAADAEubMmwAAAACcBjIZDUerdR7IaLWcDFfLBZjYL9EFBgEAAAAAAChu_NiBnJ7H6_PWfBxum99vZYAHp0XmzZ8JYq1WyxoAAEAAGwAAIIBbN--BJNEo_v___z8OAABARo4eAABAfB8AAAAAAAAAgH-gVYMB!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 2D8A2C9F7F2BC9451DED75457B5D7410
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: F97C030F09E2ADC4A7046CF643D8D232
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Frame ID: 5D9E87563B855EBC613725A8E10EA209
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 29628078794ACF189F50F9748BB96410
Requests: 2 HTTP requests in this frame

Frame: https://p4-hpwjbghamdl72-vuxl5tt62pknex5i-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: 8D5E986A28A16CE573CDC610CD811A8B
Requests: 2 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_ZbxwAA1L0Ef4hrAAj_uXCr98v4SdSQKW_Y7Q&u=%7CseXUhV9f4c45qU0Y1iKYWtQGvl5SEixGiglvYyPHeUI%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8R0XTFg4n334JzDG0QxBnFq0ZBTpmYDd8OqS4ilYwIpBoHzA8ktjKkD-a_IeRtSTThcFDrOVjcYIQqrmyTVuSIHEy10wcmNp6Zy1K6YhzLSNaIFhBvQS0XUNiyo8929pLlwZfnUj6DRJJqnLVbaTUz3ADbdxJjB6he3V13W2j5sYywcCeIgSDBifH2dVU2h3Foqr4JrwDXTmWm2WHD6xSL6KcfsJJnSVpPwp6CMtfZ9CAo2tI8cP9gVh2nP_tgzqzkhl62eXXeB1OSLPYmaZVYyuZsCWOqqjgbIi3pd3VYC6uBUQnXQte5Duxh3u-0bvr4unbh_v4uGv5TakpMMsk_G8_-K51ILQwlDFJEHPfqgtuX1gpAbIDbCAsJFCGNU2i_9H31sVyN7dgp-p0-qNs01KVhWkRez1T0N_qgOs9MRAKmbKtbjI_Ul52Z9x0b-V2TPnmlyU0VvpOfS6qps4eoIV0Sud_TGSI6pZ6vNVhfQkQfOfuihITYasuMweUPdHsFdCY5ndvr_DlagzjfbLKr_QVSO9evQCBJ5JhpMdWqdJIn2L6w1D-Wq&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCty6Ex1v2Y72pA-uQ_tMPuf-j0A7JntKxXM2jlvdwwI23ARABIABg-wGCARdjYS1wdWItMjMwMzU5MDIzODUyNjgyNsgBCakCda6mCKjXsT6oAwGqBNsBT9Bn5tbLYAEVYxlYIfKbnHhnGhCDHzlfAyAdP5PrvUFM_MKSiZHGwI4zFy_YgaRT1YUNr8QLBmPmjjvDvKwqdLBvETyFwNAGaWdMX_eymrHThqTDlQDr9Qe7Ayyaft9JLbQmwE1lLRjIb11WfF_WEw667jJKn17dbiyccJty-LiLV-pnPC9PeGmlMvyiKRcSOelED4S59GlzQnECu5Cy3EHVf2vVpwmQbOZxg03Vj3eMrZhY1gMBsMHSmlHPfCae5aT5EIMjNwDCwHDWTn60AjQCfnu0ISeaaXUugAb-wcKCuN-mjagBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1p-VKWJMyt3TCJ-U_LtRkU-Q6S_Q%26client%3Dca-pub-2303590238526826%26adurl%3D
Frame ID: A189F0E5D6827E9EFB1326B93CC3D31E
Requests: 18 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Frame ID: 73723CC5B94141D6D30C15E1BCEC56F5
Requests: 3 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7ZxMCFgOmyueWjOy3swSmyueWjOy3swUAAAAGBuIHJGLxmEbD3WotGi03a9FquXFLXMOJWzGauWzGkW2yGDmMQCIWj2k03K3WotFysxatlhu3xDWcuBWjmctmHNkmi5HDDStoOh0-171e9_vdNR-H2-b32zV-t1_zNL38aufF8jT5XJa7xu_2ywEAAADg4f___x8CAAAAIAIAAABAAgAAAIAioOLfQuACAAAAAOP___9fAyCJowAelqfnHwAAAAAgAAAAACQAA25NJQAlhpUn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAHEMHZqqofn71n0QFx0WMAAAAALi8qSOOJnVCZVH1___fbwVwBQAQYKhn5decpTso8RYGAAAgIJYUGFPbsAv7OLZAD4vfb3bYNX63y_7_________zf7P_tGEhuBI04AqhB_VfgEBANZ-AQEA2NQNAOAtAC7kMNB0Onyue73u97trPg63ze-3a_xuv-gIWjEYrC4gZgcAAABw9____4-XFBhT27AL-6gHYibnxLEYrnbL1Wa2HC6cq8lmsBu5lruNxTNY-LYHD7mV4xp5d-43YYvRajLZLIez5WIyGI6Go9H-BmIxGOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEKVo0mKxGo8liMlyNJqvZcrHbbZCiVavZaDMYrmaT2W63Gg6Gy9EIJ2wxWk0mm-VwtlxMBsPRcDQaIkx5PMuJZTdY6za-3Vq03DjWEpdjtJZZTJuRYzMYLoyjtej1MT1cNpdjNNuiYADLXiRPi3QiWTlHnpVnuNuYZhabY7ebuWaGjW03XM2Wo-XCMxFLNCeLdCK77Gsm58SxGK52y9VmthwunKvJZrAbuZa7jcUzWPj2LY9nObHsBmvdxrdbi5Ybx1ricozWMotpM3JsBsOFcbQWvT6mh8vmcoxm-8ZstxsMl7vNaN-Y7XaD4XK3Ge07TKZn6nM2CjdroUclMScjM93NYVC4DBbvU7W6GLujg7fkPDpV2rKyszP6_X6_3-_3-_1-v0HrOZgNCt-1GxObM7e-9HeaGMQGgyKWCC7Sicjpebw-b83H4bb5_RaxRGm6SCd6zdP08qudF8vT5HNZ7hq_2yKWCE4X6UT0Mp4u6j825GQumUzmksVkrtitEgAAAAAAAADAEubMmwAAAACcBjIZDUerdR7IaLWcDFfLBZjYL9EFBgEAAAAAAChu_NiBnJ7H6_PWfBxum99vZYAHp0XmzZ8JYq1WyxoAAEAAGwAAIIBbN--BJNEo_v___z8OAABARo4eAABAfB8AAAAAAAAAgL8gBpvZbg!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 31A04751C9DA30F29E3E4FBC76855C6B
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js
Frame ID: B5F7E43CF96DB7171CCCA5D1D66C2980
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js
Frame ID: 7D4DD3A1852124D05F2999072F1BF430
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js
Frame ID: 1C1CE3DDD3F439283522742557417066
Requests: 1 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V77YoCFgOsD8lGfQDXPASsD8lGfQDXPAUAAAAGBuIHJOGZ7JajyWitsawca9FkZlwrfKvNWrSxOBzOkcXhHC6MQBKeyW45mozWGsvKsRZNZsa1wrfarEUbi8PhHFkczuHCDStoOh0-171e9_vdNR-H2-b32zV-t1_zNL38aufF8jT5XJa7xu_2ywEAAADg4f___x8CAAAAIAIAAABAAgAAAIAioOLfQuACAAAAAOP___9fAyCJowAelqfnHwAAAAAgAAAAACQAA25NJQAlhpUn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAHENgh7TiJN5FC0QFeUWMAAAAALi8qSOOJnVCZVH1___fbwVwBQAQYKhn9QeVpTso8RYGAAAgIJYUGFPbsAv7OLZAD4vfb3bYNX63y_7_________zf7P_tGEhuBI04AqhB_VfgEBANZ-AQEA2NQNAOAtAC7kMNB0Onyue73u97trPg63ze-3a_xuv-gIWjEYrC4gZgcAAABw9____4-XFBhT27AL-6gHYqbFaGGYGAYb43Aym3gWHudqtty4RraVcWOxDba3nHPe-o_gneU3YYvRajLZLIez5WIyGI6Go9H-BmIxGOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEKVo0mKxGo8liMlyNJqvZcrHbbZCiVavZaDMYrmaT2W63Gg6Gy9EIJ2wxWk0mm-VwtlxMBsPRcDQaIkzZbAvjaDFYSwazyVo0WBnWyo3FtZZYjIOJZbgwLnzDtej1MT1cNpdjNNuiYADLXiRPi3QisYxGhtHGtliOdoOJb-HcjFamlW0yWkxWG9dsNhFLNCeLdCK77GumxWhhmBgGG-NwMpt4Fh7narbcuEa2lXFjsQ32LZttYRwtBmvJYDZZiwYrw1q5sbjWEotxMLEMF8aFb7gWvT6mh8vmcoxm-8ZstxsMl7vNaN-Y7XaD4XK3Ge07TKZn6nM2CjdroUclMScjM93NYVC4DBbvU7W6GLujg7fkPDpV2rKyszP6_X6_3-_3-_1-v0HrOZgNCt-1GxObM7e-9HeaGMQGgyKWCC7Sicjpebw-b83H4bb5_RaxRGm6SCd6zdP08qudF8vT5HNZ7hq_2yKWCE4X6UT0Mp4u6j825GQumUzmksVkrtitEgAAAAAAAADAEubMmwAAAACcBjIZDUerdR7IaLWcDFfLBZjYL9EFBgEAAAAAAChu_NiBnJ7H6_PWfBxum99vZYAHp0XmzZ8JYq1WyxoAAEAAGwAAIIBbN--BJNEo_v___z8OAABARo4eAABAfB8AAAAAAAAAgH-gVYMB!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 7A16EAE9C896E0023E15457B5F5912F7
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Frame ID: 37D4B0A26E4A7C5FFF1C7BD430DBAB53
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js
Frame ID: F5FAC586EE708A5637D7DF1EDE82A589
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 141CFD82E2F4EDAE525F82203A496AB0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F56DD516CFED800EFC9AD231EE83F1B0
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Is Mybridger.com Scam, Fraudulent or Safe? | ScamFoo

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

371
Requests

97 %
HTTPS

59 %
IPv6

27
Domains

60
Subdomains

44
IPs

7
Countries

6975 kB
Transfer

16724 kB
Size

15
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://www.apivoid.com/api/site-trustworthiness/
Title: API

Search URL Search Domain Scan URL

URL: https://www.mywot.com/en/faq/site-owners-support/review-request
Title: How do I request a site review?

Search URL Search Domain Scan URL

URL: https://www.mywot.com/en/faq/site-owners-support/reputation#no-rating
Title: My site has no reputation, what can I do?

Search URL Search Domain Scan URL

URL: https://www.mywot.com/en/scorecard/mybridger.com
Title: View the scorecard report on WOT

Search URL Search Domain Scan URL

URL: https://www.mywot.com/en/faq/site-owners-support/reputation#blacklisted
Title: My site is blocked by WOT

Search URL Search Domain Scan URL

URL: https://www.google.com/transparencyreport/safebrowsing/diagnostic/index.html#url=mybridger.com
Title: View Safe Browsing Site Status

Search URL Search Domain Scan URL

URL: http://www.avira.com/en/for-home
Title: Read more

Search URL Search Domain Scan URL

URL: https://badbitcoin.org/
Title: Read more

Search URL Search Domain Scan URL

URL: http://trafficlight.bitdefender.com/info?url=http://mybridger.com
Title: Read more

Search URL Search Domain Scan URL

URL: http://www.spam404.com/apps/search?q=mybridger.com
Title: Read more

Search URL Search Domain Scan URL

URL: http://www.spamhaus.org/query/domain/mybridger.com
Title: Read more

Search URL Search Domain Scan URL

URL: http://www.surbl.org/surbl-analysis
Title: Read more

Search URL Search Domain Scan URL

URL: http://threatlog.com/search/mybridger.com/domain/
Title: Read more

Search URL Search Domain Scan URL

URL: https://www.alexa.com/siteinfo/mybridger.com
Title: according to Alexa rank

Search URL Search Domain Scan URL

URL: https://www.mcafeesecure.com/verify?host=mybridger.com
Title: certified by McAfee SECURE

Search URL Search Domain Scan URL

URL: https://www.ip2location.com/
Title: IP Geolocation Database

Search URL Search Domain Scan URL

URL: https://www.imagesmaller.com/
Title: Compress JPEG

Search URL Search Domain Scan URL

URL: https://www.mp3louder.com/
Title: Increase MP3 Volume

Search URL Search Domain Scan URL

URL: http://www.privalicy.com/privacy-policy/93535564/
Title: Privacy Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://www.google.com/s2/favicons?domain=www.avira.com HTTP 301
https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://www.avira.com&size=16

Request Chain 7

https://www.google.com/s2/favicons?domain=badbitcoin.org HTTP 301
https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://badbitcoin.org&size=16

Request Chain 8

https://www.google.com/s2/favicons?domain=www.bitdefender.com HTTP 301
https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://www.bitdefender.com&size=16

Request Chain 9

https://www.google.com/s2/favicons?domain=www.spam404.com HTTP 301
https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://www.spam404.com&size=16

Request Chain 10

https://www.google.com/s2/favicons?domain=www.spamhaus.org HTTP 301
https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://www.spamhaus.org&size=16

Request Chain 11

https://www.google.com/s2/favicons?domain=www.surbl.org HTTP 301
https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://www.surbl.org&size=16

Request Chain 12

https://www.google.com/s2/favicons?domain=www.threatlog.com HTTP 301
https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://www.threatlog.com&size=16

Request Chain 117

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1677089734549&ns_c=UTF-8&ns_if=1&c7=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F&c8=&c9=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1677089734549&ns_c=UTF-8&ns_if=1&c7=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F&c8=&c9=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F

Request Chain 118

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1677089734550&ns_c=UTF-8&ns_if=1&c7=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F&c8=&c9=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1677089734550&ns_c=UTF-8&ns_if=1&c7=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F&c8=&c9=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F

Request Chain 264

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP 301
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

Request Chain 287

https://ups.analytics.yahoo.com/ups/58534/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58534/occ?verify=true HTTP 302
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-AtSrrKFE2uGws6mM3sKGXQUgWyoIDVlv0DIEFsw-~A

Request Chain 291

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP 301
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

Request Chain 295

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 298

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 301

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 318

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 322

https://ups.analytics.yahoo.com/ups/58534/occ HTTP 302
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-AtSrrKFE2uGws6mM3sKGXQUgWyoIDVlv0DIEFsw-~A

Request Chain 343

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP 301
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

371 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.scamfoo.com/site/mybridger.com/ 27 KB
8 KB 152ms
34ms Document
text/html 163.172.255.115
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scamfoo.com/site/mybridger.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

163.172.255.115 , France, ASN12876 (Online SAS, FR),

Reverse DNS

163-172-255-115.rev.poneytelecom.eu

Software

nginx /

Resource Hash

cf63c0ab8fd88df6f1cfd80fc6ffa24ef21ca8e2446fe8737c46c89b4a9c5c49

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 22 Feb 2023 18:15:32 GMT
server: nginx
strict-transport-security: max-age=63072000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 118 KB
20 KB 74ms
30ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

Requested by

Host: www.scamfoo.com
URL: https://www.scamfoo.com/site/mybridger.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 946
age: 16452271
cdn-cachedat: 07/16/2022 17:19:07
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: W/"ec3bb52a00e176a7181d454dffaea219"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: e3c6ae324943bba7ed619b25cd1777c5
timing-allow-origin: *
cdn-requestcountrycode: FR
cdn-status: 200
cf-ray: 79d9b52d8db5d676-CDG
cdn-requestpullsuccess: True

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 79ms
35ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: www.scamfoo.com
URL: https://www.scamfoo.com/site/mybridger.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 947
age: 511642
cdn-cachedat: 11/22/2022 18:16:02
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: d33c7577ef45b1480dea9da20565900e
timing-allow-origin: *
cdn-requestcountrycode: FR
cdn-status: 200
cf-ray: 79d9b52d8db8d676-CDG
cdn-requestpullsuccess: True

GET
H2 200 css
fonts.googleapis.com/ 5 KB
982 B 163ms
61ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:300,400,700

Requested by

Host: www.scamfoo.com
URL: https://www.scamfoo.com/site/mybridger.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d333ebda191a6d6ecaf864435d51ca6b4f091ce9ae5df6ee2f13b39aa0b3e91a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 22 Feb 2023 18:15:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 22 Feb 2023 17:31:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Feb 2023 18:15:32 GMT

GET
H2 200 jquery-1.11.3.min.js Show response
code.jquery.com/ 94 KB
33 KB 112ms
25ms Script
application/javascript 2001:4de0:ac18::1:a:2b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.11.3.min.js
Requested by: Host: www.scamfoo.com
URL: https://www.scamfoo.com/site/mybridger.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:32 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-176d5"
vary: Accept-Encoding
x-hw: 1677089732.dop206.pa1.t,1677089732.cds037.pa1.hn,1677089732.cds029.pa1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 33261

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 36 KB
11 KB 72ms
29ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Host: www.scamfoo.com
URL: https://www.scamfoo.com/site/mybridger.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 602
age: 16452271
cdn-cachedat: 09/26/2021 20:53:49
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 1c57f0c2fc94ef1cf256fbb4d9a5c2a2
timing-allow-origin: *
cdn-requestcountrycode: FR
cdn-status: 200
cf-ray: 79d9b52d8dbad676-CDG
cdn-requestpullsuccess: True

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
49 KB 224ms
151ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.scamfoo.com
URL: https://www.scamfoo.com/site/mybridger.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd34505fc5cf9a672ad93284680dce46944900b10049b893cfb01092d1e5d912

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49741
x-xss-protection: 0
server: cafe
etag: 17620407220543363916
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 22 Feb 2023 18:15:33 GMT

GET
H2

200

faviconV2
t2.gstatic.com/
Redirect Chain

https://www.google.com/s2/favicons?domain=www.avira.com
https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://www.avira.com&size=16

547 B
1 KB

175ms
41ms

Image
image/png

2a00:1450:400d:804::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://www.avira.com&size=16

Requested by

Host: www.scamfoo.com
URL: https://www.scamfoo.com/site/mybridger.com/

Protocol

Server

2a00:1450:400d:804::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e017782c9b080b49f41d9ad774661818f60b9a0a02d3082e28ad014b5a4c5cff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:03:31 GMT
x-content-type-options: nosniff
age: 722
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 547
x-xss-protection: 0
last-modified: Thu, 30 May 2019 17:27:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://www.avira.com/favicon-16x16.png
expires: Wed, 01 Mar 2023 18:03:31 GMT

Redirect headers

date: Wed, 22 Feb 2023 18:03:31 GMT
x-content-type-options: nosniff
server: sffe
age: 721
content-type: text/html; charset=UTF-8
location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://www.avira.com&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 333
x-xss-protection: 0
expires: Wed, 22 Feb 2023 18:33:31 GMT

GET
H2

200

faviconV2
t2.gstatic.com/
Redirect Chain

https://www.google.com/s2/favicons?domain=badbitcoin.org
https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://badbitcoin.org&size=16

913 B
1 KB

175ms
43ms

Image
image/png

2a00:1450:400d:804::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://badbitcoin.org&size=16

Requested by

Host: www.scamfoo.com
URL: https://www.scamfoo.com/site/mybridger.com/

Protocol

Server

2a00:1450:400d:804::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04015d09b0e4d5446692458e86ef150aa9c4a082595c426fc75aa84a44d137bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 21:20:27 GMT
x-content-type-options: nosniff
age: 75306
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 913
x-xss-protection: 0
last-modified: Fri, 01 Feb 2019 06:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://badbitcoin.org/favicon.ico
expires: Tue, 28 Feb 2023 21:20:27 GMT

Redirect headers

date: Wed, 22 Feb 2023 17:51:08 GMT
x-content-type-options: nosniff
server: sffe
age: 1464
content-type: text/html; charset=UTF-8
location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://badbitcoin.org&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 334
x-xss-protection: 0
expires: Wed, 22 Feb 2023 18:21:08 GMT

GET
H2

200

faviconV2
t2.gstatic.com/
Redirect Chain

https://www.google.com/s2/favicons?domain=www.bitdefender.com
https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://www.bitdefender.com&size=16

227 B
399 B

177ms
44ms

Image
image/png

2a00:1450:400d:804::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://www.bitdefender.com&size=16

Requested by

Host: www.scamfoo.com
URL: https://www.scamfoo.com/site/mybridger.com/

Protocol

Server

2a00:1450:400d:804::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ad3a15528f72e9ce2a28abe62a31041e849b40d097de32e596fb37ee3ee74ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 06:47:46 GMT
x-content-type-options: nosniff
age: 41267
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 227
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 08:42:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://www.bitdefender.com/content/dam/bitdefender/favicon/apple-icon-57x57.png
expires: Wed, 01 Mar 2023 06:47:46 GMT

Redirect headers

date: Wed, 22 Feb 2023 17:51:08 GMT
x-content-type-options: nosniff
server: sffe
age: 1464
content-type: text/html; charset=UTF-8
location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://www.bitdefender.com&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 339
x-xss-protection: 0
expires: Wed, 22 Feb 2023 18:21:08 GMT

GET
H2

200

faviconV2
t3.gstatic.com/
Redirect Chain

https://www.google.com/s2/favicons?domain=www.spam404.com
https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://www.spam404.com&size=16

616 B
1 KB

162ms
44ms

Image
image/png

2a00:1450:400d:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://www.spam404.com&size=16

Requested by

Host: www.scamfoo.com
URL: https://www.scamfoo.com/site/mybridger.com/

Protocol

Server

2a00:1450:400d:80e::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94f0ba828c6a9863bd0f4ba7d7f9c24c20ae64c4bb4f40895221a4af539a72b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 17:55:19 GMT
x-content-type-options: nosniff
age: 1214
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 616
x-xss-protection: 0
last-modified: Wed, 29 Nov 2017 12:34:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://www.spam404.com/favicon.ico
expires: Wed, 01 Mar 2023 17:55:19 GMT

Redirect headers

date: Wed, 22 Feb 2023 17:51:08 GMT
x-content-type-options: nosniff
server: sffe
age: 1464
content-type: text/html; charset=UTF-8
location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://www.spam404.com&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 335
x-xss-protection: 0
expires: Wed, 22 Feb 2023 18:21:08 GMT

GET
H2

200

faviconV2
t0.gstatic.com/
Redirect Chain

https://www.google.com/s2/favicons?domain=www.spamhaus.org
https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://www.spamhaus.org&size=16

193 B
734 B

173ms
40ms

Image
image/png

2a00:1450:400d:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://www.spamhaus.org&size=16

Requested by

Host: www.scamfoo.com
URL: https://www.scamfoo.com/site/mybridger.com/

Protocol

Server

2a00:1450:400d:806::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1da88b92dba24e5bf090d31e5b66e0a0958cb60e0f582f78eb41cb4dbaf0628f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 04:57:24 GMT
x-content-type-options: nosniff
age: 47889
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 193
x-xss-protection: 0
last-modified: Wed, 29 Nov 2017 12:34:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://www.spamhaus.org/favicon.ico
expires: Wed, 01 Mar 2023 04:57:24 GMT

Redirect headers

date: Wed, 22 Feb 2023 18:02:32 GMT
x-content-type-options: nosniff
server: sffe
age: 780
content-type: text/html; charset=UTF-8
location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://www.spamhaus.org&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 336
x-xss-protection: 0
expires: Wed, 22 Feb 2023 18:32:32 GMT

GET
H2

404

faviconV2
t2.gstatic.com/
Redirect Chain

https://www.google.com/s2/favicons?domain=www.surbl.org
https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://www.surbl.org&size=16

726 B
790 B

207ms
74ms

Image
image/png

2a00:1450:400d:804::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://www.surbl.org&size=16

Requested by

Host: www.scamfoo.com
URL: https://www.scamfoo.com/site/mybridger.com/

Protocol

Server

2a00:1450:400d:804::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:33 GMT
x-content-type-options: nosniff
server: sffe
content-type: image/png
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 726
x-xss-protection: 0

Redirect headers

date: Wed, 22 Feb 2023 17:51:08 GMT
x-content-type-options: nosniff
server: sffe
age: 1464
content-type: text/html; charset=UTF-8
location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://www.surbl.org&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 333
x-xss-protection: 0
expires: Wed, 22 Feb 2023 18:21:08 GMT

GET
H2

200

faviconV2
t2.gstatic.com/
Redirect Chain

https://www.google.com/s2/favicons?domain=www.threatlog.com
https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://www.threatlog.com&size=16

232 B
375 B

150ms
42ms

Image
image/png

2a00:1450:400d:804::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://www.threatlog.com&size=16

Requested by

Host: www.scamfoo.com
URL: https://www.scamfoo.com/site/mybridger.com/

Protocol

Server

2a00:1450:400d:804::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d7b380a8622800488ca14eb8369126d66401b5fc0c4b3de5947aadfb0c79f6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 19:50:55 GMT
x-content-type-options: nosniff
age: 512678
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 232
x-xss-protection: 0
last-modified: Mon, 03 Aug 2020 02:58:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://www.threatlog.com/favicon.ico
expires: Thu, 23 Feb 2023 19:50:55 GMT

Redirect headers

date: Wed, 22 Feb 2023 17:51:08 GMT
x-content-type-options: nosniff
server: sffe
age: 1465
content-type: text/html; charset=UTF-8
location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://www.threatlog.com&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 337
x-xss-protection: 0
expires: Wed, 22 Feb 2023 18:21:08 GMT

GET graph
traffic.alexa.com/ 0
0

GET
H2 200 cookiebanner.min.js Show response
cdnjs.cloudflare.com/ajax/libs/cookie-banner/1.0.0/ 8 KB
3 KB 67ms
25ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookie-banner/1.0.0/cookiebanner.min.js

Requested by

Host: www.scamfoo.com
URL: https://www.scamfoo.com/site/mybridger.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87a40e88963acab5e079bc3643f0bb72a5ff9ead67a7c3da52455ce4a7df28be

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1645123
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2554
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-1e1b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XCL8A9BIhO7njKQ0%2BJgWrRESKrZxYiWe5tl%2B7Fc3TIGZk%2FMtevyghWnARXRBfrz4Bk0h9A8iveN5HjxLWTijTnf8nBS2q6kP%2FnH5bTke9OV3TPWeR%2BtKxdEB%2BjheJt2XGQSWI4qLfGbTHXCX9ev%2Boh7o"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 79d9b52e5e3e119d-CDG
expires: Mon, 12 Feb 2024 18:15:32 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v28/ 45 KB
46 KB 88ms
26ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:300,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.scamfoo.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 12:45:57 GMT
x-content-type-options: nosniff
age: 19775
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46524
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Feb 2024 12:45:57 GMT

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 57ms
29ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://www.scamfoo.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1072
age: 46141
cdn-cachedat: 12/25/2022 15:12:21
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 81b608c4b5681212cf4245a5dd1fbfc5
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: FR
cdn-status: 200
cf-ray: 79d9b52e9e21a2f1-CDG
cdn-requestpullsuccess: True

GET
H/1.1 200
OK embed.js Show response
scamfoo.disqus.com/ 79 KB
26 KB 240ms
149ms Script
application/javascript 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://scamfoo.disqus.com/embed.js

Requested by

Host: www.scamfoo.com
URL: https://www.scamfoo.com/site/mybridger.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

171832f39ed45c53d6f3b4ed0f70f900049de1da0187ec60845172be5a8ee617

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 18:15:33 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=300; includeSubdomains
Server: openresty
Age: 0
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
X-Service: router
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 25692

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 90ms
27ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.scamfoo.com
URL: https://www.scamfoo.com/site/mybridger.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 22 Feb 2023 18:14:50 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 42
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Wed, 22 Feb 2023 20:14:50 GMT

GET
H2 200 api.min.js Show response
a.optnmstr.com/app/js/ 50 KB
19 KB 212ms
43ms Script
application/javascript 185.180.12.68
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://a.optnmstr.com/app/js/api.min.js
Requested by: Host: www.scamfoo.com
URL: https://www.scamfoo.com/site/mybridger.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-731.bunnyinfra.net
Software: BunnyCDN-AT1-731 /
Resource Hash: 50de719051ac450992625c5ff7b3dc8de4a1b2e83be9a088e9e36ab7452e25be

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:33 GMT
content-encoding: br
cdn-edgestorageid: 731
perma-cache: HIT
cdn-storageserver: DE-167
cdn-cachedat: 02/22/2023 04:23:01
cdn-pullzone: 293267
last-modified: Wed, 22 Feb 2023 04:22:31 GMT
server: BunnyCDN-AT1-731
cdn-fileserver: 542
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"63f59887-c840"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: dc37eae312abd27715cc0c2ecb3e5e97
cdn-requestcountrycode: FR
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
208 B 35ms
34ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1012116864&t=pageview&_s=1&dl=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F&ul=en-us&de=UTF-8&dt=Is%20Mybridger.com%20Scam%2C%20Fraudulent%20or%20Safe%3F%20%7C%20ScamFoo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1710897698&gjid=1628009072&cid=880433619.1677089733&tid=UA-7525666-81&_gid=1208748442.1677089733&_r=1&_slc=1&z=1700709103

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.scamfoo.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 18:15:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.scamfoo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 lounge.2330dfe9833fc6fa82fa0ffee36e8c21.css
c.disquscdn.com/next/embed/styles/ 0
33 KB 140ms
28ms Other
text/css 2600:9000:223d:5200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.2330dfe9833fc6fa82fa0ffee36e8c21.css

Requested by

Host: scamfoo.disqus.com
URL: https://scamfoo.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:5200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-cache-hits: 0
date: Wed, 15 Feb 2023 19:09:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 601540
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 33270
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Wed, 15 Feb 2023 18:40:44 GMT
server: nginx
etag: "63ed272c-81f6"
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: Xi6Er0GtiYN6qkTt_pSe2-7IJIEuV1dqqicrCVW5J7uGW0B2dGS6Lw==
expires: Thu, 15 Feb 2024 19:09:53 GMT

GET
H2 200 common.bundle.4ba4d839a8c58443b0a3c9c44262d3b7.js
c.disquscdn.com/next/embed/ 0
93 KB 163ms
51ms Other
application/javascript 2600:9000:223d:5200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.4ba4d839a8c58443b0a3c9c44262d3b7.js

Requested by

Host: scamfoo.disqus.com
URL: https://scamfoo.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:5200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-cache-hits: 0
date: Wed, 18 Jan 2023 17:45:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 3025798
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 94186
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Wed, 18 Jan 2023 17:40:51 GMT
server: nginx
etag: "63c82f23-16fea"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: HhEwvCgJSyTz_amCGHMjV7Y9U6iVbB6zafkucBlAvYDcodvOWt4rSQ==
expires: Thu, 18 Jan 2024 17:45:34 GMT

GET
H2 200 lounge.bundle.e73bf6551fb0e2f4df3fc3aacda15afa.js
c.disquscdn.com/next/embed/ 0
127 KB 192ms
80ms Other
application/javascript 2600:9000:223d:5200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.e73bf6551fb0e2f4df3fc3aacda15afa.js

Requested by

Host: scamfoo.disqus.com
URL: https://scamfoo.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:5200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 21 Feb 2023 20:11:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 79429
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 129738
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Tue, 21 Feb 2023 19:20:50 GMT
server: nginx
etag: "63f51992-1faca"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: SFRupjM8xySY6455bqSQD0_cjPWUth59HTQKw9Ny9bE8LpryUktUzQ==
expires: Wed, 21 Feb 2024 20:11:44 GMT

GET
H/1.1 200
OK config.js
disqus.com/next/ 0
17 KB 101ms
21ms Other
application/javascript 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: scamfoo.disqus.com
URL: https://scamfoo.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 18:15:33 GMT
Strict-Transport-Security: max-age=300; includeSubdomains
X-Content-Type-Options: nosniff
Server: nginx
Age: 41
X-Frame-Options: SAMEORIGIN
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 17116
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK recommendations.js Show response
scamfoo.disqus.com/ 64 KB
21 KB 120ms
119ms Script
application/javascript 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://scamfoo.disqus.com/recommendations.js

Requested by

Host: scamfoo.disqus.com
URL: https://scamfoo.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

0dad155e43d912a28bb4fbe1e0e2141c695e0923ef70a9f902d8fc4ade58229f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 18:15:33 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=300; includeSubdomains
Server: openresty
Age: 0
Vary: Accept-Encoding, Accept, Accept-Encoding, X-Forwarded-Proto, X-Disqus-Shortname, X-Disqus-Device, X-Disqus-Experiment, X-Disqus-Is-Private, X-Disqus-Development-Base
Content-Type: application/javascript; charset=utf-8
Cache-Control: stale-while-revalidate=60, public, stale-if-error=86400, max-age=60
X-Service: router
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 21341

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/ 366 KB
120 KB 92ms
91ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2303590238526826&plah=www.scamfoo.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66aa95645a92aae3b1c321b4d36adab150af7a6a69979817c9d0bd99337bdf8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122954
x-xss-protection: 0
server: cafe
etag: 72175873648547687
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 22 Feb 2023 18:15:33 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230216/r20190131/ Frame DA39 10 KB
5 KB 87ms
26ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230216/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scamfoo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 33181
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Feb 2023 09:02:32 GMT
etag: 10353107486223812946
expires: Wed, 08 Mar 2023 09:02:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 api.min.css
a.omappapi.com/app/js/ 18 KB
3 KB 126ms
37ms Stylesheet
text/css 185.180.12.68
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/api.min.css
Requested by: Host: a.optnmstr.com
URL: https://a.optnmstr.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-731.bunnyinfra.net
Software: BunnyCDN-AT1-731 /
Resource Hash: 103f4d3fbc08fff41f2ddb722186887b3d8977d2a7da27e7ed0f2f5752dc339f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:33 GMT
content-encoding: br
cdn-edgestorageid: 731
perma-cache: HIT
cdn-storageserver: DE-199
cdn-cachedat: 02/22/2023 04:23:20
cdn-pullzone: 293267
last-modified: Wed, 22 Feb 2023 04:22:39 GMT
server: BunnyCDN-AT1-731
cdn-fileserver: 569
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"63f5988f-464c"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 9d6f166a9cb7bff92f091a6d33a10a5d
cdn-requestcountrycode: FR
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 404 583913 Show response
api.omappapi.com/v1/optin/30145/ 177 B
618 B 328ms
157ms XHR
application/json 18.66.112.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.omappapi.com/v1/optin/30145/583913
Requested by: Host: a.optnmstr.com
URL: https://a.optnmstr.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-67.fra56.r.cloudfront.net
Software: Pagely Gateway/1.5.1 /
Resource Hash: 700261a833506c06be76964c2366817dc6dca0f690dffc70fe58276734baa18b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:33 GMT
x-user-agent: standard--
via: 1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
x-cache-config: 0 0
server: Pagely Gateway/1.5.1
x-amz-cf-pop: FRA56-P5
vary: Accept-Encoding, User-Agent
x-cache: Error from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=30, stale-while-revalidate=1800
access-control-allow-headers: X-CSRF-Token
content-length: 177
x-amz-cf-id: SAN0sGBPgeglKTtew6POcrDM03gMsqF477ut7LszdnAgyL87onHa6g==
expires: Wed, 22 Feb 2023 18:16:03 GMT

GET
H/1.1 200
OK / Show response
disqus.com/embed/comments/ Frame 7948 6 KB
4 KB 144ms
139ms Document
text/html 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/embed/comments/?base=default&f=scamfoo&t_i=126513&t_u=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F&t_d=Is%20Mybridger.com%20Scam%2C%20Fraudulent%20or%20Safe%3F%20%7C%20ScamFoo&t_t=Is%20Mybridger.com%20Scam%2C%20Fraudulent%20or%20Safe%3F%20%7C%20ScamFoo&s_o=default

Requested by

Host: scamfoo.disqus.com
URL: https://scamfoo.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

ebdedeeeba316cc350ac98e02c8ce02efd8709b4003abcc6000711cb99c92067

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.scamfoo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Age: 0
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 2733
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Content-Type: text/html; charset=utf-8
Cross-Origin-Resource-Policy: cross-origin
Date: Wed, 22 Feb 2023 18:15:33 GMT
ETag: W/"lounge:view:8455606337.0cd0c2180780f064c99f8f8a9918dc1b.2"
Last-Modified: Sun, 11 Dec 2022 22:33:43 GMT
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Referrer-Policy: no-referrer-when-downgrade
Server: nginx
Strict-Transport-Security: max-age=300; includeSubdomains
Timing-Allow-Origin: *
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"

GET
H/1.1 200
OK / Show response
tempest.services.disqus.com/ads-iframe/taboola/ 27 KB
9 KB 223ms
120ms XHR
text/html 199.232.192.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://tempest.services.disqus.com/ads-iframe/taboola/?position=top&shortname=scamfoo&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%23337ab7&colorScheme=light&sourceUrl=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F&typeface=sans-serif&disqus_version=current
Requested by: Host: scamfoo.disqus.com
URL: https://scamfoo.disqus.com/embed.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.192.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty /
Resource Hash: b1809b0740b88b3986b635cceee0982da6a2065fbdef1cab1fc3bb853c57ffd3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 18:15:33 GMT
Content-Encoding: gzip
Server: openresty
Age: 0
Vary: Accept-Encoding,
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=300
X-Service: router
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 9087

GET
H/1.1 200
OK / Show response
tempest.services.disqus.com/ads-iframe/taboola/ 27 KB
9 KB 220ms
126ms XHR
text/html 199.232.192.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://tempest.services.disqus.com/ads-iframe/taboola/?position=bottom&shortname=scamfoo&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%23337ab7&colorScheme=light&sourceUrl=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F&typeface=sans-serif&disqus_version=current
Requested by: Host: scamfoo.disqus.com
URL: https://scamfoo.disqus.com/embed.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.192.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty /
Resource Hash: 02f855880af38e6ce3d28b76f4b2c6f44f0f93a57aef3430e8ad073345ea5fc0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 18:15:33 GMT
Content-Encoding: gzip
Server: openresty
Age: 0
Vary: Accept-Encoding,
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=300
X-Service: router
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 9090

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ 43 B
339 B 141ms
97ms Image
image/gif 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?imp=6htbaqt1lcch0i&experiment=network_default&variant=fallthrough&service=dynamic&area=top&product=embed&forum=scamfoo&zone=thread&version=9f2653a98c92ec14e69e9df2f8422e71&page_url=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F&page_referrer=&object_type=provider&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&section=default&verb=call&adjective=1&forum_id=4801840

Requested by

Host: www.scamfoo.com
URL: https://www.scamfoo.com/site/mybridger.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 18:15:33 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ 43 B
339 B 142ms
98ms Image
image/gif 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?imp=6htbaqt1lcch0i&experiment=network_default&variant=fallthrough&service=dynamic&area=bottom&product=embed&forum=scamfoo&zone=thread&version=9f2653a98c92ec14e69e9df2f8422e71&page_url=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F&page_referrer=&object_type=provider&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&section=default&verb=call&adjective=1&forum_id=4801840

Requested by

Host: www.scamfoo.com
URL: https://www.scamfoo.com/site/mybridger.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 18:15:33 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H2 200 recommendations.10022a97346f1c6e3798931bbd8e4bb5.css
c.disquscdn.com/next/recommendations/styles/ 0
3 KB 53ms
51ms Other
text/css 2600:9000:223d:5200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/styles/recommendations.10022a97346f1c6e3798931bbd8e4bb5.css

Requested by

Host: scamfoo.disqus.com
URL: https://scamfoo.disqus.com/recommendations.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:5200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-cache-hits: 0
date: Sun, 11 Sep 2022 02:38:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 14225825
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 2978
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Tue, 30 Aug 2022 17:50:39 GMT
server: nginx
etag: "630e4def-ba2"
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: HZcZ0XdA69SxPqDtcp7xufEMQpzQAjXEy4zon3aHzhFnq0iOsq44gw==
expires: Mon, 11 Sep 2023 02:38:28 GMT

GET
H2 200 common.bundle.ee9c33b24a56672a5987fadb46fbba34.js
c.disquscdn.com/next/recommendations/ 0
87 KB 54ms
53ms Other
application/javascript 2600:9000:223d:5200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/common.bundle.ee9c33b24a56672a5987fadb46fbba34.js

Requested by

Host: scamfoo.disqus.com
URL: https://scamfoo.disqus.com/recommendations.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:5200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 20 Dec 2022 22:44:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 5513478
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 88876
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Tue, 20 Dec 2022 22:36:25 GMT
server: nginx
etag: "63a238e9-15b2c"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: CQVdlaaKb27bJckK5seAQpbx5WR7Z-vpOB-Y6YuOjGVM9rFcDfrL0w==
expires: Wed, 20 Dec 2023 22:44:15 GMT

GET
H2 200 recommendations.bundle.bb3216316047d5c61d9dafa6240fbf39.js
c.disquscdn.com/next/recommendations/ 0
20 KB 64ms
63ms Other
application/javascript 2600:9000:223d:5200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/recommendations.bundle.bb3216316047d5c61d9dafa6240fbf39.js

Requested by

Host: scamfoo.disqus.com
URL: https://scamfoo.disqus.com/recommendations.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:5200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-cache-hits: 0
date: Wed, 08 Feb 2023 19:37:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 1204656
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 20326
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Wed, 08 Feb 2023 19:27:34 GMT
server: nginx
etag: "63e3f7a6-4f66"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: fv6C6khHg1iCsztPxdswGbrZZQfmw4nLtdWkJo78Vxc76N92wsHynA==
expires: Thu, 08 Feb 2024 19:37:57 GMT

GET
H/1.1 200
OK / Show response
disqus.com/recommendations/ Frame 0C71 5 KB
3 KB 123ms
123ms Document
text/html 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/recommendations/?base=default&f=scamfoo&t_u=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F&t_d=Is%20Mybridger.com%20Scam%2C%20Fraudulent%20or%20Safe%3F%20%7C%20ScamFoo&t_t=Is%20Mybridger.com%20Scam%2C%20Fraudulent%20or%20Safe%3F%20%7C%20ScamFoo

Requested by

Host: scamfoo.disqus.com
URL: https://scamfoo.disqus.com/recommendations.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

d6c5638126aaa7c26ba08402d6ed6ca8c1b9beb2a9ccaab04d81d6905aaa4ac1

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.scamfoo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Age: 0
Cache-Control: stale-while-revalidate=30, no-cache, must-revalidate, stale-if-error=3600, public
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 2269
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Content-Type: text/html; charset=utf-8
Cross-Origin-Resource-Policy: cross-origin
Date: Wed, 22 Feb 2023 18:15:33 GMT
Last-Modified: Sun, 11 Dec 2022 22:33:43 GMT
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Server: nginx
Strict-Transport-Security: max-age=300; includeSubdomains
Timing-Allow-Origin: *
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"

GET
H2 200 lounge.load.9f2653a98c92ec14e69e9df2f8422e71.js Show response
c.disquscdn.com/next/embed/ Frame 7948 958 B
1 KB 73ms
24ms Script
application/javascript 2600:9000:223d:5200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.load.9f2653a98c92ec14e69e9df2f8422e71.js

Requested by

Host: disqus.com
URL: https://disqus.com/embed/comments/?base=default&f=scamfoo&t_i=126513&t_u=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F&t_d=Is%20Mybridger.com%20Scam%2C%20Fraudulent%20or%20Safe%3F%20%7C%20ScamFoo&t_t=Is%20Mybridger.com%20Scam%2C%20Fraudulent%20or%20Safe%3F%20%7C%20ScamFoo&s_o=default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:5200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

1687b46329e28a6afe7bad32f34e753b276dd268e0679784b4da7fb8e00e465c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=scamfoo&t_i=126513&t_u=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F&t_d=Is%20Mybridger.com%20Scam%2C%20Fraudulent%20or%20Safe%3F%20%7C%20ScamFoo&t_t=Is%20Mybridger.com%20Scam%2C%20Fraudulent%20or%20Safe%3F%20%7C%20ScamFoo&s_o=default
Origin: https://disqus.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 21 Feb 2023 20:11:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 6851af5c4f6d355fa4ec39cc8cc0c358.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 79428
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 494
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Tue, 21 Feb 2023 19:20:49 GMT
server: nginx
etag: "63f51991-1ee"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: CcBVHBBkHK4vQsAjxLvh6GS6ji8q57ovFCopZdY16QK0b66-5SwxSA==
expires: Wed, 21 Feb 2024 20:11:45 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 389 B
463 B 35ms
35ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.scamfoo.com&callback=_gfp_s_&client=ca-pub-2303590238526826

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2303590238526826&plah=www.scamfoo.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d0e475eda9027f07958a8382af45c961dc58976a79c5f9c10100664f621a604

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 251
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
531 B 180ms
62ms Script
application/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=www.scamfoo.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 97ms
35ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.scamfoo.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 61ms
60ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=cookiebanner&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: www.scamfoo.com
URL: https://www.scamfoo.com/site/mybridger.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 18:15:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7121 432 KB
82 KB 667ms
666ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2303590238526826&output=html&adk=1812271804&adf=3025194257&lmt=1677089733&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x945_l%7C260x945_r&format=0x0&url=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677089733192&bpp=6&bdt=518&idt=284&shv=r20230216&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8232058220225&frm=20&pv=2&ga_vid=880433619.1677089733&ga_sid=1677089734&ga_hid=1012116864&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44777877%2C44759837%2C31072348%2C44779794&oid=2&pvsid=271215218793982&tmod=480944890&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=313

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42722376a093d3ef5fb37a24f4c916fedb38b9a4fa35ff666aeb495bbdb11da8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scamfoo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 83570
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Feb 2023 18:15:34 GMT
expires: Wed, 22 Feb 2023 18:15:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2344 23 KB
10 KB 538ms
537ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2303590238526826&output=html&h=280&slotname=1433402308&adk=207406793&adf=289864595&pi=t.ma~as.1433402308&w=728&fwrn=4&fwrnh=100&lmt=1677089733&rafmt=1&format=728x280&url=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677089733198&bpp=2&bdt=524&idt=314&shv=r20230216&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8232058220225&frm=20&pv=1&ga_vid=880433619.1677089733&ga_sid=1677089734&ga_hid=1012116864&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=708&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44777877%2C44759837%2C31072348%2C44779794&oid=2&pvsid=271215218793982&tmod=480944890&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=Mo%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Cd4HZvSP4v&p=https%3A//www.scamfoo.com&dtd=320

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0b11f2524bff6600e0a13ab09b28ae090f3fb5d730452b38702ee873f6e326aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scamfoo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 9925
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Feb 2023 18:15:34 GMT
expires: Wed, 22 Feb 2023 18:15:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/disqus-network/ Frame 9D4A 732 KB
165 KB 92ms
22ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/disqus-network/loader.js
Requested by: Host: www.scamfoo.com
URL: https://www.scamfoo.com/site/mybridger.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3f3ded0be4eadf1c18601ad8bd6e7228755a871604f3c97ad01e4236e8a1c810

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: jIFiB0ZYlBftdY4uNJPn3g_CkYIIPpBQ
content-encoding: gzip
via: 1.1 varnish
date: Wed, 22 Feb 2023 18:15:33 GMT
x-amz-request-id: YF1PPCCKV8DDEJGD
age: 2766
x-amz-server-side-encryption: AES256
x-cache: HIT
x-from-cache: 1
x-envoy-upstream-service-time: 9
x-amz-replication-status: FAILED
content-length: 168505
x-amz-id-2: g44/jtWfP6pTAAr621lX634LcporTWwpuiq+F8Lo1D85aNiuzMWsiiZVr64H1qF5+4Uo3fJ/JKM=
x-served-by: cache-cdg20773-CDG
last-modified: Wed, 22 Feb 2023 17:24:21 UTC
server: nginx
x-timer: S1677089734.605932,VS0,VE1
etag: "702263a20485993a674d5ac87a8f745c96f63a7e"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
abp: 31
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/disqus-network/ Frame E552 732 KB
165 KB 87ms
22ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/disqus-network/loader.js
Requested by: Host: www.scamfoo.com
URL: https://www.scamfoo.com/site/mybridger.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3f3ded0be4eadf1c18601ad8bd6e7228755a871604f3c97ad01e4236e8a1c810

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: jIFiB0ZYlBftdY4uNJPn3g_CkYIIPpBQ
content-encoding: gzip
via: 1.1 varnish
date: Wed, 22 Feb 2023 18:15:33 GMT
x-amz-request-id: YF1PPCCKV8DDEJGD
age: 2766
x-amz-server-side-encryption: AES256
x-cache: HIT
x-from-cache: 1
x-envoy-upstream-service-time: 9
x-amz-replication-status: FAILED
content-length: 168505
x-amz-id-2: g44/jtWfP6pTAAr621lX634LcporTWwpuiq+F8Lo1D85aNiuzMWsiiZVr64H1qF5+4Uo3fJ/JKM=
x-served-by: cache-cdg20773-CDG
last-modified: Wed, 22 Feb 2023 17:24:21 UTC
server: nginx
x-timer: S1677089734.606327,VS0,VE1
etag: "702263a20485993a674d5ac87a8f745c96f63a7e"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
abp: 31
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B528 23 KB
10 KB 312ms
310ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2303590238526826&output=html&h=280&slotname=1433402308&adk=207406793&adf=1071414349&pi=t.ma~as.1433402308&w=728&fwrn=4&fwrnh=100&lmt=1677089733&rafmt=1&format=728x280&url=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677089733200&bpp=1&bdt=526&idt=335&shv=r20230216&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=1&correlator=8232058220225&frm=20&pv=1&ga_vid=880433619.1677089733&ga_sid=1677089734&ga_hid=1012116864&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=2339&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44777877%2C44759837%2C31072348%2C44779794&oid=2&pvsid=271215218793982&tmod=480944890&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=Mo%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=KJRCufyNED&p=https%3A//www.scamfoo.com&dtd=338

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3b4ae1af8c061814499a518052fa346dab187f9475abbd595aeb719aed383375

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scamfoo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 9962
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Feb 2023 18:15:33 GMT
expires: Wed, 22 Feb 2023 18:15:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7230 23 KB
10 KB 298ms
297ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2303590238526826&output=html&h=280&slotname=1433402308&adk=207406793&adf=2620106563&pi=t.ma~as.1433402308&w=728&fwrn=4&fwrnh=100&lmt=1677089733&rafmt=1&format=728x280&url=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677089733201&bpp=1&bdt=527&idt=343&shv=r20230216&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C728x280&nras=1&correlator=8232058220225&frm=20&pv=1&ga_vid=880433619.1677089733&ga_sid=1677089734&ga_hid=1012116864&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=3790&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44777877%2C44759837%2C31072348%2C44779794&oid=2&pvsid=271215218793982&tmod=480944890&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=Mo%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=pvoMnEiiY8&p=https%3A//www.scamfoo.com&dtd=346

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0ae8e8f5f5bca0f3a97bc4d1f7e7aef096e1b1170a2e335d98debfe8aa9e8ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scamfoo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 9933
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Feb 2023 18:15:33 GMT
expires: Wed, 22 Feb 2023 18:15:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 common.bundle.4ba4d839a8c58443b0a3c9c44262d3b7.js Show response
c.disquscdn.com/next/embed/ Frame 7948 280 KB
93 KB 25ms
24ms Script
application/javascript 2600:9000:223d:5200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.4ba4d839a8c58443b0a3c9c44262d3b7.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.load.9f2653a98c92ec14e69e9df2f8422e71.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:5200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9c72aa9048dc4cb5f976e7b1a5be738cdc5429f35291261fab0036d077afaa51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=scamfoo&t_i=126513&t_u=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F&t_d=Is%20Mybridger.com%20Scam%2C%20Fraudulent%20or%20Safe%3F%20%7C%20ScamFoo&t_t=Is%20Mybridger.com%20Scam%2C%20Fraudulent%20or%20Safe%3F%20%7C%20ScamFoo&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-cache-hits: 0
date: Wed, 18 Jan 2023 17:45:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 3025798
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 94186
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Wed, 18 Jan 2023 17:40:51 GMT
server: nginx
etag: "63c82f23-16fea"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: kKnXlObCYUwakcWRiRnE6DnNq1ucixj2f6eWV2W3RG6QGwMAMDEjTQ==
expires: Thu, 18 Jan 2024 17:45:34 GMT

GET
H2 200 recommendations.load.eae384b350ceffb6029a893a061f19bd.js Show response
c.disquscdn.com/next/recommendations/ Frame 0C71 923 B
1 KB 26ms
25ms Script
application/javascript 2600:9000:223d:5200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/recommendations.load.eae384b350ceffb6029a893a061f19bd.js

Requested by

Host: disqus.com
URL: https://disqus.com/recommendations/?base=default&f=scamfoo&t_u=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F&t_d=Is%20Mybridger.com%20Scam%2C%20Fraudulent%20or%20Safe%3F%20%7C%20ScamFoo&t_t=Is%20Mybridger.com%20Scam%2C%20Fraudulent%20or%20Safe%3F%20%7C%20ScamFoo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:5200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

b00752a14f31593e5642ea377b95698ca657c635e26674356aac76594d1863ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/
Origin: https://disqus.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-cache-hits: 0
date: Wed, 08 Feb 2023 19:37:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 6851af5c4f6d355fa4ec39cc8cc0c358.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 1204656
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 449
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Wed, 08 Feb 2023 19:27:34 GMT
server: nginx
etag: "63e3f7a6-1c1"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: UilpBTLHXQdADKl4HGpKIxx_pFYVvRXEmvtZ51jvH-OCu2r8YCNMSA==
expires: Thu, 08 Feb 2024 19:37:57 GMT

GET
H2 200 common.bundle.ee9c33b24a56672a5987fadb46fbba34.js Show response
c.disquscdn.com/next/recommendations/ Frame 0C71 262 KB
87 KB 25ms
24ms Script
application/javascript 2600:9000:223d:5200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/common.bundle.ee9c33b24a56672a5987fadb46fbba34.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/recommendations.load.eae384b350ceffb6029a893a061f19bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:5200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

b246d8ebe3eb6d7b265009bfd8f1aec3f1547302a9d18a227a9f4e7371eaf657

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 20 Dec 2022 22:44:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 5513478
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 88876
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Tue, 20 Dec 2022 22:36:25 GMT
server: nginx
etag: "63a238e9-15b2c"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: VPSJIX_jEwwhrKqLloC8LhfsyXHc6cfGrCzLW_DNUVafxTIR1JYbgA==
expires: Wed, 20 Dec 2023 22:44:15 GMT

GET
H2 200 lounge.2330dfe9833fc6fa82fa0ffee36e8c21.css
c.disquscdn.com/next/embed/styles/ Frame 7948 233 KB
33 KB 25ms
24ms Stylesheet
text/css 2600:9000:223d:5200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.2330dfe9833fc6fa82fa0ffee36e8c21.css

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.4ba4d839a8c58443b0a3c9c44262d3b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:5200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

98c5d085af0203422d443dce1c737ac861630fe6aada284508ca1db3558bde8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=scamfoo&t_i=126513&t_u=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F&t_d=Is%20Mybridger.com%20Scam%2C%20Fraudulent%20or%20Safe%3F%20%7C%20ScamFoo&t_t=Is%20Mybridger.com%20Scam%2C%20Fraudulent%20or%20Safe%3F%20%7C%20ScamFoo&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-cache-hits: 0
date: Wed, 15 Feb 2023 19:09:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 601540
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 33270
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Wed, 15 Feb 2023 18:40:44 GMT
server: nginx
etag: "63ed272c-81f6"
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: u-Bb_bH4cWXH-WpaBmIucK6N_wWa1DbO9jfkflcsz4lLUhze8hsH2Q==
expires: Thu, 15 Feb 2024 19:09:53 GMT

GET
H2 200 lounge.bundle.e73bf6551fb0e2f4df3fc3aacda15afa.js Show response
c.disquscdn.com/next/embed/ Frame 7948 507 KB
127 KB 26ms
26ms Script
application/javascript 2600:9000:223d:5200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.e73bf6551fb0e2f4df3fc3aacda15afa.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.4ba4d839a8c58443b0a3c9c44262d3b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:5200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

120ba29ed579b0cda11cfbd53dacb62bb36054b3325eac927ecfaa44c5cf60a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=scamfoo&t_i=126513&t_u=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F&t_d=Is%20Mybridger.com%20Scam%2C%20Fraudulent%20or%20Safe%3F%20%7C%20ScamFoo&t_t=Is%20Mybridger.com%20Scam%2C%20Fraudulent%20or%20Safe%3F%20%7C%20ScamFoo&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 21 Feb 2023 20:11:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 79429
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 129738
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Tue, 21 Feb 2023 19:20:50 GMT
server: nginx
etag: "63f51992-1faca"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: yQumRG-SwAGjYRigShrSpxiOqMcm2WD0xRlC66rxG6JIzx4D1BQTpw==
expires: Wed, 21 Feb 2024 20:11:44 GMT

GET
H/1.1 200
OK config.js Show response
disqus.com/next/ Frame 7948 17 KB
17 KB 21ms
21ms Script
application/javascript 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.4ba4d839a8c58443b0a3c9c44262d3b7.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

c11cb8a2559b0ede513d84f4c2436af3b10ba523fe5541351f036a95a4184d73

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=scamfoo&t_i=126513&t_u=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F&t_d=Is%20Mybridger.com%20Scam%2C%20Fraudulent%20or%20Safe%3F%20%7C%20ScamFoo&t_t=Is%20Mybridger.com%20Scam%2C%20Fraudulent%20or%20Safe%3F%20%7C%20ScamFoo&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 18:15:33 GMT
Strict-Transport-Security: max-age=300; includeSubdomains
X-Content-Type-Options: nosniff
Server: nginx
Age: 41
X-Frame-Options: SAMEORIGIN
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 17116
X-XSS-Protection: 1; mode=block

GET
H2 200 recommendations.10022a97346f1c6e3798931bbd8e4bb5.css
c.disquscdn.com/next/recommendations/styles/ Frame 0C71 14 KB
3 KB 27ms
27ms Stylesheet
text/css 2600:9000:223d:5200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/styles/recommendations.10022a97346f1c6e3798931bbd8e4bb5.css

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.ee9c33b24a56672a5987fadb46fbba34.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:5200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3eee15d11eb29b6f2258cabfeeca39b3b900a7cae96fc7919b27789f3470b9f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-cache-hits: 0
date: Sun, 11 Sep 2022 02:38:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 14225825
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 2978
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Tue, 30 Aug 2022 17:50:39 GMT
server: nginx
etag: "630e4def-ba2"
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: JHAzp-fBZbbMomdG2aJvwy6Xt6SORpFevlaVerU3moGbHh45NbtxuQ==
expires: Mon, 11 Sep 2023 02:38:28 GMT

GET
H2 200 recommendations.bundle.bb3216316047d5c61d9dafa6240fbf39.js Show response
c.disquscdn.com/next/recommendations/ Frame 0C71 65 KB
20 KB 26ms
25ms Script
application/javascript 2600:9000:223d:5200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/recommendations.bundle.bb3216316047d5c61d9dafa6240fbf39.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.ee9c33b24a56672a5987fadb46fbba34.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:5200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

5bd060c4d7413c66456b91af3b13d3a3823c90543d9ccebc7a94a892ecb36d27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-cache-hits: 0
date: Wed, 08 Feb 2023 19:37:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 1204656
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 20326
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Wed, 08 Feb 2023 19:27:34 GMT
server: nginx
etag: "63e3f7a6-4f66"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: jD-nW4uj-ZDNq9-1V121hWlMpLjhz-rrZkrD6IXOWaiC6L-lSIRofQ==
expires: Thu, 08 Feb 2024 19:37:57 GMT

GET
H/1.1 200
OK config.js Show response
disqus.com/next/ Frame 0C71 17 KB
17 KB 47ms
44ms Script
application/javascript 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.ee9c33b24a56672a5987fadb46fbba34.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

c11cb8a2559b0ede513d84f4c2436af3b10ba523fe5541351f036a95a4184d73

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://disqus.com/recommendations/?base=default&f=scamfoo&t_u=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F&t_d=Is%20Mybridger.com%20Scam%2C%20Fraudulent%20or%20Safe%3F%20%7C%20ScamFoo&t_t=Is%20Mybridger.com%20Scam%2C%20Fraudulent%20or%20Safe%3F%20%7C%20ScamFoo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 18:15:33 GMT
Strict-Transport-Security: max-age=300; includeSubdomains
X-Content-Type-Options: nosniff
Server: nginx
Age: 41
X-Frame-Options: SAMEORIGIN
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 17116
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK details Show response
disqus.com/api/3.0/forums/ Frame 7948 3 KB
3 KB 115ms
115ms XHR
application/json 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/forums/details?forum=scamfoo&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.4ba4d839a8c58443b0a3c9c44262d3b7.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

2b070b069a185e014ea48900d105c47a98153f775c4608091fefe739a12a5190

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://disqus.com/embed/comments/?base=default&f=scamfoo&t_i=126513&t_u=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F&t_d=Is%20Mybridger.com%20Scam%2C%20Fraudulent%20or%20Safe%3F%20%7C%20ScamFoo&t_t=Is%20Mybridger.com%20Scam%2C%20Fraudulent%20or%20Safe%3F%20%7C%20ScamFoo&s_o=default
X-Requested-With: XMLHttpRequest
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 18:15:33 GMT
Strict-Transport-Security: max-age=300; includeSubdomains
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Vary: Origin, Cookie
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Content-Type: application/json
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 2994
X-XSS-Protection: 1; mode=block

GET
H2 200 impl.20230221-21-RELEASE.js Show response
cdn.taboola.com/libtrc/ Frame 9D4A 733 KB
153 KB 20ms
20ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20230221-21-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 0272213218dd226e85dac4d4c04eac79e7791ad66f82e78078e8b7d9987c2944

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: 22mt3AVeHskeHmAo0qlDGqEzUrsvl15x
content-encoding: br
via: 1.1 varnish
date: Wed, 22 Feb 2023 18:15:33 GMT
x-amz-request-id: 30E8PM6P3FK592X8
age: 16923
x-cache: HIT
content-length: 156086
x-amz-id-2: B6J323X0IW2PC0ODeH9xkg2yctK80Xkif3stS2fveye5qbCOJEW3b1a9kCuE+Fd9gOWVHr5DHCA=
x-served-by: cache-cdg20773-CDG
last-modified: Tue, 21 Feb 2023 13:30:18 GMT
server: AmazonS3-br
x-timer: S1677089734.830675,VS0,VE0
etag: "49680c7d15e397aff886cb47d315c75c"
vary: Accept-Encoding
content-type: application/javascript
abp: 99
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 15887

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ Frame 9D4A 4 KB
2 KB 159ms
36ms Script
application/javascript 108.138.189.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.189.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-189-32.mxp64.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 06:47:16 GMT
content-encoding: gzip
via: 1.1 2c6b43ece241a6b4a6a59e19ffb626fe.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
server: AmazonS3
x-amz-cf-pop: MXP64-P1
age: 47022
x-amz-server-side-encryption: AES256
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: lrgboQKhLnp_HqZGoveSvxOP7SfSvnJigDUwX6Tvz6Tgo6q8WT9NCg==

GET
H2 200 impl.20230221-21-RELEASE.js Show response
cdn.taboola.com/libtrc/ Frame E552 733 KB
153 KB 33ms
32ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20230221-21-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 0272213218dd226e85dac4d4c04eac79e7791ad66f82e78078e8b7d9987c2944

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: 22mt3AVeHskeHmAo0qlDGqEzUrsvl15x
content-encoding: br
via: 1.1 varnish
date: Wed, 22 Feb 2023 18:15:33 GMT
x-amz-request-id: 30E8PM6P3FK592X8
age: 16923
x-cache: HIT
content-length: 156086
x-amz-id-2: B6J323X0IW2PC0ODeH9xkg2yctK80Xkif3stS2fveye5qbCOJEW3b1a9kCuE+Fd9gOWVHr5DHCA=
x-served-by: cache-cdg20773-CDG
last-modified: Tue, 21 Feb 2023 13:30:18 GMT
server: AmazonS3-br
x-timer: S1677089734.856416,VS0,VE0
etag: "49680c7d15e397aff886cb47d315c75c"
vary: Accept-Encoding
content-type: application/javascript
abp: 99
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 15888

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ Frame E552 4 KB
2 KB 148ms
37ms Script
application/javascript 108.138.189.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.189.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-189-32.mxp64.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 06:47:16 GMT
content-encoding: gzip
via: 1.1 2c6b43ece241a6b4a6a59e19ffb626fe.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
server: AmazonS3
x-amz-cf-pop: MXP64-P1
age: 47022
x-amz-server-side-encryption: AES256
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: QbIEvYn1MQ8wN3d7-SDI_cu6x_Xs8e6HBKcWifStHoK6P2CgpSqH3Q==

GET
H/1.1 200
OK details Show response
disqus.com/api/3.0/forums/ Frame 0C71 3 KB
3 KB 22ms
22ms XHR
application/json 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/forums/details?forum=scamfoo&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.ee9c33b24a56672a5987fadb46fbba34.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

2b070b069a185e014ea48900d105c47a98153f775c4608091fefe739a12a5190

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://disqus.com/recommendations/?base=default&f=scamfoo&t_u=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F&t_d=Is%20Mybridger.com%20Scam%2C%20Fraudulent%20or%20Safe%3F%20%7C%20ScamFoo&t_t=Is%20Mybridger.com%20Scam%2C%20Fraudulent%20or%20Safe%3F%20%7C%20ScamFoo
X-Requested-With: XMLHttpRequest
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 18:15:33 GMT
Strict-Transport-Security: max-age=300; includeSubdomains
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Vary: Origin, Cookie
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Content-Type: application/json
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 2994
X-XSS-Protection: 1; mode=block

GET
H2 200 css2
fonts.googleapis.com/ Frame 7948 11 KB
936 B 62ms
61ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

29cf63b3a3f220aa82357afebcfda1a2499327ce2429680ab58af2a87ed19f23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=scamfoo&t_i=126513&t_u=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F&t_d=Is%20Mybridger.com%20Scam%2C%20Fraudulent%20or%20Safe%3F%20%7C%20ScamFoo&t_t=Is%20Mybridger.com%20Scam%2C%20Fraudulent%20or%20Safe%3F%20%7C%20ScamFoo&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 22 Feb 2023 18:15:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 22 Feb 2023 17:32:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Feb 2023 18:15:33 GMT

GET
DATA 200
OK truncated
/ Frame 7948 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230216/r20110914/client/ Frame 7230 3 KB
1 KB 98ms
34ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230216/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2303590238526826&output=html&h=280&slotname=1433402308&adk=207406793&adf=2620106563&pi=t.ma~as.1433402308&w=728&fwrn=4&fwrnh=100&lmt=1677089733&rafmt=1&format=728x280&url=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677089733201&bpp=1&bdt=527&idt=343&shv=r20230216&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C728x280&nras=1&correlator=8232058220225&frm=20&pv=1&ga_vid=880433619.1677089733&ga_sid=1677089734&ga_hid=1012116864&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=3790&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44777877%2C44759837%2C31072348%2C44779794&oid=2&pvsid=271215218793982&tmod=480944890&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=Mo%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=pvoMnEiiY8&p=https%3A//www.scamfoo.com&dtd=346

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 12:22:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21183
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Mar 2023 12:22:31 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230216/r20110914/client/ Frame 7230 20 KB
8 KB 90ms
26ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230216/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 12:22:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21183
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Mar 2023 12:22:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7230 157 KB
48 KB 102ms
39ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6908a17080533cc597c4b17bd876ce02ba3c2aeaec4bb9763571dd31b98162c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49018
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1676996822105882"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 22 Feb 2023 18:15:34 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230216/r20110914/client/ Frame B528 3 KB
1 KB 88ms
33ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230216/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2303590238526826&output=html&h=280&slotname=1433402308&adk=207406793&adf=1071414349&pi=t.ma~as.1433402308&w=728&fwrn=4&fwrnh=100&lmt=1677089733&rafmt=1&format=728x280&url=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677089733200&bpp=1&bdt=526&idt=335&shv=r20230216&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=1&correlator=8232058220225&frm=20&pv=1&ga_vid=880433619.1677089733&ga_sid=1677089734&ga_hid=1012116864&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=2339&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44777877%2C44759837%2C31072348%2C44779794&oid=2&pvsid=271215218793982&tmod=480944890&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=Mo%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=KJRCufyNED&p=https%3A//www.scamfoo.com&dtd=338

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 12:22:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21183
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Mar 2023 12:22:31 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230216/r20110914/client/ Frame B528 20 KB
8 KB 84ms
29ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230216/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2303590238526826&output=html&h=280&slotname=1433402308&adk=207406793&adf=1071414349&pi=t.ma~as.1433402308&w=728&fwrn=4&fwrnh=100&lmt=1677089733&rafmt=1&format=728x280&url=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677089733200&bpp=1&bdt=526&idt=335&shv=r20230216&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=1&correlator=8232058220225&frm=20&pv=1&ga_vid=880433619.1677089733&ga_sid=1677089734&ga_hid=1012116864&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=2339&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44777877%2C44759837%2C31072348%2C44779794&oid=2&pvsid=271215218793982&tmod=480944890&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=Mo%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=KJRCufyNED&p=https%3A//www.scamfoo.com&dtd=338

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 12:22:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21183
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Mar 2023 12:22:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B528 157 KB
48 KB 129ms
74ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2303590238526826&output=html&h=280&slotname=1433402308&adk=207406793&adf=1071414349&pi=t.ma~as.1433402308&w=728&fwrn=4&fwrnh=100&lmt=1677089733&rafmt=1&format=728x280&url=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677089733200&bpp=1&bdt=526&idt=335&shv=r20230216&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=1&correlator=8232058220225&frm=20&pv=1&ga_vid=880433619.1677089733&ga_sid=1677089734&ga_hid=1012116864&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=2339&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44777877%2C44759837%2C31072348%2C44779794&oid=2&pvsid=271215218793982&tmod=480944890&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=Mo%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=KJRCufyNED&p=https%3A//www.scamfoo.com&dtd=338

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6908a17080533cc597c4b17bd876ce02ba3c2aeaec4bb9763571dd31b98162c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49018
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1676996822105882"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 22 Feb 2023 18:15:34 GMT

GET
H2 200 svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame 7948 13 KB
13 KB 28ms
28ms Image
image/svg+xml 2600:9000:223d:5200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.2330dfe9833fc6fa82fa0ffee36e8c21.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:5200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.2330dfe9833fc6fa82fa0ffee36e8c21.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 28 Apr 2022 14:37:41 GMT
via: 1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P3
age: 25933072
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 13079
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Tue, 26 Apr 2022 19:12:12 GMT
server: nginx
etag: "6268440c-3317"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: DdO7HMn75KV62mX5A9H-O9jzMwrJZuV940CQxPj26xI9HP6nGvJSOw==
expires: Fri, 28 Apr 2023 14:37:41 GMT

GET
H2 200 loader.ba7c86e8b4b6135bb668d05223f8f127.gif
c.disquscdn.com/next/embed/assets/img/ Frame 7948 3 KB
3 KB 29ms
28ms Image
image/gif 2600:9000:223d:5200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/loader.ba7c86e8b4b6135bb668d05223f8f127.gif

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.2330dfe9833fc6fa82fa0ffee36e8c21.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:5200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.2330dfe9833fc6fa82fa0ffee36e8c21.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 12 Jan 2023 03:03:01 GMT
via: 1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P3
age: 3597152
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 2971
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Fri, 06 Jan 2023 19:06:43 GMT
server: nginx
etag: "63b87143-b9b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: DG14UijCbWakAKtPshz8f_M9300nFGvEWfGq6FDKR8aVUwssx7azIg==
expires: Fri, 12 Jan 2024 03:03:01 GMT

GET
H2 200 email.727e30eb9b6c1e85cb010b9c8eb04c7e.svg
c.disquscdn.com/next/embed/assets/img/ Frame 7948 840 B
1 KB 30ms
28ms Image
image/svg+xml 2600:9000:223d:5200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/email.727e30eb9b6c1e85cb010b9c8eb04c7e.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.2330dfe9833fc6fa82fa0ffee36e8c21.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:5200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

0589c5845288117448d7aa710af60618b151d78efd1a2653f89a0b57f7eb3de8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.2330dfe9833fc6fa82fa0ffee36e8c21.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-cache-hits: 0
date: Mon, 14 Nov 2022 05:36:22 GMT
via: 1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P3
age: 8685551
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 840
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Fri, 11 Nov 2022 07:03:00 GMT
server: nginx
etag: "636df3a4-348"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: bmB_JMQjg3MJYFN5SuO1h_9oJmY3jk7KLvCZnAqZ1mKG0XWv4E8gxA==
expires: Tue, 14 Nov 2023 05:36:22 GMT

GET
H2 200 privacy.8c96be6b50de1c3fab838c5f050e0be5.svg
c.disquscdn.com/next/embed/assets/img/ Frame 7948 891 B
1 KB 30ms
29ms Image
image/svg+xml 2600:9000:223d:5200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/privacy.8c96be6b50de1c3fab838c5f050e0be5.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.2330dfe9833fc6fa82fa0ffee36e8c21.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:5200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

068753b8f09b32ad8a3283199c7252090d0076a56924df724dda72828ae31b95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.2330dfe9833fc6fa82fa0ffee36e8c21.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-cache-hits: 0
date: Sat, 12 Nov 2022 02:28:02 GMT
via: 1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P3
age: 8869651
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 891
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Fri, 11 Nov 2022 07:03:00 GMT
server: nginx
etag: "636df3a4-37b"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: bf2MxLvV2qtnUhxuwv_pq9ekDNoMXSAORgIGy3q6JeghYpmE-T-zNg==
expires: Sun, 12 Nov 2023 02:28:02 GMT

GET
H2 200 warning.3bc0b4bff6c268a4ceaf404014b9be42.svg
c.disquscdn.com/next/embed/assets/img/ Frame 7948 605 B
1 KB 31ms
30ms Image
image/svg+xml 2600:9000:223d:5200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/warning.3bc0b4bff6c268a4ceaf404014b9be42.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.2330dfe9833fc6fa82fa0ffee36e8c21.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:5200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

a657bedd3bc0c106f7cfa5fe6556a0b7e175870d33bd7da9ef67ffcffbafda69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.2330dfe9833fc6fa82fa0ffee36e8c21.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-cache-hits: 0
date: Sun, 04 Dec 2022 10:05:42 GMT
via: 1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P3
age: 6941391
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 605
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Thu, 01 Dec 2022 19:00:29 GMT
server: nginx
etag: "6388f9cd-25d"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: tEg4yHiCRZXL8LXQscDiCietUVqwIl0yS40iaLJD6tBc-a_LMxzTPw==
expires: Mon, 04 Dec 2023 10:05:42 GMT

GET
H2 200 sprite.ad630a07080a45451f139a7487853ff8.png
c.disquscdn.com/next/embed/assets/img/ Frame 7948 2 KB
2 KB 31ms
30ms Image
image/png 2600:9000:223d:5200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/sprite.ad630a07080a45451f139a7487853ff8.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.2330dfe9833fc6fa82fa0ffee36e8c21.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:5200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.2330dfe9833fc6fa82fa0ffee36e8c21.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 20 Sep 2022 11:48:31 GMT
via: 1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P3
age: 13415222
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 1763
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Fri, 16 Sep 2022 08:34:41 GMT
server: nginx
etag: "63243521-6e3"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: d1xJO-tlBrYkS6Vm83nMlmqjzofVyLZJ6QO-uz0OtqUAZ1EOZEqc9A==
expires: Wed, 20 Sep 2023 11:48:31 GMT

GET
H2 200 icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
c.disquscdn.com/next/embed/assets/font/ Frame 7948 8 KB
8 KB 26ms
26ms Font
application/octet-stream 2600:9000:223d:5200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.2330dfe9833fc6fa82fa0ffee36e8c21.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:5200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.2330dfe9833fc6fa82fa0ffee36e8c21.css
Origin: https://disqus.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-cache-hits: 0
date: Sun, 28 Aug 2022 00:45:29 GMT
via: 1.1 6851af5c4f6d355fa4ec39cc8cc0c358.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P3
age: 15442204
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 7900
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Fri, 26 Aug 2022 22:07:42 GMT
server: nginx
etag: "6309442e-1edc"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: KjS-A3AGWNQarG4iGtAxpd52ZbeTcaomL5qnQ64wEisXQ9FGl1ReiQ==
expires: Mon, 28 Aug 2023 00:45:29 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7230 0
0 144ms
144ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cu6nExVv2Y4zhI83G1fAP4uGnoArJntKxXL3xlPdwwI23ARABIABg-wGCARdjYS1wdWItMjMwMzU5MDIzODUyNjgyNsgBCakCxWIdQTnesT6oAwGqBNgBT9Cn_Obm5bDEID_OH20QyWUI7w5nvP8yopRfZXAfuRSX4d3hKTCKUHEdrg3ZR9e65E7jtkVKz8z-t5qfnMMqtZ-PUAFI6iCwcu78R3bouuoMTTUPOzaDl_7jvoRfjaDTcJ7nB2NTF3vptO3dvp5d-HRgNGi-20ovTwhCX7VK3C1koAa2fpq_k7jsU_l0IGvFqYQzjuvbBvRo4AqjRxG5irEMQv601csibhxiBffn3ZT5GU-4UAJZb6PEsaDJw0SDqE_DwGY_HbbK5TPzrUOSZHRBL1eVrU1_gAb-wcKCuN-mjagBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0yMzAzNTkwMjM4NTI2ODI2GAA&sigh=j1eYR8WxjIE&uach_m=[UACH]&cid=CAQSGwDUE5ym-vdImdlCYx42OYTD1lME1c3qK9uoxBgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2303590238526826&output=html&h=280&slotname=1433402308&adk=207406793&adf=2620106563&pi=t.ma~as.1433402308&w=728&fwrn=4&fwrnh=100&lmt=1677089733&rafmt=1&format=728x280&url=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677089733201&bpp=1&bdt=527&idt=343&shv=r20230216&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C728x280&nras=1&correlator=8232058220225&frm=20&pv=1&ga_vid=880433619.1677089733&ga_sid=1677089734&ga_hid=1012116864&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=3790&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44777877%2C44759837%2C31072348%2C44779794&oid=2&pvsid=271215218793982&tmod=480944890&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=Mo%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=pvoMnEiiY8&p=https%3A//www.scamfoo.com&dtd=346
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 22 Feb 2023 18:15:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 22 Feb 2023 18:15:34 GMT

GET
H2 204 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 7230 0
0 152ms
78ms Fetch 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kqe_EMD6RNgFmAKdg2ICAgAAAKzcx4olFU1Y4K2o3xDEW_Zj-0r9D7VGRc9iPAAAEgAACg5BUVVCQVFZQkFRRUJBUQ&wp=Y_ZbxQAI8IwIFWNNAAnw4ruSF5zdO9WoqLZkag

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 2C38 155 KB
49 KB 272ms
120ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_ZbxQAI8IwIFWNNAAnw4ruSF5zdO9WoqLZkag&u=%7CVmn2Rt7oCW1O%2BkoIFcFnlGHduR38db6%2BEku6yTWr1Qo%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8R0XTFg4n334JzDG0QxBnFq9TvfAZh2JF1Lf6idO3NjDE4el-hrBSYKDO-TBm-TWVPJQlv7FpMyij_dVDv1x90Za5hlfiIyiF5_Stq2bO-2TD5x8cLgiUhxlVdmcpSuIsFJJfrOTdq4FZSJqomQq1J5tx-JIOvRTgDSFKgEavoVTVFBqTs_aAT4R3l_7SHsn5lZ0m6ONhjxXjAoMwIK11fKbEWeNkxNjxasQVn0Y-ewum2r3Ppc3P_HKlF1R8OxD89g0chBD3QoyOKumkAyyhgB30-g7f6A804Azw5pkFP6PIWeTBiDvBVtbPdSbl0_R1l6d7FlS-sn5K-5x-8mbOOThg6F8sg7qBiV49fLtdV5GOIXdfGuiEnYyCB6YWh0Jw0x9O9J2U2kyTpOzk1LD7cLMQO0mA-z8_8KyX3OCGt56a5yPyO17Ok8bz77vnm3M1Eb_GHrY2FEEVHYmAlT2nHpdyNCz6_RXFXnY9dM4czWtsKtbtteOlPLCdHwQrc6FNs45-24GUcnE0vwd1-yW1Y13hBch80azhr44patO-fKBalZLN9xeui3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8KX4xVv2Y4zhI83G1fAP4uGnoArJntKxXL3xlPdwwI23ARABIABg-wGCARdjYS1wdWItMjMwMzU5MDIzODUyNjgyNsgBCakCxWIdQTnesT6oAwGqBNsBT9Cn_Obm5bDEID_OH20QyWUI7w5nvP8yopRfZXAfuRSX4d3hKTCKUHEdrg3ZR9e65E7jtkVKz8z-t5qfnMMqtZ-PUAFI6iCwcu78R3bouuoMTTUPOzaDl_7jvoRfjaDTcJ7nB2NTF3vptO3dvp5d-HRgNGi-20ovTwhCX7VK3C1koAa2fpq_k7jsU_l0IGvFqYQzjuvbBvRo4AqjRxG5irEMQv601csibhxiBffn3ZT5GQ26cZDe4D_XDjzdYJS-DrfK1GyJF5jSZ4c7kOVg22ptN9I_KV7Art_igAb-wcKCuN-mjagBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0j7GoNgQjbobzh_-Nq-SIHl6PPnQ%26client%3Dca-pub-2303590238526826%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

8d32c8534ae07d063358a78a03ca24428a1a5cbcefdcab779ffb2f46cac5ac7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 22 Feb 2023 18:15:33 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=MeRoN4Yd5qQbxLG0UdlOVKpSKFHOERTQpc1MietguK3eZ-pIMsIbxGn9EGGoqwQIs2Av80q6zHeUhYAh6zhejbNYJMPH-VZdAl8mYac59zOFd3dEqC-bff9e0tbteL17InRQpMRLa6BGHYsZktYBMfcBQcJW2_crjoR3ULiVqHEafWtNCsJtC_i1y0zO1C9gYGpLjfa1DjKRCFpLbYOhTblEypnBEpumQPkwlO8iZ-YNA1HASaKt73pzmss"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 61191569
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B528 0
0 138ms
137ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CRQEUxVv2Y9jrI-KA1fAPh8mcuAXJntKxXIX-l_dwwI23ARABIABg-wGCARdjYS1wdWItMjMwMzU5MDIzODUyNjgyNsgBCakCda6mCKjXsT6oAwGqBNgBT9CCN8ozHyasX9p4KCMU3BqM4P1j1_M7hswXnaRt5T3Yojf6alV4yFxppHMpUJ6V4QMAdgYtAkLtHZaq54SkqwDhXBbNP8Y8_z4ERjjnjR3XBeTDH9k_EhA6GxPYay5VzZV_peW0Cu_dXjnPWlbHPprxDQXGgL1KOmJu3QNXxf4bB8q2iPscmvKBvH92VEkSmQfUhm-2fdgGQC5XtfyHroFPEtkIYG-Z5QVJTTVliHWJynvZTwOJvizBM6EECiNN58p6rh0hvRltrPHBg_9SiRR93EFePon9gAb-wcKCuN-mjagBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0yMzAzNTkwMjM4NTI2ODI2GAA&sigh=EHTjt0RjgtQ&uach_m=[UACH]&cid=CAQSGwDUE5ymf-GkpuKfRiK5P334cEwG6_Xz-NcPHRgB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2303590238526826&output=html&h=280&slotname=1433402308&adk=207406793&adf=1071414349&pi=t.ma~as.1433402308&w=728&fwrn=4&fwrnh=100&lmt=1677089733&rafmt=1&format=728x280&url=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677089733200&bpp=1&bdt=526&idt=335&shv=r20230216&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=1&correlator=8232058220225&frm=20&pv=1&ga_vid=880433619.1677089733&ga_sid=1677089734&ga_hid=1012116864&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=2339&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44777877%2C44759837%2C31072348%2C44779794&oid=2&pvsid=271215218793982&tmod=480944890&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=Mo%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=KJRCufyNED&p=https%3A//www.scamfoo.com&dtd=338

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2303590238526826&output=html&h=280&slotname=1433402308&adk=207406793&adf=1071414349&pi=t.ma~as.1433402308&w=728&fwrn=4&fwrnh=100&lmt=1677089733&rafmt=1&format=728x280&url=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677089733200&bpp=1&bdt=526&idt=335&shv=r20230216&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=1&correlator=8232058220225&frm=20&pv=1&ga_vid=880433619.1677089733&ga_sid=1677089734&ga_hid=1012116864&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=2339&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44777877%2C44759837%2C31072348%2C44779794&oid=2&pvsid=271215218793982&tmod=480944890&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=Mo%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=KJRCufyNED&p=https%3A//www.scamfoo.com&dtd=338
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 22 Feb 2023 18:15:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 22 Feb 2023 18:15:34 GMT

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame B528 0
0 278ms
22ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kqe_EMD6RNgFmAKdg2ICAgAAAKzcx4olFU1Y4K2o3xDFW_ZjqHVxyp9iZzN7_gAAEgAACg5BUVVCQlFZREJRRUJCUQ&wp=Y_ZbxQAI9dgIFUBiAAckh5JmRzHbJkX1XKwhYQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2303590238526826&output=html&h=280&slotname=1433402308&adk=207406793&adf=1071414349&pi=t.ma~as.1433402308&w=728&fwrn=4&fwrnh=100&lmt=1677089733&rafmt=1&format=728x280&url=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677089733200&bpp=1&bdt=526&idt=335&shv=r20230216&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=1&correlator=8232058220225&frm=20&pv=1&ga_vid=880433619.1677089733&ga_sid=1677089734&ga_hid=1012116864&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=2339&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44777877%2C44759837%2C31072348%2C44779794&oid=2&pvsid=271215218793982&tmod=480944890&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=Mo%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=KJRCufyNED&p=https%3A//www.scamfoo.com&dtd=338

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:33 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 261125
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 8B4A 160 KB
50 KB 312ms
169ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_ZbxQAI9dgIFUBiAAckh5JmRzHbJkX1XKwhYQ&u=%7CVmn2Rt7oCW1DvJxlNXgEU1uYlq5mZG8zROTAa%2BDRfo8%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8R0XTFg4n334JzDG0QxBnFq9TvfAZh2JF1Lf6idO3NjDJ2YjBJsR_QXoovszDeOkdBVSyXNKBQv_l3Wj924zlZkCmQoPwAVK--4USbOQEtYWOc969fAW-HcU6weC0PWh7x4UGOL9D-xzB28op5UoBmuE6H-LRyTWYK7fTeadkmrkduuL_FFY7lRSajiJvZ4ZZO82EPElnZCr9Q2tcBizlWbljqBWtukIoXIXWbpFj4uYsLSC5cj47PMuiXgrWvmYqzeHVql9StpI4MfTuSGtqXpJCOMvvMxiUn6E43O2yNcyuXGI0yTXYaRz47Ahe36jngTcDCA_Kzk7xT0hFNywy9WRO0auQKIkdbaUOhUBjCHq17NdeC9YOniGgWYf1ZiaS0ab_uE3XH2piThgr3x1wQZQJvWH71TyJm3km29GeD--LRVMOoahfKElT8b5rIkUZQLTXEnynLFYux01MrMrRAeC1Px1UC6fJTx2lweYjHAj63YHOwj9k843TujrNIzDHU9Ddjx-UY7N5zg-QiycnjfKqSPAYa8Tx9axuaqeb8xNBIVxqZVP0mg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC70NkxVv2Y9jrI-KA1fAPh8mcuAXJntKxXIX-l_dwwI23ARABIABg-wGCARdjYS1wdWItMjMwMzU5MDIzODUyNjgyNsgBCakCda6mCKjXsT6oAwGqBNsBT9CCN8ozHyasX9p4KCMU3BqM4P1j1_M7hswXnaRt5T3Yojf6alV4yFxppHMpUJ6V4QMAdgYtAkLtHZaq54SkqwDhXBbNP8Y8_z4ERjjnjR3XBeTDH9k_EhA6GxPYay5VzZV_peW0Cu_dXjnPWlbHPprxDQXGgL1KOmJu3QNXxf4bB8q2iPscmvKBvH92VEkSmQfUhm-2fdgGQC5XtfyHroFPEtkIYG-Z5QVJTTVliHWJyjnbbpEOMbDSjD0QqfNwQTJzuheXtzd1LkUJvlmgNgpRxMT0uppC0sXYgAb-wcKCuN-mjagBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3vFK8bOXWVLHymCngyLPd_SYrjcA%26client%3Dca-pub-2303590238526826%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2303590238526826&output=html&h=280&slotname=1433402308&adk=207406793&adf=1071414349&pi=t.ma~as.1433402308&w=728&fwrn=4&fwrnh=100&lmt=1677089733&rafmt=1&format=728x280&url=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677089733200&bpp=1&bdt=526&idt=335&shv=r20230216&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=1&correlator=8232058220225&frm=20&pv=1&ga_vid=880433619.1677089733&ga_sid=1677089734&ga_hid=1012116864&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=2339&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44777877%2C44759837%2C31072348%2C44779794&oid=2&pvsid=271215218793982&tmod=480944890&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=Mo%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=KJRCufyNED&p=https%3A//www.scamfoo.com&dtd=338

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

bdfee30c950d608a9d51cf5555bf2b187756b7c7bcd69180f2046765521ea1e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 22 Feb 2023 18:15:34 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=Dzi7N4Yd5qQbxLG0Wxmx47uHXsDqFoBk-my3aZfeWxZFByaK9y1Qe5FwLUdAWh9Thn10Y4D3CR9a3VGSH1sQwI3dMa1kvchpMsFMXgwAW9RwvI8PIE-_TgY8moJd8dpM09-2d05cZcSmoqY06Ywha2i4x-B1ftQLAU7OtwImMVpPK1H0-vOGlt3Wv2cwnMTJwyRK8PMrPy5vgjqRmculQBHYCGh1JeQc-P87LcfhDylXRb2gjc-ihM11KQU"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 73874837
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7948 15 KB
16 KB 26ms
25ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://disqus.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 08:06:08 GMT
x-content-type-options: nosniff
age: 468566
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Feb 2024 08:06:08 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7948 15 KB
15 KB 36ms
36ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://disqus.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 14:05:36 GMT
x-content-type-options: nosniff
age: 533398
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Feb 2024 14:05:36 GMT

GET
H2 200 KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7948 17 KB
17 KB 43ms
43ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://disqus.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 07:48:58 GMT
x-content-type-options: nosniff
age: 469596
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17368
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Feb 2024 07:48:58 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7948 16 KB
16 KB 41ms
40ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://disqus.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 16:22:50 GMT
x-content-type-options: nosniff
age: 6764
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Feb 2024 16:22:50 GMT

GET
H2 200 KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7948 17 KB
17 KB 109ms
109ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://disqus.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 08:08:39 GMT
x-content-type-options: nosniff
age: 554815
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17032
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Feb 2024 08:08:39 GMT

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ Frame 7948 43 B
339 B 167ms
153ms Image
image/gif 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&load_time=298&event=init_embed&thread=8455606337&forum=scamfoo&forum_id=4801840&imp=6htbaqt1lcch0i&thread_slug=is_mybridgercom_scam_fraudulent_or_safe_scamfoo&user_type=anon&referrer=https%3A%2F%2Fwww.scamfoo.com%2F&theme=next&dnt=0&tracking_enabled=0&experiment=network_default&variant=fallthrough&service=dynamic&promoted_enabled=true&max_enabled=true

Requested by

Host: www.scamfoo.com
URL: https://www.scamfoo.com/site/mybridger.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=scamfoo&t_i=126513&t_u=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F&t_d=Is%20Mybridger.com%20Scam%2C%20Fraudulent%20or%20Safe%3F%20%7C%20ScamFoo&t_t=Is%20Mybridger.com%20Scam%2C%20Fraudulent%20or%20Safe%3F%20%7C%20ScamFoo&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 18:15:34 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H2 200 sync Show response
gum.criteo.com/ Frame 9D4A 46 B
288 B 130ms
21ms Script
text/javascript 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230221-21-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:33 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 593399
expires: 60

GET
H2 200 json Show response
trc.taboola.com/disqus-scamfoo/trc/3/ Frame 9D4A 50 KB
14 KB 241ms
224ms XHR
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/disqus-scamfoo/trc/3/json?tim=18%3A15%3A34.292&lti=deflated&data=%7B%22id%22%3A752%2C%22ii%22%3A%22%2Fsite%2Fmybridger.com%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1677086632434%2C%22vi%22%3A1677089734288%2C%22cv%22%3A%2220230221-21-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F%22%2C%22vpi%22%3A%22%2Fsite%2Fmybridger.com%22%2C%22e%22%3A%22https%3A%2F%2Fwww.scamfoo.com%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A938%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A17%2C%22dw%22%3A938%2C%22dh%22%3A27%2C%22nsid%22%3A%22disqus-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22thumbnails-a%3Apub%3Ddisqus-network%3Aabp%3D0%22%2C%22uip%22%3A%22%7B%5C%22domain%5C%22%3A%20%5C%22https%3A%2F%2Fwww.scamfoo.com%5C%22%2C%20%5C%22experiment%5C%22%3A%20%5C%22network_default%5C%22%2C%20%5C%22position%5C%22%3A%20%5C%22top%5C%22%2C%20%5C%22shortname%5C%22%3A%20%5C%22scamfoo%5C%22%2C%20%5C%22variant%5C%22%3A%20%5C%22fallthrough%5C%22%7D%22%2C%22orig_uip%22%3A%22%7B%5C%22domain%5C%22%3A%20%5C%22https%3A%2F%2Fwww.scamfoo.com%5C%22%2C%20%5C%22experiment%5C%22%3A%20%5C%22network_default%5C%22%2C%20%5C%22position%5C%22%3A%20%5C%22top%5C%22%2C%20%5C%22shortname%5C%22%3A%20%5C%22scamfoo%5C%22%2C%20%5C%22variant%5C%22%3A%20%5C%22fallthrough%5C%22%7D%22%2C%22cd%22%3A27%2C%22mw%22%3A0%2C%22amw%22%3A700%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230221-21-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a2b99e503b5319a2e1d631cc47480a7168d51f73857323fb4f58db5a2eb66687

Request headers

Referer: https://www.scamfoo.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 202
date: Wed, 22 Feb 2023 18:15:34 GMT
content-encoding: gzip
via: 1.1 varnish
x-served-by: cache-cdg20773-CDG
server: nginx
x-timer: S1677089734.316665,VS0,VE202
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.scamfoo.com
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 204 debug
trc-events.taboola.com/disqus-scamfoo/log/2/ Frame 9D4A 0
90 B 242ms
22ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/disqus-scamfoo/log/2/debug?tim=18%3A15%3A34.282&type=info&msg=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F&llvl=2&id=6063&cv=20230221-21-RELEASE&lt=deflated&pct=1
Requested by: Host: www.scamfoo.com
URL: https://www.scamfoo.com/site/mybridger.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:34 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 20875

GET
H2 204 debug
trc-events.taboola.com/disqus-scamfoo/log/2/ Frame 9D4A 0
89 B 243ms
23ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/disqus-scamfoo/log/2/debug?tim=18%3A15%3A34.285&type=info&msg=%7B%22mode%22%3A%22thumbnails-a%22%2C%22container%22%3A%22taboola%22%2C%22target_type%22%3A%22mix%22%2C%22placement%22%3A%22%7B%5C%22domain%5C%22%3A%20%5C%22https%3A%2F%2Fwww.scamfoo.com%5C%22%2C%20%5C%22experiment%5C%22%3A%20%5C%22network_default%5C%22%2C%20%5C%22position%5C%22%3A%20%5C%22top%5C%22%2C%20%5C%22shortname%5C%22%3A%20%5C%22scamfoo%5C%22%2C%20%5C%22variant%5C%22%3A%20%5C%22fallthrough%5C%22%7D%22%7D&llvl=2&id=9403&cv=20230221-21-RELEASE&lt=deflated&pct=1
Requested by: Host: www.scamfoo.com
URL: https://www.scamfoo.com/site/mybridger.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:34 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 20875

GET
H2 204 debug
trc-events.taboola.com/disqus-scamfoo/log/2/ Frame 9D4A 0
89 B 243ms
23ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/disqus-scamfoo/log/2/debug?tim=18%3A15%3A34.290&type=info&msg=%7B%22domain%22%3A%20%22https%3A%2F%2Fwww.scamfoo.com%22%2C%20%22experiment%22%3A%20%22network_default%22%2C%20%22position%22%3A%20%22top%22%2C%20%22shortname%22%3A%20%22scamfoo%22%2C%20%22variant%22%3A%20%22fallthrough%22%7D%20thumbnails-a&llvl=2&id=328&cv=20230221-21-RELEASE&lt=deflated&pct=1
Requested by: Host: www.scamfoo.com
URL: https://www.scamfoo.com/site/mybridger.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:34 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 20875

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230216/r20110914/client/ Frame 2344 3 KB
1 KB 28ms
25ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230216/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2303590238526826&output=html&h=280&slotname=1433402308&adk=207406793&adf=289864595&pi=t.ma~as.1433402308&w=728&fwrn=4&fwrnh=100&lmt=1677089733&rafmt=1&format=728x280&url=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677089733198&bpp=2&bdt=524&idt=314&shv=r20230216&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8232058220225&frm=20&pv=1&ga_vid=880433619.1677089733&ga_sid=1677089734&ga_hid=1012116864&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=708&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44777877%2C44759837%2C31072348%2C44779794&oid=2&pvsid=271215218793982&tmod=480944890&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=Mo%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Cd4HZvSP4v&p=https%3A//www.scamfoo.com&dtd=320

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 12:22:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21183
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Mar 2023 12:22:31 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230216/r20110914/client/ Frame 2344 20 KB
8 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230216/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2303590238526826&output=html&h=280&slotname=1433402308&adk=207406793&adf=289864595&pi=t.ma~as.1433402308&w=728&fwrn=4&fwrnh=100&lmt=1677089733&rafmt=1&format=728x280&url=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677089733198&bpp=2&bdt=524&idt=314&shv=r20230216&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8232058220225&frm=20&pv=1&ga_vid=880433619.1677089733&ga_sid=1677089734&ga_hid=1012116864&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=708&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44777877%2C44759837%2C31072348%2C44779794&oid=2&pvsid=271215218793982&tmod=480944890&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=Mo%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Cd4HZvSP4v&p=https%3A//www.scamfoo.com&dtd=320

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 12:22:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21183
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Mar 2023 12:22:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2344 157 KB
48 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2303590238526826&output=html&h=280&slotname=1433402308&adk=207406793&adf=289864595&pi=t.ma~as.1433402308&w=728&fwrn=4&fwrnh=100&lmt=1677089733&rafmt=1&format=728x280&url=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677089733198&bpp=2&bdt=524&idt=314&shv=r20230216&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8232058220225&frm=20&pv=1&ga_vid=880433619.1677089733&ga_sid=1677089734&ga_hid=1012116864&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=708&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44777877%2C44759837%2C31072348%2C44779794&oid=2&pvsid=271215218793982&tmod=480944890&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=Mo%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Cd4HZvSP4v&p=https%3A//www.scamfoo.com&dtd=320

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6908a17080533cc597c4b17bd876ce02ba3c2aeaec4bb9763571dd31b98162c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49018
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1676996822105882"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 22 Feb 2023 18:15:34 GMT

GET
H2 200 sync Show response
gum.criteo.com/ Frame E552 46 B
287 B 21ms
21ms Script
text/javascript 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230221-21-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:33 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 468032
expires: 60

GET
H2 200 json Show response
trc.taboola.com/disqus-scamfoo/trc/3/ Frame E552 49 KB
14 KB 119ms
118ms XHR
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/disqus-scamfoo/trc/3/json?tim=18%3A15%3A34.452&lti=deflated&data=%7B%22id%22%3A534%2C%22ii%22%3A%22%2Fsite%2Fmybridger.com%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1677086632434%2C%22vi%22%3A1677089734288%2C%22cv%22%3A%2220230221-21-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F%22%2C%22vpi%22%3A%22%2Fsite%2Fmybridger.com%22%2C%22e%22%3A%22https%3A%2F%2Fwww.scamfoo.com%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A938%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A17%2C%22dw%22%3A938%2C%22dh%22%3A27%2C%22nsid%22%3A%22disqus-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22thumbnails-b%3Apub%3Ddisqus-network%3Aabp%3D0%22%2C%22uip%22%3A%22%7B%5C%22domain%5C%22%3A%20%5C%22https%3A%2F%2Fwww.scamfoo.com%5C%22%2C%20%5C%22experiment%5C%22%3A%20%5C%22network_default%5C%22%2C%20%5C%22position%5C%22%3A%20%5C%22bottom%5C%22%2C%20%5C%22shortname%5C%22%3A%20%5C%22scamfoo%5C%22%2C%20%5C%22variant%5C%22%3A%20%5C%22fallthrough%5C%22%7D%22%2C%22orig_uip%22%3A%22%7B%5C%22domain%5C%22%3A%20%5C%22https%3A%2F%2Fwww.scamfoo.com%5C%22%2C%20%5C%22experiment%5C%22%3A%20%5C%22network_default%5C%22%2C%20%5C%22position%5C%22%3A%20%5C%22bottom%5C%22%2C%20%5C%22shortname%5C%22%3A%20%5C%22scamfoo%5C%22%2C%20%5C%22variant%5C%22%3A%20%5C%22fallthrough%5C%22%7D%22%2C%22cd%22%3A27%2C%22mw%22%3A0%2C%22amw%22%3A700%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230221-21-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7640f81e09415a7ff5ea301404e5ab774be148dea3c650c0a92b60d87a0f7975

Request headers

Referer: https://www.scamfoo.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 99
date: Wed, 22 Feb 2023 18:15:34 GMT
content-encoding: gzip
via: 1.1 varnish
x-served-by: cache-cdg20773-CDG
server: nginx
x-timer: S1677089734.459064,VS0,VE99
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.scamfoo.com
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame 0C71 11 KB
840 B 63ms
62ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

29cf63b3a3f220aa82357afebcfda1a2499327ce2429680ab58af2a87ed19f23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 22 Feb 2023 18:15:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 22 Feb 2023 17:34:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Feb 2023 18:15:34 GMT

GET
H/1.1 200
OK listRecommendations.json Show response
disqus.com/api/3.0/discovery/ Frame 0C71 5 KB
6 KB 213ms
212ms XHR
application/json 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/discovery/listRecommendations.json?forum=scamfoo&thread=url%3Ahttps%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F&limit=8&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.ee9c33b24a56672a5987fadb46fbba34.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

fbbf65e748258dc58d268cc5c545d27da1ad736dea03c7c289f1afe9a6142827

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://disqus.com/recommendations/?base=default&f=scamfoo&t_u=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F&t_d=Is%20Mybridger.com%20Scam%2C%20Fraudulent%20or%20Safe%3F%20%7C%20ScamFoo&t_t=Is%20Mybridger.com%20Scam%2C%20Fraudulent%20or%20Safe%3F%20%7C%20ScamFoo
X-Requested-With: XMLHttpRequest
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 18:15:34 GMT
Strict-Transport-Security: max-age=300; includeSubdomains
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Vary: Origin
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Content-Type: application/json
Cache-Control: stale-while-revalidate=450, public, max-age=1800
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 5252
X-XSS-Protection: 1; mode=block

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 2C38 2 KB
1 KB 818ms
266ms Image
image/svg+xml 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_ZbxQAI8IwIFWNNAAnw4ruSF5zdO9WoqLZkag&u=%7CVmn2Rt7oCW1O%2BkoIFcFnlGHduR38db6%2BEku6yTWr1Qo%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8R0XTFg4n334JzDG0QxBnFq9TvfAZh2JF1Lf6idO3NjDE4el-hrBSYKDO-TBm-TWVPJQlv7FpMyij_dVDv1x90Za5hlfiIyiF5_Stq2bO-2TD5x8cLgiUhxlVdmcpSuIsFJJfrOTdq4FZSJqomQq1J5tx-JIOvRTgDSFKgEavoVTVFBqTs_aAT4R3l_7SHsn5lZ0m6ONhjxXjAoMwIK11fKbEWeNkxNjxasQVn0Y-ewum2r3Ppc3P_HKlF1R8OxD89g0chBD3QoyOKumkAyyhgB30-g7f6A804Azw5pkFP6PIWeTBiDvBVtbPdSbl0_R1l6d7FlS-sn5K-5x-8mbOOThg6F8sg7qBiV49fLtdV5GOIXdfGuiEnYyCB6YWh0Jw0x9O9J2U2kyTpOzk1LD7cLMQO0mA-z8_8KyX3OCGt56a5yPyO17Ok8bz77vnm3M1Eb_GHrY2FEEVHYmAlT2nHpdyNCz6_RXFXnY9dM4czWtsKtbtteOlPLCdHwQrc6FNs45-24GUcnE0vwd1-yW1Y13hBch80azhr44patO-fKBalZLN9xeui3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8KX4xVv2Y4zhI83G1fAP4uGnoArJntKxXL3xlPdwwI23ARABIABg-wGCARdjYS1wdWItMjMwMzU5MDIzODUyNjgyNsgBCakCxWIdQTnesT6oAwGqBNsBT9Cn_Obm5bDEID_OH20QyWUI7w5nvP8yopRfZXAfuRSX4d3hKTCKUHEdrg3ZR9e65E7jtkVKz8z-t5qfnMMqtZ-PUAFI6iCwcu78R3bouuoMTTUPOzaDl_7jvoRfjaDTcJ7nB2NTF3vptO3dvp5d-HRgNGi-20ovTwhCX7VK3C1koAa2fpq_k7jsU_l0IGvFqYQzjuvbBvRo4AqjRxG5irEMQv601csibhxiBffn3ZT5GQ26cZDe4D_XDjzdYJS-DrfK1GyJF5jSZ4c7kOVg22ptN9I_KV7Art_igAb-wcKCuN-mjagBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0j7GoNgQjbobzh_-Nq-SIHl6PPnQ%26client%3Dca-pub-2303590238526826%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Feb 2024 18:15:35 GMT

GET
H2 200 adchoices_fr.svg
static.criteo.net/flash/icon/ Frame 2C38 2 KB
1 KB 838ms
286ms Image
image/svg+xml 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_fr.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

8bc40f263d0a1fbb8421a5fe91ccb4ab7eb23b9b4c12a16e09703cd336d7cbb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-75e"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Feb 2024 18:15:35 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 2C38 308 B
636 B 767ms
268ms Image
image/svg+xml 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 17 Feb 2024 18:15:35 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 2C38 293 B
621 B 1081ms
582ms Image
image/svg+xml 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sat, 17 Feb 2024 18:15:35 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 2C38 43 B
347 B 234ms
25ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=7fLeSAfa8K_lDPDpIHdqp7XRumG5q1rXI3fLDJANsapJf_hYVMOjU3-X-9eJh4qFSOro-lWO6TTVv8CGY5heltvOeLE4tuCHCsLFug_NTaMs9HIJ-vgbps0YMkH1M-9RZzrgjJoOO3pnC8x6Pt3_--6ddfmeFtdanF89MMh1Yq_kGIQ874VWLNmOIfbQsy9UnSH3Q4NXbt4TAkzEoJAARU2vBj9Kc1Ff-Ud2lTm2z3D7wUkCXaGzoeFkPtBFXzUbBRzjxXvYIV0PW73dcwFeHGgCG_lUZH3GZb5kQNcbfNqIAfieN_TaxJ-v1ZAn9GWQOw8CVIw_qG8343re8GjFeej4ESoCvw1zy4Zwvd5dtFyq4WDfjrSAYfpuMAiOFj9DA0ot3eG8y97-QLJBYkRRSUeSHOJP1jH8p2DcRQZWtsO9sFQC

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 18:15:34 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2276723
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2344 0
0 72ms
66ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C1Ul9xVv2Y9rrIcrB1fAPkb-ZqAzJntKxXM3x4t2IAcCNtwEQASAAYPsBggEXY2EtcHViLTIzMDM1OTAyMzg1MjY4MjbIAQmpAsViHUE53rE-qAMBqgTSAU_QFcBR-h3IVJyvpZtot02lt8NPJsuHWhB_CK14-5NoGdumvYxr8nV8ongaAIke0ebJfOkMp2yoRBVMSD7uS3ynrnD_hai2UX8yWKN-Mson5_WMoFvFsNzsFpc48GZJtHuzmoXH8xqy6UeJ79Beaiy8OWATTg8g5slSB3qMYTFY629eh8Uo3Z9wzM73EVBIAmPLUZ4fh1ur5iYr8rk9UALiGWzxBg5Qo9bKsDkNVJs84BNxP_gGPg47s1zgb9RxSGrHQ9ojSDMvmycBtlRiWejNgoAG_sHCgrjfpo2oAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMjMwMzU5MDIzODUyNjgyNhgA&sigh=o7QcfR_eYUc&uach_m=[UACH]&cid=CAQSGwDUE5ym5qK9ZnlCjsQxsPemqhxK9wL3X77xZRgB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2303590238526826&output=html&h=280&slotname=1433402308&adk=207406793&adf=289864595&pi=t.ma~as.1433402308&w=728&fwrn=4&fwrnh=100&lmt=1677089733&rafmt=1&format=728x280&url=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677089733198&bpp=2&bdt=524&idt=314&shv=r20230216&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8232058220225&frm=20&pv=1&ga_vid=880433619.1677089733&ga_sid=1677089734&ga_hid=1012116864&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=708&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44777877%2C44759837%2C31072348%2C44779794&oid=2&pvsid=271215218793982&tmod=480944890&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=Mo%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Cd4HZvSP4v&p=https%3A//www.scamfoo.com&dtd=320

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2303590238526826&output=html&h=280&slotname=1433402308&adk=207406793&adf=289864595&pi=t.ma~as.1433402308&w=728&fwrn=4&fwrnh=100&lmt=1677089733&rafmt=1&format=728x280&url=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677089733198&bpp=2&bdt=524&idt=314&shv=r20230216&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8232058220225&frm=20&pv=1&ga_vid=880433619.1677089733&ga_sid=1677089734&ga_hid=1012116864&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=708&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44777877%2C44759837%2C31072348%2C44779794&oid=2&pvsid=271215218793982&tmod=480944890&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=Mo%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Cd4HZvSP4v&p=https%3A//www.scamfoo.com&dtd=320
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 22 Feb 2023 18:15:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame 2344 0
0 27ms
22ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kqe_EMD6RNgFmAKdg2ICAgAAAKzcx4olFU1Y4K2o3xDFW_ZjXn_XqG8JkfEg90sAEgAACg5BUVVCQlFZQkJRRUJCUQ&wp=Y_ZbxQAIddoIFWDKAAZfkdY3UwCxBWCQiX5URQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2303590238526826&output=html&h=280&slotname=1433402308&adk=207406793&adf=289864595&pi=t.ma~as.1433402308&w=728&fwrn=4&fwrnh=100&lmt=1677089733&rafmt=1&format=728x280&url=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677089733198&bpp=2&bdt=524&idt=314&shv=r20230216&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8232058220225&frm=20&pv=1&ga_vid=880433619.1677089733&ga_sid=1677089734&ga_hid=1012116864&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=708&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44777877%2C44759837%2C31072348%2C44779794&oid=2&pvsid=271215218793982&tmod=480944890&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=Mo%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Cd4HZvSP4v&p=https%3A//www.scamfoo.com&dtd=320

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:33 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 308858
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 0EFF 154 KB
49 KB 93ms
93ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_ZbxQAIddoIFWDKAAZfkdY3UwCxBWCQiX5URQ&u=%7CVmn2Rt7oCW2jpJkovDTFG8pe6NutlfC4ZiRv9BOR1lw%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8R0XTFg4n334JzDG0QxBnFq9TvfAZh2JF1Lf6idO3NjDHbFxs5Esp_7naQDXfhhBovVrEQEv6wHPU2-P_Ym_HTpTeRIQ1JGZmpZvobhPBnAgKapjog-e4nykE3jZQOQ82ifMhUBmokPnd4rnEdwiiGXtaPHUnJ2-xGOPFNfVUy7k26T_FrN_nYPx121Xxfkgu0Q2MnQCwBjCViWxEjX1lF6b5ZUgBCpVm1kwGJjP-K0xc3vwzZTkajTj0YMo6-Dpz9fMDiD_PmS_cM-ZU4G72eHTqqpARbRwPd-LPsZck4bTlVauFi_wFWB8qT-nBc4WIWmm8A-BPVvpTOSlNaAG8CTV-zuoW9foa3eXpcKtnufG46kVUy1-aujlh-ydG0T9zeiqvd4eWyh2Z9dwlM5aN0lBFXBol3Lyd09cPkp_yu0yLnkThafUGK9QIlA6RgSE48pO5ZdwcWCR1dQVT19xsci04sbO-z6uuxAUmcqE2qT62FEN7y0lWj_MKxRfAU0cKFJSdZO0JR6MnJcYdDV1hum7mhC8hC17z8rKEy6TLH4SeeocFupWXE9A1kXWqY6GwE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzZckxVv2Y9rrIcrB1fAPkb-ZqAzJntKxXM3x4t2IAcCNtwEQASAAYPsBggEXY2EtcHViLTIzMDM1OTAyMzg1MjY4MjbIAQmpAsViHUE53rE-qAMBqgTVAU_QFcBR-h3IVJyvpZtot02lt8NPJsuHWhB_CK14-5NoGdumvYxr8nV8ongaAIke0ebJfOkMp2yoRBVMSD7uS3ynrnD_hai2UX8yWKN-Mson5_WMoFvFsNzsFpc48GZJtHuzmoXH8xqy6UeJ79Beaiy8OWATTg8g5slSB3qMYTFY629eh8Uo3Z9wzM73EVBIAmPLUZ4fh1ur5iYr8rk9UALiGWzxBg5Qo9bKsDlPVrquZ5ztLEeaKq3rjvoYZsB7_mDpW1iXgA6JaZgfmkzn82zePe3fX4AG_sHCgrjfpo2oAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0XSiaw9UGu4yRgW2_Qnr8Rwin1dw%26client%3Dca-pub-2303590238526826%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2303590238526826&output=html&h=280&slotname=1433402308&adk=207406793&adf=289864595&pi=t.ma~as.1433402308&w=728&fwrn=4&fwrnh=100&lmt=1677089733&rafmt=1&format=728x280&url=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677089733198&bpp=2&bdt=524&idt=314&shv=r20230216&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8232058220225&frm=20&pv=1&ga_vid=880433619.1677089733&ga_sid=1677089734&ga_hid=1012116864&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=708&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44777877%2C44759837%2C31072348%2C44779794&oid=2&pvsid=271215218793982&tmod=480944890&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=Mo%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Cd4HZvSP4v&p=https%3A//www.scamfoo.com&dtd=320

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

a866e634cb1fc275f23b7531b4dd90750d895d6f871f8c3a148c249cbee58f0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 22 Feb 2023 18:15:34 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=48MZ9IYd5qQbxLG0MdWAnxfixcgZBHgbn0tTfQVnbjfi4m5jTqt20-h_srN39qwPxpwNTuSYchAVPYXQG9CNM6JuqbdH1RobTYA4V2npm5DohPp6Tnt6ruiPU_zaQj60SZC6jxA0N7KzhtXKfk33FTmOd4-ABY6l4E7XafNWKYTxo-1sSSLgmA3B9rLF_8v-cmpccyH1moYN_icwLHymeun0NKVW53rOqcxjFE0BgMJEALBMcoKKdjbozt8O2rpl3FYr4A"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 61554910
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 8B4A 2 KB
1 KB 815ms
278ms Image
image/svg+xml 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_ZbxQAI9dgIFUBiAAckh5JmRzHbJkX1XKwhYQ&u=%7CVmn2Rt7oCW1DvJxlNXgEU1uYlq5mZG8zROTAa%2BDRfo8%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8R0XTFg4n334JzDG0QxBnFq9TvfAZh2JF1Lf6idO3NjDJ2YjBJsR_QXoovszDeOkdBVSyXNKBQv_l3Wj924zlZkCmQoPwAVK--4USbOQEtYWOc969fAW-HcU6weC0PWh7x4UGOL9D-xzB28op5UoBmuE6H-LRyTWYK7fTeadkmrkduuL_FFY7lRSajiJvZ4ZZO82EPElnZCr9Q2tcBizlWbljqBWtukIoXIXWbpFj4uYsLSC5cj47PMuiXgrWvmYqzeHVql9StpI4MfTuSGtqXpJCOMvvMxiUn6E43O2yNcyuXGI0yTXYaRz47Ahe36jngTcDCA_Kzk7xT0hFNywy9WRO0auQKIkdbaUOhUBjCHq17NdeC9YOniGgWYf1ZiaS0ab_uE3XH2piThgr3x1wQZQJvWH71TyJm3km29GeD--LRVMOoahfKElT8b5rIkUZQLTXEnynLFYux01MrMrRAeC1Px1UC6fJTx2lweYjHAj63YHOwj9k843TujrNIzDHU9Ddjx-UY7N5zg-QiycnjfKqSPAYa8Tx9axuaqeb8xNBIVxqZVP0mg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC70NkxVv2Y9jrI-KA1fAPh8mcuAXJntKxXIX-l_dwwI23ARABIABg-wGCARdjYS1wdWItMjMwMzU5MDIzODUyNjgyNsgBCakCda6mCKjXsT6oAwGqBNsBT9CCN8ozHyasX9p4KCMU3BqM4P1j1_M7hswXnaRt5T3Yojf6alV4yFxppHMpUJ6V4QMAdgYtAkLtHZaq54SkqwDhXBbNP8Y8_z4ERjjnjR3XBeTDH9k_EhA6GxPYay5VzZV_peW0Cu_dXjnPWlbHPprxDQXGgL1KOmJu3QNXxf4bB8q2iPscmvKBvH92VEkSmQfUhm-2fdgGQC5XtfyHroFPEtkIYG-Z5QVJTTVliHWJyjnbbpEOMbDSjD0QqfNwQTJzuheXtzd1LkUJvlmgNgpRxMT0uppC0sXYgAb-wcKCuN-mjagBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3vFK8bOXWVLHymCngyLPd_SYrjcA%26client%3Dca-pub-2303590238526826%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Feb 2024 18:15:35 GMT

GET
H2 200 adchoices_fr.svg
static.criteo.net/flash/icon/ Frame 8B4A 2 KB
1 KB 1223ms
687ms Image
image/svg+xml 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_fr.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

8bc40f263d0a1fbb8421a5fe91ccb4ab7eb23b9b4c12a16e09703cd336d7cbb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-75e"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Feb 2024 18:15:35 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 8B4A 308 B
636 B 746ms
287ms Image
image/svg+xml 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 17 Feb 2024 18:15:35 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 8B4A 293 B
621 B 1040ms
582ms Image
image/svg+xml 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sat, 17 Feb 2024 18:15:35 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 8B4A 43 B
348 B 192ms
23ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=RMKzEQfa8K_lDPDpIHdqp7XRumG3RGuLaVxDZIg8x_to6fcebvUuCEc3i74iohV7rhNekK_OA2irgMrr4Ra-STJnK_Hq5XPKPbxHgr0SiNqLf02iz-EcnNd-vt0cMKufu-sGcwgBZdBtcaQrSldsrQnZdyi7VgFhTXTGFTV-XRKiJB0R_csCBJpmTa4GKp6OxHS9yBtCC-qVbF4ygpQMpvM3TY5PhW-N5KMspENVdhJFWWmC-B1nSEvvR3iQ7p5DkYJgL023oTKOqv1_f1jERd4Z-7ISk6VkFbKdSyjxLnUL5JZ7k2bmFc6f6Dno2saFWK0_q74GfHvsir8g_V8IbY3vrqkzF964a_aPqnPw2pc7Tv8hF1DNAfON3PTIawvXS3IQL5o2zqi5iSdXAxyeneY7froERNZLxHGfpxPsJMYQAtCI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 18:15:33 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1737121
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

204

b2
sb.scorecardresearch.com/ Frame 9D4A
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1677089734549&ns_c=UTF-8&ns_if=1&c7=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F&c8=&c9=https%3A%2...
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1677089734549&ns_c=UTF-8&ns_if=1&c7=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F&c8=&c9=https%3A%...

0
189 B

49ms
48ms

Image
text/plain

108.138.189.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1677089734549&ns_c=UTF-8&ns_if=1&c7=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F&c8=&c9=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F
Requested by: Host: www.scamfoo.com
URL: https://www.scamfoo.com/site/mybridger.com/
Protocol: H2
Server: 108.138.189.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-189-32.mxp64.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:34 GMT
via: 1.1 2c6b43ece241a6b4a6a59e19ffb626fe.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-P1
x-amz-cf-id: iUc7mftPssKdb8TRxxe7XE48wD1A3mYE1I8loPtWMDJ0Fil7XWzbGw==
x-cache: Miss from cloudfront

Redirect headers

location: /b2?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1677089734549&ns_c=UTF-8&ns_if=1&c7=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F&c8=&c9=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F
date: Wed, 22 Feb 2023 18:15:34 GMT
via: 1.1 2c6b43ece241a6b4a6a59e19ffb626fe.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-P1
content-length: 0
x-amz-cf-id: AgtCOx9vnqMySf39Aw4LCdHHqg9LTgO__-qMVnB_fbk4yO5dgpaDEw==
x-cache: Miss from cloudfront

GET
H2

204

b2
sb.scorecardresearch.com/ Frame E552
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1677089734550&ns_c=UTF-8&ns_if=1&c7=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F&c8=&c9=https%3A%2...
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1677089734550&ns_c=UTF-8&ns_if=1&c7=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F&c8=&c9=https%3A%...

0
190 B

53ms
52ms

Image
text/plain

108.138.189.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1677089734550&ns_c=UTF-8&ns_if=1&c7=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F&c8=&c9=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F
Requested by: Host: www.scamfoo.com
URL: https://www.scamfoo.com/site/mybridger.com/
Protocol: H2
Server: 108.138.189.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-189-32.mxp64.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:34 GMT
via: 1.1 2c6b43ece241a6b4a6a59e19ffb626fe.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-P1
x-amz-cf-id: qLjp0lnUgKR7CdnSGenIkXr-_6rXln2MAyKaRbvNrYtn7BT4SgkZTA==
x-cache: Miss from cloudfront

Redirect headers

location: /b2?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1677089734550&ns_c=UTF-8&ns_if=1&c7=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F&c8=&c9=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F
date: Wed, 22 Feb 2023 18:15:34 GMT
via: 1.1 2c6b43ece241a6b4a6a59e19ffb626fe.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-P1
content-length: 0
x-amz-cf-id: -1GaaKi1nOjTGhPujdLWRVGG12YEnDNzKUHf0H18dBVAcnYh8_x42w==
x-cache: Miss from cloudfront

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/disqus-network/ Frame 9D4A 732 KB
165 KB 62ms
21ms Fetch
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/disqus-network/loader.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230221-21-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3f3ded0be4eadf1c18601ad8bd6e7228755a871604f3c97ad01e4236e8a1c810

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: jIFiB0ZYlBftdY4uNJPn3g_CkYIIPpBQ
content-encoding: gzip
via: 1.1 varnish
date: Wed, 22 Feb 2023 18:15:34 GMT
x-amz-request-id: YF1PPCCKV8DDEJGD
age: 2767
x-amz-server-side-encryption: AES256
x-cache: HIT
x-from-cache: 1
x-envoy-upstream-service-time: 9
x-amz-replication-status: FAILED
content-length: 168505
x-amz-id-2: g44/jtWfP6pTAAr621lX634LcporTWwpuiq+F8Lo1D85aNiuzMWsiiZVr64H1qF5+4Uo3fJ/JKM=
x-served-by: cache-cdg20775-CDG
last-modified: Wed, 22 Feb 2023 17:24:21 UTC
server: nginx
x-timer: S1677089735.638597,VS0,VE2
etag: "702263a20485993a674d5ac87a8f745c96f63a7e"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
abp: 31
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 cta-component.20230221-21-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ Frame 9D4A 19 KB
5 KB 21ms
19ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/cta-component.20230221-21-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 68648572302d736202975bde41364646e2d1fabada3c5b2bee7c87697c4d42f4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: 2RuzRxsUgRkUWP8Vtr.KMOzwzDW3oUBG
content-encoding: gzip
via: 1.1 varnish
date: Wed, 22 Feb 2023 18:15:34 GMT
x-amz-request-id: 63K5YD1D2SGYYGG6
age: 102191
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 4737
x-amz-id-2: ckSeocyYNcu72ye+v78/hQv6UsVRu7L5lYpyWBi5/5kY7ws8pAdKEvJkdZ26JaXEqROSn9KcSMc=
x-served-by: cache-cdg20773-CDG
last-modified: Tue, 21 Feb 2023 13:52:24 GMT
server: AmazonS3
x-timer: S1677089735.616969,VS0,VE0
etag: "f5fb1849ba8920802542d1deca0b8fef"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 99
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 50913

GET
H2 200 UnitWidgetItemDesktop.min.js Show response
vidstat.taboola.com/lite-unit/3.9.8/ Frame 9D4A 103 KB
30 KB 21ms
20ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/3.9.8/UnitWidgetItemDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230221-21-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e9008fe282850688d5c8544707e9d97ff6d737ee6791afc1d60448750a451b0a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:34 GMT
via: 1.1 c77cf9ec92c5b3b895af521940f61fb8.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: CDG50-P2
age: 734689
x-cache: Hit from cloudfront, HIT
content-length: 29909
x-served-by: cache-cdg20773-CDG
last-modified: Tue, 22 Nov 2022 07:02:09 GMT
server: AmazonS3
x-timer: S1677089735.622408,VS0,VE0
etag: "1842444d4bb92087143326a4d508875d"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: hhgiZ2Bn2_5-vWuvQN3TKTfAUJcXRvDo5772Q-pyYjQO4ejs5tx3kg==
x-cache-hits: 6348

GET
H2 200 userx.20230221-21-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ Frame 9D4A 17 KB
6 KB 19ms
19ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20230221-21-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 47ec011ded23d7f691a91acb9001c109657000b7497b4152335c73233f880c6d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: IURAK6bo5O0B6nHD_2EKcxSY.8OGGmqD
content-encoding: gzip
via: 1.1 varnish
date: Wed, 22 Feb 2023 18:15:34 GMT
x-amz-request-id: MVWR1XQWJ0JPP637
age: 102159
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5397
x-amz-id-2: d2V9ukAHJmmuQCzGiU3k3QSiFIkSO8tfV1TRuJ/S384oau6JcyfY3wEpsj0X5p6gDKbL7psKFsA=
x-served-by: cache-cdg20773-CDG
last-modified: Tue, 21 Feb 2023 13:52:56 GMT
server: AmazonS3
x-timer: S1677089735.622158,VS0,VE0
etag: "a659935bb8a8d9bebad800aea151949b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 99
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 14279

GET
H2 204 debug
am-trc-events.taboola.com/disqus-scamfoo/log/2/ Frame 9D4A 0
89 B 23ms
21ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/disqus-scamfoo/log/2/debug?tim=18%3A15%3A34.598&type=info&msg=Start%20Rendering%20%7B%22domain%22%3A%20%22https%3A%2F%2Fwww.scamfoo.com%22%2C%20%22experiment%22%3A%20%22network_default%22%2C%20%22position%22%3A%20%22top%22%2C%20%22shortname%22%3A%20%22scamfoo%22%2C%20%22variant%22%3A%20%22fallthrough%22%7D&llvl=2&id=3709&cv=20230221-21-RELEASE&lt=deflated&pct=1
Requested by: Host: www.scamfoo.com
URL: https://www.scamfoo.com/site/mybridger.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:34 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 20598

GET
H2 204 abtests
am-trc-events.taboola.com/disqus-scamfoo/log/3/ Frame 9D4A 0
230 B 23ms
22ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/disqus-scamfoo/log/3/abtests?route=AM:AM:V&lti=deflated&ri=2e9d3e387c4fbf177f5f0c67856949a3&sd=v2_fd9b11857953698a952307d597cb30a7_ec39b270-7c77-49c1-be14-fb43d1308a84-tuctaefe146_1677089734_1677089734_CIi3jgYQpfZPGJD92dLnMCABKAEwSjjE1whA7IsQSJ6Y2gNQ____________AVgAYABo57LX9f-_toiDAXAA&ui=ec39b270-7c77-49c1-be14-fb43d1308a84-tuctaefe146&pi=/site/mybridger.com&wi=-3394248765736013485&pt=text&vi=1677089734288&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1677089734600%7D&tim=18%3A15%3A34.600&id=4365&llvl=2&cv=20230221-21-RELEASE&
Requested by: Host: www.scamfoo.com
URL: https://www.scamfoo.com/site/mybridger.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 22 Feb 2023 18:15:34 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
am-trc-events.taboola.com/disqus-scamfoo/log/2/ Frame 9D4A 0
89 B 21ms
21ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/disqus-scamfoo/log/2/debug?tim=18%3A15%3A34.609&type=info&msg=Finish%20Rendering%20%7B%22domain%22%3A%20%22https%3A%2F%2Fwww.scamfoo.com%22%2C%20%22experiment%22%3A%20%22network_default%22%2C%20%22position%22%3A%20%22top%22%2C%20%22shortname%22%3A%20%22scamfoo%22%2C%20%22variant%22%3A%20%22fallthrough%22%7D&llvl=2&id=6802&cv=20230221-21-RELEASE&lt=deflated&pct=1
Requested by: Host: www.scamfoo.com
URL: https://www.scamfoo.com/site/mybridger.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:34 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 20598

GET
DATA 200
OK truncated
/ Frame 7230 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 37b6869852931f3be78c39fbe3f854826e80b774b823d6389de3ed70d04c8a87

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame B528 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6cf9c54a933c58e06664d81ba301017db383a8d851d43f67d368f8456b56a88a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/disqus-network/ Frame E552 732 KB
165 KB 20ms
19ms Fetch
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/disqus-network/loader.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230221-21-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3f3ded0be4eadf1c18601ad8bd6e7228755a871604f3c97ad01e4236e8a1c810

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: jIFiB0ZYlBftdY4uNJPn3g_CkYIIPpBQ
content-encoding: gzip
via: 1.1 varnish
date: Wed, 22 Feb 2023 18:15:34 GMT
x-amz-request-id: YF1PPCCKV8DDEJGD
age: 2767
x-amz-server-side-encryption: AES256
x-cache: HIT
x-from-cache: 1
x-envoy-upstream-service-time: 9
x-amz-replication-status: FAILED
content-length: 168505
x-amz-id-2: g44/jtWfP6pTAAr621lX634LcporTWwpuiq+F8Lo1D85aNiuzMWsiiZVr64H1qF5+4Uo3fJ/JKM=
x-served-by: cache-cdg20775-CDG
last-modified: Wed, 22 Feb 2023 17:24:21 UTC
server: nginx
x-timer: S1677089735.761863,VS0,VE0
etag: "702263a20485993a674d5ac87a8f745c96f63a7e"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
abp: 31
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 UnitWidgetItemDesktop.min.js Show response
vidstat.taboola.com/lite-unit/3.9.8/ Frame E552 103 KB
29 KB 29ms
29ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/3.9.8/UnitWidgetItemDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230221-21-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e9008fe282850688d5c8544707e9d97ff6d737ee6791afc1d60448750a451b0a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:34 GMT
via: 1.1 c77cf9ec92c5b3b895af521940f61fb8.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: CDG50-P2
age: 734689
x-cache: Hit from cloudfront, HIT
content-length: 29909
x-served-by: cache-cdg20773-CDG
last-modified: Tue, 22 Nov 2022 07:02:09 GMT
server: AmazonS3
x-timer: S1677089735.780298,VS0,VE0
etag: "1842444d4bb92087143326a4d508875d"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: hhgiZ2Bn2_5-vWuvQN3TKTfAUJcXRvDo5772Q-pyYjQO4ejs5tx3kg==
x-cache-hits: 6349

GET
H2 200 userx.20230221-21-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ Frame E552 17 KB
5 KB 28ms
27ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20230221-21-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 47ec011ded23d7f691a91acb9001c109657000b7497b4152335c73233f880c6d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: IURAK6bo5O0B6nHD_2EKcxSY.8OGGmqD
content-encoding: gzip
via: 1.1 varnish
date: Wed, 22 Feb 2023 18:15:34 GMT
x-amz-request-id: MVWR1XQWJ0JPP637
age: 102159
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5397
x-amz-id-2: d2V9ukAHJmmuQCzGiU3k3QSiFIkSO8tfV1TRuJ/S384oau6JcyfY3wEpsj0X5p6gDKbL7psKFsA=
x-served-by: cache-cdg20773-CDG
last-modified: Tue, 21 Feb 2023 13:52:56 GMT
server: AmazonS3
x-timer: S1677089735.783647,VS0,VE0
etag: "a659935bb8a8d9bebad800aea151949b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 99
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 14280

GET
H2 204 fix-user-id
trc.taboola.com/disqus-scamfoo/log/3/ Frame E552 0
251 B 31ms
30ms Image
image/gif 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/disqus-scamfoo/log/3/fix-user-id?lti=deflated&ri=b24d04c619470b7a934e4e624125c566&sd=v2_f414a0b00c8826b3ac9569c5d6e8cb60_ef6a8410-2062-40e0-9cb5-bb80b28a8a78-tuctaefe146_1677089734_1677089734_CIi3jgYQpfZPGJD92dLnMCABKAEwSjjE1whA7IsQSJ6Y2gNQ____________AVgAYABo57LX9f-_toiDAXAA&ui=ef6a8410-2062-40e0-9cb5-bb80b28a8a78-tuctaefe146&pi=/site/mybridger.com&wi=-3394248765736013485&pt=text&vi=1677089734288&time=1677089734752&fromUser=ec39b270-7c77-49c1-be14-fb43d1308a84-tuctaefe146&toUser=ef6a8410-2062-40e0-9cb5-bb80b28a8a78-tuctaefe146&fromSD=v2_fd9b11857953698a952307d597cb30a7_ec39b270-7c77-49c1-be14-fb43d1308a84-tuctaefe146_1677089734_1677089734_CIi3jgYQpfZPGJD92dLnMCABKAEwSjjE1whA7IsQSJ6Y2gNQ____________AVgAYABo57LX9f-_toiDAXAA&toSD=v2_f414a0b00c8826b3ac9569c5d6e8cb60_ef6a8410-2062-40e0-9cb5-bb80b28a8a78-tuctaefe146_1677089734_1677089734_CIi3jgYQpfZPGJD92dLnMCABKAEwSjjE1whA7IsQSJ6Y2gNQ____________AVgAYABo57LX9f-_toiDAXAA&tim=18%3A15%3A34.752&id=9536&llvl=2&cv=20230221-21-RELEASE&
Requested by: Host: www.scamfoo.com
URL: https://www.scamfoo.com/site/mybridger.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-vcl-time-ms: 11
pragma: no-cache
date: Wed, 22 Feb 2023 18:15:34 GMT
via: 1.1 varnish
x-served-by: cache-cdg20773-CDG
server: nginx
x-timer: S1677089735.785067,VS0,VE11
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 204 abtests
am-trc-events.taboola.com/disqus-scamfoo/log/3/ Frame E552 0
230 B 27ms
27ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/disqus-scamfoo/log/3/abtests?route=AM:AM:V&lti=deflated&ri=b24d04c619470b7a934e4e624125c566&sd=v2_f414a0b00c8826b3ac9569c5d6e8cb60_ef6a8410-2062-40e0-9cb5-bb80b28a8a78-tuctaefe146_1677089734_1677089734_CIi3jgYQpfZPGJD92dLnMCABKAEwSjjE1whA7IsQSJ6Y2gNQ____________AVgAYABo57LX9f-_toiDAXAA&ui=ef6a8410-2062-40e0-9cb5-bb80b28a8a78-tuctaefe146&pi=/site/mybridger.com&wi=-3394248765736013485&pt=text&vi=1677089734288&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1677089734763%7D&tim=18%3A15%3A34.763&id=1226&llvl=2&cv=20230221-21-RELEASE&
Requested by: Host: www.scamfoo.com
URL: https://www.scamfoo.com/site/mybridger.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 22 Feb 2023 18:15:34 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/ 150 KB
51 KB 124ms
120ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d490a6dee875dcc1503cc7c96199346d9e5e4ea83295ad98c1ddcceaf0f2279

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52073
x-xss-protection: 0
server: cafe
etag: 5520119664380829272
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Feb 2023 18:15:34 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 2C38 12 KB
5 KB 27ms
25ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 505314
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0vApsh5IAXBfuLl3U3ouC%2F64Y2BSVrX94Wek7P4%2Bg9m%2BaUj72WJGM9k5urWeBJNCJdbTeg4lwqFPsMDKP3LJ%2BBGaPsxt91x9tzwnSGqBjK7fK2Mr7nw64dK7UKAxeUuE8UheEOeyDnftBHseSKlh5REX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 79d9b53a9ddc119d-CDG
expires: Mon, 12 Feb 2024 18:15:34 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 2C38 12 KB
6 KB 941ms
678ms Script
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Feb 2024 18:15:35 GMT

GET
H2 204 debug
am-trc-events.taboola.com/disqus-scamfoo/log/2/ Frame 9D4A 0
89 B 22ms
21ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/disqus-scamfoo/log/2/debug?tim=18%3A15%3A34.822&type=info&msg=Finish%20Rendering%20%7B%22domain%22%3A%20%22https%3A%2F%2Fwww.scamfoo.com%22%2C%20%22experiment%22%3A%20%22network_default%22%2C%20%22position%22%3A%20%22top%22%2C%20%22shortname%22%3A%20%22scamfoo%22%2C%20%22variant%22%3A%20%22fallthrough%22%7D&llvl=2&id=4122&cv=20230221-21-RELEASE&lt=deflated&pct=1
Requested by: Host: www.scamfoo.com
URL: https://www.scamfoo.com/site/mybridger.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:34 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 21210

GET
H2 200 0eb6134b2f5c8466f3f5423de58b32f7.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 9D4A 24 KB
25 KB 136ms
120ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0eb6134b2f5c8466f3f5423de58b32f7.jpg
Requested by: Host: www.scamfoo.com
URL: https://www.scamfoo.com/site/mybridger.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2dad213285801020465f93d54e35ca0b20a53f9c4f40c04109b7372426fba914

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-vcl-time-ms: 100
date: Wed, 22 Feb 2023 18:15:34 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0eb6134b2f5c8466f3f5423de58b32f7.jpg
age: 643423
edge-cache-tag: 341588010266918797031681506458488107228,389360917527735119118571714620039350550,29ecf9b93bbf306179626feeda1fab70
cache-tag: 341588010266918797031681506458488107228,389360917527735119118571714620039350550,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, MISS
x-envoy-upstream-service-time: 565
req-referer: https://www.sohu.com/
content-length: 25054
x-request-id: 033c9969dcc220930c4f26dd565bbc41
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kcgs7200086-IAD, cache-iad-kjyo7100099-IAD, cache-bur-kbur8200109-BUR, cache-iad-kcgs7200145-IAD, cache-cdg20773-CDG
last-modified: Mon, 16 Jan 2023 15:24:43 GMT
server: nginx
x-timer: S1677089735.848441,VS0,VE100
etag: "7102d08d83ccbfda8a6fb4fba63f853e"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 11, 0

GET
H2 200 33f3531a97986e3f0bb62e79428b2f18.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 9D4A 11 KB
11 KB 36ms
20ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/33f3531a97986e3f0bb62e79428b2f18.jpg
Requested by: Host: www.scamfoo.com
URL: https://www.scamfoo.com/site/mybridger.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8f27e2e2bea481c9bc25591c66f8a4743aa3bcb2dc26db73fcd5d71a33c2aaf5

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 22 Feb 2023 18:15:34 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/33f3531a97986e3f0bb62e79428b2f18.jpg
age: 8411438
edge-cache-tag: 319888645565920926399708072461694914245,440009874943970692176080915478359259825,29ecf9b93bbf306179626feeda1fab70
cache-tag: 319888645565920926399708072461694914245,440009874943970692176080915478359259825,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 136
expiration: expiry-date="Sun, 04 Dec 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.kiss104fm.com/
content-length: 10816
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kjyo7100093-IAD, cache-iad-kcgs7200155-IAD, cache-lga21948-LGA, cache-iad-kiad7000050-IAD, cache-cdg20773-CDG
last-modified: Thu, 03 Nov 2022 21:18:08 GMT
server: nginx
x-timer: S1677089735.847863,VS0,VE1
etag: "0076e92121fd1b18167e01ce8ee09d3f"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 8, 1, 25, 1

GET
H2 200 fc292f698af2264d7bfe13805a556cc5.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 9D4A 13 KB
14 KB 48ms
32ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fc292f698af2264d7bfe13805a556cc5.jpg
Requested by: Host: www.scamfoo.com
URL: https://www.scamfoo.com/site/mybridger.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9dfd12686ce6d33fb4b4f4f63f6db553b98effdd66e8446a22b3d6e9f2fd97a7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Wed, 22 Feb 2023 18:15:34 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fc292f698af2264d7bfe13805a556cc5.jpg
age: 2964709
edge-cache-tag: 470398773249297651002791212113262573078,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag: 470398773249297651002791212113262573078,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 218
expiration: expiry-date="Fri, 20 Jan 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://carreview.id/
content-length: 13212
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kcgs7200102-IAD, cache-iad-kiad7000068-IAD, cache-lga21957-LGA, cache-iad-kjyo7100162-IAD, cache-cdg20773-CDG
last-modified: Tue, 20 Dec 2022 06:13:14 GMT
server: nginx
x-timer: S1677089735.848508,VS0,VE2
etag: "2f8d545919503e3a6698668cd1097461"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 30, 1

GET
H2 200 8673fc9e9adcf8ee5b7f8feec420b81d.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 9D4A 10 KB
11 KB 49ms
34ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8673fc9e9adcf8ee5b7f8feec420b81d.jpg
Requested by: Host: www.scamfoo.com
URL: https://www.scamfoo.com/site/mybridger.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 372e7919085c63af67ee7a26bc6005e890f22dc5fc971469be92571476b16ad7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-vcl-time-ms: 8
date: Wed, 22 Feb 2023 18:15:34 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8673fc9e9adcf8ee5b7f8feec420b81d.jpg
age: 7197893
edge-cache-tag: 300966342922728122334946180094421800746,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag: 300966342922728122334946180094421800746,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 220
expiration: expiry-date="Tue, 06 Dec 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.healthygem.com/
content-length: 9952
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kjyo7100104-IAD, cache-iad-kjyo7100021-IAD, cache-bur-kbur8200167-BUR, cache-iad-kiad7000077-IAD, cache-cdg20773-CDG
last-modified: Sat, 05 Nov 2022 02:56:56 GMT
server: nginx
x-timer: S1677089735.848533,VS0,VE8
etag: "56d4711db7c90447d2a0ac0ff2c8b1b4"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 0, 468, 1

GET
H2 200 Untitled-design-2.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ibb.co/P9THTKn/ Frame 9D4A 15 KB
15 KB 36ms
22ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ibb.co/P9THTKn/Untitled-design-2.png
Requested by: Host: www.scamfoo.com
URL: https://www.scamfoo.com/site/mybridger.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0cf8bb170f1a2a7cbe978ba2be4edb781121643b81030fc7946829e93acf8554

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 22 Feb 2023 18:15:34 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ibb.co/P9THTKn/Untitled-design-2.png
age: 7008860
edge-cache-tag: 513358396174657208172600963076433422289,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag: 513358396174657208172600963076433422289,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 39
expiration: expiry-date="Sat, 03 Dec 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
content-length: 14934
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kjyo7100120-IAD, cache-iad-kjyo7100038-IAD, cache-bur-kbur8200170-BUR, cache-iad-kiad7000075-IAD, cache-cdg20773-CDG
last-modified: Wed, 02 Nov 2022 23:23:34 GMT
server: nginx
x-timer: S1677089735.848461,VS0,VE1
etag: "b4fed2347ff04df50affaf6bdd37a01e"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 6, 1

GET
H2 200 0da7c534b2d17dafdc2ed0f111d73da5.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 9D4A 21 KB
22 KB 39ms
25ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0da7c534b2d17dafdc2ed0f111d73da5.jpg
Requested by: Host: www.scamfoo.com
URL: https://www.scamfoo.com/site/mybridger.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: bd863b437fcc1aeb37e1a3119c85d2a3089ada081737adffa0680b36200a647b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 22 Feb 2023 18:15:34 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0da7c534b2d17dafdc2ed0f111d73da5.jpg
age: 6575707
edge-cache-tag: 312451248211424011790718906888295283781,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag: 312451248211424011790718906888295283781,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 57
req-referer: https://www.espn.com/
content-length: 21354
x-request-id: 006c6d0851b3373d6e55edb7207f27f9
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kcgs7200090-IAD, cache-iad-kcgs7200056-IAD, cache-lga21958-LGA, cache-iad-kcgs7200050-IAD, cache-cdg20773-CDG
last-modified: Thu, 08 Dec 2022 11:05:27 GMT
server: nginx
x-timer: S1677089735.848558,VS0,VE1
etag: "6f7fb8183c999dd8b0fe257596a3bfab"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 0, 250, 1

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 0EFF 2 KB
1 KB 794ms
555ms Image
image/svg+xml 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_ZbxQAIddoIFWDKAAZfkdY3UwCxBWCQiX5URQ&u=%7CVmn2Rt7oCW2jpJkovDTFG8pe6NutlfC4ZiRv9BOR1lw%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8R0XTFg4n334JzDG0QxBnFq9TvfAZh2JF1Lf6idO3NjDHbFxs5Esp_7naQDXfhhBovVrEQEv6wHPU2-P_Ym_HTpTeRIQ1JGZmpZvobhPBnAgKapjog-e4nykE3jZQOQ82ifMhUBmokPnd4rnEdwiiGXtaPHUnJ2-xGOPFNfVUy7k26T_FrN_nYPx121Xxfkgu0Q2MnQCwBjCViWxEjX1lF6b5ZUgBCpVm1kwGJjP-K0xc3vwzZTkajTj0YMo6-Dpz9fMDiD_PmS_cM-ZU4G72eHTqqpARbRwPd-LPsZck4bTlVauFi_wFWB8qT-nBc4WIWmm8A-BPVvpTOSlNaAG8CTV-zuoW9foa3eXpcKtnufG46kVUy1-aujlh-ydG0T9zeiqvd4eWyh2Z9dwlM5aN0lBFXBol3Lyd09cPkp_yu0yLnkThafUGK9QIlA6RgSE48pO5ZdwcWCR1dQVT19xsci04sbO-z6uuxAUmcqE2qT62FEN7y0lWj_MKxRfAU0cKFJSdZO0JR6MnJcYdDV1hum7mhC8hC17z8rKEy6TLH4SeeocFupWXE9A1kXWqY6GwE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzZckxVv2Y9rrIcrB1fAPkb-ZqAzJntKxXM3x4t2IAcCNtwEQASAAYPsBggEXY2EtcHViLTIzMDM1OTAyMzg1MjY4MjbIAQmpAsViHUE53rE-qAMBqgTVAU_QFcBR-h3IVJyvpZtot02lt8NPJsuHWhB_CK14-5NoGdumvYxr8nV8ongaAIke0ebJfOkMp2yoRBVMSD7uS3ynrnD_hai2UX8yWKN-Mson5_WMoFvFsNzsFpc48GZJtHuzmoXH8xqy6UeJ79Beaiy8OWATTg8g5slSB3qMYTFY629eh8Uo3Z9wzM73EVBIAmPLUZ4fh1ur5iYr8rk9UALiGWzxBg5Qo9bKsDlPVrquZ5ztLEeaKq3rjvoYZsB7_mDpW1iXgA6JaZgfmkzn82zePe3fX4AG_sHCgrjfpo2oAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0XSiaw9UGu4yRgW2_Qnr8Rwin1dw%26client%3Dca-pub-2303590238526826%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Feb 2024 18:15:35 GMT

GET
H2 200 adchoices_fr.svg
static.criteo.net/flash/icon/ Frame 0EFF 2 KB
1 KB 782ms
544ms Image
image/svg+xml 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_fr.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

8bc40f263d0a1fbb8421a5fe91ccb4ab7eb23b9b4c12a16e09703cd336d7cbb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-75e"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Feb 2024 18:15:35 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 0EFF 308 B
636 B 717ms
704ms Image
image/svg+xml 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 17 Feb 2024 18:15:35 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 0EFF 293 B
621 B 593ms
581ms Image
image/svg+xml 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sat, 17 Feb 2024 18:15:35 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 0EFF 43 B
347 B 24ms
23ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=CrozRQfa8K_lDPDpIHdqp7XRumH1vZx59OKGJcgm759l3RRJCONF6U-_cs94jbJu_ZkxITMgeqWT6PcWKh90OYP8IPAxsTW06DJq9h-C5n8A49Q97ONHnmn0tTZZ_DQLM-7x-rKPgvrUOkz-645uHxBz7belw9rEn5c8rl3qKUxQqwRRuoAtdzCAYqkdQBKY9GWAaywKAxaw7JrcOgVZ7yi_vh5BTgtjUKORbdh87jOl3mne2lARskxg2-jTvbMrLAi2YYYW1ERdk66S_eo67kPo2RVQjG0NifPqTgcjXoBiRrgVnu6svc6A2lZbU8PDaAXn98xZQO18A54j1vamP3fx_z0uSpXh0SOLrL_YMfYHWwlOtTHNO0QEn2xcIPRFBIGRQCDFqTY1pEzPXp5jTFZsmsSrk3ozKUdSsA_eCR9Vwwnp

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 18:15:34 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1726771
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff
static.criteo.net/design/dt/ Frame 2C38 38 KB
38 KB 1108ms
563ms Font
application/octet-stream 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-97a8"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Feb 2024 18:15:35 GMT

GET
H2 200 ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff
static.criteo.net/design/dt/ Frame 2C38 46 KB
46 KB 1754ms
1208ms Font
application/octet-stream 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-b778"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Feb 2024 18:15:35 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0C71 15 KB
16 KB 31ms
30ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://disqus.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 08:06:08 GMT
x-content-type-options: nosniff
age: 468566
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Feb 2024 08:06:08 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0C71 16 KB
16 KB 29ms
28ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://disqus.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 16:22:50 GMT
x-content-type-options: nosniff
age: 6764
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Feb 2024 16:22:50 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0C71 15 KB
15 KB 38ms
37ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://disqus.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 14:05:36 GMT
x-content-type-options: nosniff
age: 533398
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Feb 2024 14:05:36 GMT

GET
H2 200 get
c.disquscdn.com/ Frame 0C71 9 KB
9 KB 27ms
27ms Image
image/png 2600:9000:223d:5200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2Fwww.scamfoo.com%2Fimages%2Ffb-image.png&key=nZCkAcaTrqy3iTHPbtsNdA&h=200

Requested by

Host: www.scamfoo.com
URL: https://www.scamfoo.com/site/mybridger.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:5200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3440454023889622abba1c691bfd259047afc59bce928767fbd2e795e07153e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 09 Feb 2023 07:57:57 GMT
via: 1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P3
age: 1160257
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
content-length: 8833
x-xss-protection: 1; mode=block
x-served-by: static-web-2
server: nginx
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: Y8p0v1PdakHu5WGI-LUkpEknnXnPc0ZyPBBxppJc1mKC1dfr599XRg==
expires: Sat, 11 Mar 2023 07:57:57 GMT

GET
H2 200 8a07f3eb02b7ebe19b4e2e5ec08713e0.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame E552 24 KB
24 KB 22ms
21ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8a07f3eb02b7ebe19b4e2e5ec08713e0.jpg
Requested by: Host: www.scamfoo.com
URL: https://www.scamfoo.com/site/mybridger.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ac277cd42cf8d19737f2974a8edb07f0b4fc12cdf73846a3ac89d4fff0c41209

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 22 Feb 2023 18:15:34 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8a07f3eb02b7ebe19b4e2e5ec08713e0.jpg
age: 1923067
edge-cache-tag: 567193514549406655148083200233414733829,440009874943970692176080915478359259825,29ecf9b93bbf306179626feeda1fab70
cache-tag: 567193514549406655148083200233414733829,440009874943970692176080915478359259825,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, HIT, MISS, HIT
x-envoy-upstream-service-time: 89
req-referer: https://www.lefigaro.fr/
content-length: 24322
x-request-id: 012436a04d35d07c0d168ebdf9bdbc6a
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kjyo7100093-IAD, cache-iad-kiad7000161-IAD, cache-bur-kbur8200081-BUR, cache-iad-kcgs7200142-IAD, cache-cdg20773-CDG
last-modified: Tue, 31 Jan 2023 09:52:32 GMT
server: nginx
x-timer: S1677089735.940181,VS0,VE1
etag: "877152e83493076e5d74518e20142d43"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 0, 1

GET
H2 200 montres-scaled.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.mamaisonsure.fr/wp-content/uploads/verisure/2022/10/ Frame E552 11 KB
12 KB 102ms
100ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.mamaisonsure.fr/wp-content/uploads/verisure/2022/10/montres-scaled.jpg
Requested by: Host: www.scamfoo.com
URL: https://www.scamfoo.com/site/mybridger.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 230fca3db0f68f69e84c973b0f5919df7feaf8807c5a02c23f6a5e6fc152924d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-vcl-time-ms: 81
date: Wed, 22 Feb 2023 18:15:35 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.mamaisonsure.fr/wp-content/uploads/verisure/2022/10/montres-scaled.jpg
age: 516799
edge-cache-tag: 453896340750118519722449043968428672820,389360917527735119118571714620039350550,29ecf9b93bbf306179626feeda1fab70
cache-tag: 453896340750118519722449043968428672820,389360917527735119118571714620039350550,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, MISS
x-envoy-upstream-service-time: 539
req-referer: https://www.dofuspourlesnoobs.com/
content-length: 11348
x-request-id: baa2dad3d83f35d8bde78ea2c86d793a
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kiad7000049-IAD, cache-iad-kiad7000020-IAD, cache-lga21968-LGA, cache-iad-kiad7000125-IAD, cache-cdg20773-CDG
last-modified: Sat, 28 Jan 2023 17:44:04 GMT
server: nginx
x-timer: S1677089735.940451,VS0,VE81
etag: "e4eb48748ac786a7b786ee8dcf35cfdc"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 0

GET
H2 200 50fa0c7e4c8bed27d2987fb6510a2876.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame E552 16 KB
16 KB 24ms
22ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/50fa0c7e4c8bed27d2987fb6510a2876.jpg
Requested by: Host: www.scamfoo.com
URL: https://www.scamfoo.com/site/mybridger.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4e0138b422197a3832b7668ae64821740e9f7e760e18dc978e47aed28c9c8ef7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Wed, 22 Feb 2023 18:15:34 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/50fa0c7e4c8bed27d2987fb6510a2876.jpg
age: 4683673
edge-cache-tag: 387911508206466531316069505326432571665,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag: 387911508206466531316069505326432571665,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 228
req-referer: https://thecomeback.com/
content-length: 16098
x-request-id: b3251ce354e1a91d5002fac9d606def7
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kiad7000106-IAD, cache-iad-kcgs7200107-IAD, cache-bur-kbur8200074-BUR, cache-iad-kjyo7100118-IAD, cache-cdg20773-CDG
last-modified: Thu, 22 Dec 2022 04:57:26 GMT
server: nginx
x-timer: S1677089735.940469,VS0,VE2
etag: "be32377bdf90e868931a0a5afbdc4470"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 441, 1

GET
H2 200 9148cbf81917b00a7c9fb9f63ae911fb.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame E552 11 KB
12 KB 25ms
23ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9148cbf81917b00a7c9fb9f63ae911fb.jpg
Requested by: Host: www.scamfoo.com
URL: https://www.scamfoo.com/site/mybridger.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 585408a2b9dc027d952b5c543ba76c059ebdf0dfeb8cbb3842483ceede79e916

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 22 Feb 2023 18:15:34 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9148cbf81917b00a7c9fb9f63ae911fb.jpg
age: 3143389
edge-cache-tag: 346547531020065106411499694503983567687,572111196681019971487773214107964106610,29ecf9b93bbf306179626feeda1fab70
cache-tag: 346547531020065106411499694503983567687,572111196681019971487773214107964106610,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 124
req-referer: https://www.dailyforest.com/
content-length: 11356
x-request-id: 7d2f397413065fd6cc340e12ae705337
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kiad7000115-IAD, cache-iad-kcgs7200031-IAD, cache-lga21974-LGA, cache-iad-kjyo7100026-IAD, cache-cdg20773-CDG
last-modified: Sun, 15 Jan 2023 20:21:46 GMT
server: nginx
x-timer: S1677089735.940735,VS0,VE1
etag: "3769b97c8dbce5cc0516dd60ae962589"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 814, 1

GET
H2 200 08c1309bb96b8a621e000c89dd639293.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame E552 8 KB
8 KB 22ms
21ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/08c1309bb96b8a621e000c89dd639293.jpg
Requested by: Host: www.scamfoo.com
URL: https://www.scamfoo.com/site/mybridger.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 55f4b7c55874aeb1a034061727d660809262cd2d2063e54617337bb4d6a14955

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 22 Feb 2023 18:15:34 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/08c1309bb96b8a621e000c89dd639293.jpg
age: 4569161
edge-cache-tag: 390425131864009293432859778915851940134,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag: 390425131864009293432859778915851940134,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 232
req-referer: https://www.escapadesalondres.com/
content-length: 7806
x-request-id: 03ad617a4e1c56daa9757fa084599280
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kcgs7200100-IAD, cache-iad-kjyo7100095-IAD, cache-bur-kbur8200164-BUR, cache-iad-kcgs7200098-IAD, cache-cdg20773-CDG
last-modified: Mon, 12 Dec 2022 16:49:01 GMT
server: nginx
x-timer: S1677089735.940690,VS0,VE1
etag: "670c9484673943ad4133ba1f12395b94"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 15, 1

GET
H2 200 5b43ceab66700c76f5ccffca68349c53.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame E552 19 KB
20 KB 26ms
24ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5b43ceab66700c76f5ccffca68349c53.jpeg
Requested by: Host: www.scamfoo.com
URL: https://www.scamfoo.com/site/mybridger.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: dd7e4c7b99ea5a03e469a48da8a64979180e680ce34c78a7ba452da4a655649f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-vcl-time-ms: 3
date: Wed, 22 Feb 2023 18:15:34 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5b43ceab66700c76f5ccffca68349c53.jpeg
age: 4665257
edge-cache-tag: 577261072754423397404516935679152970708,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag: 577261072754423397404516935679152970708,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 244
expiration: expiry-date="Sat, 28 Jan 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.cleverst.com/
content-length: 19764
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kiad7000134-IAD, cache-iad-kjyo7100092-IAD, cache-bur-kbur8200103-BUR, cache-iad-kjyo7100148-IAD, cache-cdg20773-CDG
last-modified: Wed, 28 Dec 2022 00:12:00 GMT
server: nginx
x-timer: S1677089735.965056,VS0,VE3
etag: "992dd00ba87dcaa89ab1e0ebd2bda9e1"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 0, 7, 1

GET
H2 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
165 B 64ms
62ms Script
application/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=www.scamfoo.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 35ms
35ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.scamfoo.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 500B 23 KB
10 KB 944ms
943ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2303590238526826&output=html&h=280&adk=1816755489&adf=1230875943&pi=t.aa~a.3921975827~i.3~rp.4&w=938&fwrn=4&fwrnh=100&lmt=1677089734&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1521673879&ad_type=text_image&format=938x280&url=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F&fwr=0&pra=3&rh=200&rw=938&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677089734942&bpp=1&bdt=2268&idt=2&shv=r20230216&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6e6481329ffb4785-224c1d62f8dc00f2%3AT%3D1677089733%3ART%3D1677089733%3AS%3DALNI_MaVKg2u9jZeMyporVRPEU2KTJF9jw&gpic=UID%3D00000bbae2df8668%3AT%3D1677089733%3ART%3D1677089733%3AS%3DALNI_MavvGqaBMjc9LdOwIXZ7KyV4RAHqw&prev_fmts=0x0%2C728x280%2C728x280%2C728x280&nras=2&correlator=8232058220225&frm=20&pv=1&ga_vid=880433619.1677089733&ga_sid=1677089734&ga_hid=1012116864&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=1776&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44777877%2C44759837%2C31072348%2C44779794&oid=2&psts=AD37Y7vpb-npXAVK2ZmOJ00Bx3uHhxKZwGW2Q4XQzigXGMcC0z6k63oGbK_QJ3TS3smDDIUnP-el5_j4kAt8%2CAD37Y7uTwM0IEVytyoKj8G3HGB_3bUKLRelxBMVWkk10UK_l_2szM9fxBBnzjEFcCPEtZ-e2O7FwSYqlAHom&pvsid=271215218793982&tmod=480944890&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=E6VldsSkG4&p=https%3A//www.scamfoo.com&dtd=9

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e41ae167d297f60ae0bf52f8cf9548b1d0d65e813945ea319c7397cfe430102

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scamfoo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 10015
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Feb 2023 18:15:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AFAF 73 KB
29 KB 558ms
558ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2303590238526826&output=html&h=280&adk=1282251284&adf=3758370479&pi=t.aa~a.2417213347~rp.4&w=938&fwrn=4&fwrnh=100&lmt=1677089734&rafmt=1&to=qs&pwprc=1521673879&format=938x280&url=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677089734960&bpp=1&bdt=2286&idt=1&shv=r20230216&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6e6481329ffb4785-224c1d62f8dc00f2%3AT%3D1677089733%3ART%3D1677089733%3AS%3DALNI_MaVKg2u9jZeMyporVRPEU2KTJF9jw&gpic=UID%3D00000bbae2df8668%3AT%3D1677089733%3ART%3D1677089733%3AS%3DALNI_MavvGqaBMjc9LdOwIXZ7KyV4RAHqw&prev_fmts=0x0%2C728x280%2C728x280%2C728x280%2C938x280&nras=3&correlator=8232058220225&frm=20&pv=1&ga_vid=880433619.1677089733&ga_sid=1677089734&ga_hid=1012116864&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=4008&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44777877%2C44759837%2C31072348%2C44779794&oid=2&psts=AD37Y7vpb-npXAVK2ZmOJ00Bx3uHhxKZwGW2Q4XQzigXGMcC0z6k63oGbK_QJ3TS3smDDIUnP-el5_j4kAt8%2CAD37Y7uTwM0IEVytyoKj8G3HGB_3bUKLRelxBMVWkk10UK_l_2szM9fxBBnzjEFcCPEtZ-e2O7FwSYqlAHom&pvsid=271215218793982&tmod=480944890&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=v8tOOG3rQU&p=https%3A//www.scamfoo.com&dtd=12

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d3271f77a12872116d3b86e6abbd4ed30e73045569d838e1bfa0ba5854183ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scamfoo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 29780
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Feb 2023 18:15:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 2C38 48 KB
48 KB 113ms
55ms Image
image/png 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=556&m=0&partner=1144&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F3018%2F190121%2F9a98aa01b7a0456da39698b324c26949_stardardcon.png&v=3&w=372&s=DDkK0odWF48xo8x8_zz73Suk

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

c4cca3667c38220c749975744351a573b280308d1f9662ebd407d7bc14a42a9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30468052
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 48778
expires: Sat, 10 Feb 2024 09:36:27 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 2C38 207 KB
207 KB 131ms
73ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=1144&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F1726%2F230220%2F1238f41f024c4cbca5678d592a2b6b00_img_square_1.jpg&v=3&w=1200&s=fpNsOzQy1Nulfqmlp2Aaq8PE

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

6e9d827bc7fbd23d9123edf8b6536480b8ef251eaccdb34bad0345eee10704f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30905298
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 211822
expires: Thu, 15 Feb 2024 11:03:53 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 2C38 7 KB
8 KB 91ms
34ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=1144&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.fr%2Fassets%2F1400x1960%2F0%2F19366523-HcsVtHFd.jpg&v=3&w=400&s=J9SlrmbmojrLbv1dccvrlChC&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

7ab53cfcdd636dbee30e773959c5bf27021917d2dc301b9f12661d6cc555ed5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=498063
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 7526
expires: Tue, 28 Feb 2023 12:36:38 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 2C38 0
128 B 64ms
20ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=MeRoN4Yd5qQbxLG0UdlOVKpSKFHOERTQpc1MietguK3eZ-pIMsIbxGn9EGGoqwQIs2Av80q6zHeUhYAh6zhejbNYJMPH-VZdAl8mYac59zOFd3dEqC-bff9e0tbteL17InRQpMRLa6BGHYsZktYBMfcBQcJW2_crjoR3ULiVqHEafWtNCsJtC_i1y0zO1C9gYGpLjfa1DjKRCFpLbYOhTblEypnBEpumQPkwlO8iZ-YNA1HASaKt73pzmss&sds=2&rev=84699&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 22 Feb 2023 18:15:34 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 2C38 2 KB
1 KB 559ms
559ms Image
image/svg+xml 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Feb 2024 18:15:35 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 2C38 2 KB
1 KB 671ms
671ms Image
image/svg+xml 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Feb 2024 18:15:35 GMT

GET
H3 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 8B4A 12 KB
5 KB 29ms
29ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 502051
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9hpY%2Bxu3OnL3TlWqq9SHH9G4W6WECn0rlCSeYkYwn3Vhw0YMKyk0jBLq6Hi6I9F50v9l3NnObRCR8HjTRCypJjxt4MW2GXSLkFlnmfPOtgSaXjenrq5HBT6w2E3VEnXInkSMe80DGO0lDWweYW7Np04t"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 79d9b53bee68f158-CDG
expires: Mon, 12 Feb 2024 18:15:35 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 8B4A 12 KB
6 KB 590ms
536ms Script
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Feb 2024 18:15:35 GMT

GET
H2 200 0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff
static.criteo.net/design/dt/ Frame 8B4A 38 KB
38 KB 1619ms
1252ms Font
application/octet-stream 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-97a8"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Feb 2024 18:15:35 GMT

GET
H2 200 ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff
static.criteo.net/design/dt/ Frame 8B4A 46 KB
46 KB 1658ms
1292ms Font
application/octet-stream 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-b778"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Feb 2024 18:15:35 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 8B4A 48 KB
48 KB 45ms
35ms Image
image/png 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

c4cca3667c38220c749975744351a573b280308d1f9662ebd407d7bc14a42a9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30468052
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 48778
expires: Sat, 10 Feb 2024 09:36:27 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 8B4A 207 KB
207 KB 86ms
77ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

6e9d827bc7fbd23d9123edf8b6536480b8ef251eaccdb34bad0345eee10704f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30905298
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 211822
expires: Thu, 15 Feb 2024 11:03:53 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 8B4A 7 KB
8 KB 58ms
48ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

7ab53cfcdd636dbee30e773959c5bf27021917d2dc301b9f12661d6cc555ed5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=498063
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 7526
expires: Tue, 28 Feb 2023 12:36:38 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 8B4A 20 KB
20 KB 89ms
82ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=1144&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.fr%2Fassets%2F1400x1960%2F0%2F19241706-v3W5eGq7.jpg&v=3&w=400&s=os28bdUeLHMTv32kuzecmdVn&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ca9016ba9d853943ed2c67e95d2bd046f0aabb13940d997872150e7598791136

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=220808
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 20190
expires: Sat, 25 Feb 2023 07:35:43 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 8B4A 8 KB
8 KB 67ms
61ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=1144&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.fr%2Fassets%2F1400x1960%2F1518613879%2F18044242-6vDQwvNS.jpg&v=3&w=400&s=5csAPsU-cTV6X6kdxj-mWavx&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

84fa6dbf7d8f2370e13e095c9e12e30842b1c299592ec7c0b704ce14682cf133

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=532823
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 7694
expires: Tue, 28 Feb 2023 22:15:58 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 8B4A 31 KB
32 KB 95ms
89ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=1144&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.fr%2Fassets%2F1400x1960%2F0%2F22227667-WkXWz2as.jpg&v=3&w=400&s=b03do-MuPJYcxq_ateYs_MKo&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

b4c7e5be9b57e70381a79f5afbf7f69e990072b90c89ad6ecfc0c18643050da9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=188851
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 32226
expires: Fri, 24 Feb 2023 22:43:06 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 8B4A 0
127 B 21ms
21ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=Dzi7N4Yd5qQbxLG0Wxmx47uHXsDqFoBk-my3aZfeWxZFByaK9y1Qe5FwLUdAWh9Thn10Y4D3CR9a3VGSH1sQwI3dMa1kvchpMsFMXgwAW9RwvI8PIE-_TgY8moJd8dpM09-2d05cZcSmoqY06Ywha2i4x-B1ftQLAU7OtwImMVpPK1H0-vOGlt3Wv2cwnMTJwyRK8PMrPy5vgjqRmculQBHYCGh1JeQc-P87LcfhDylXRb2gjc-ihM11KQU&sds=2&rev=84699&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 22 Feb 2023 18:15:34 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 8B4A 2 KB
1 KB 718ms
718ms Image
image/svg+xml 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Feb 2024 18:15:35 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 8B4A 2 KB
1 KB 712ms
712ms Image
image/svg+xml 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Feb 2024 18:15:35 GMT

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ 43 B
339 B 98ms
97ms Image
image/gif 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?imp=6htbaqt1lcch0i&experiment=network_default&variant=fallthrough&service=dynamic&area=top&product=embed&forum=scamfoo&zone=thread&version=9f2653a98c92ec14e69e9df2f8422e71&page_url=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F&page_referrer=&object_type=advertisement&provider=taboola&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&object_id=%5B184193%5D&section=default&verb=load&advertisement_id=184193&forum_id=4801840

Requested by

Host: www.scamfoo.com
URL: https://www.scamfoo.com/site/mybridger.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 18:15:35 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame 2344 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65129e24bea54b2b4d21a97daaf5352efe20e9b5771b8f7bbefffff07e78c63d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 0EFF 12 KB
5 KB 36ms
35ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 502051
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qpTBwjedZ8lXoJ8e%2Fx6k3olmivtM3eAGd8nZx9Or%2BXooaG09ch6gI8Kk9b1yFpNkqC3R5R9bVYr5JXlf4crwpqeYCrnNlm2s8Oqp3wU8AyC%2BH7b8O8aCwVb7DpFV1bmZEHZo9mU3nPM3QrZKVXmUjip%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 79d9b53cb814f158-CDG
expires: Mon, 12 Feb 2024 18:15:35 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 0EFF 12 KB
6 KB 557ms
556ms Script
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Feb 2024 18:15:35 GMT

GET
H2 200 0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff
static.criteo.net/design/dt/ Frame 0EFF 38 KB
38 KB 1261ms
1034ms Font
application/octet-stream 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-97a8"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Feb 2024 18:15:35 GMT

GET
H2 200 ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff
static.criteo.net/design/dt/ Frame 0EFF 46 KB
46 KB 1092ms
865ms Font
application/octet-stream 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-b778"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Feb 2024 18:15:35 GMT

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ 43 B
339 B 98ms
97ms Image
image/gif 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?imp=6htbaqt1lcch0i&experiment=network_default&variant=fallthrough&service=dynamic&area=bottom&product=embed&forum=scamfoo&zone=thread&version=9f2653a98c92ec14e69e9df2f8422e71&page_url=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F&page_referrer=&object_type=advertisement&provider=taboola&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&object_id=%5B184193%5D&section=default&verb=load&advertisement_id=184193&forum_id=4801840

Requested by

Host: www.scamfoo.com
URL: https://www.scamfoo.com/site/mybridger.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 18:15:35 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 0EFF 48 KB
48 KB 21ms
20ms Image
image/png 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

c4cca3667c38220c749975744351a573b280308d1f9662ebd407d7bc14a42a9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30468052
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 48778
expires: Sat, 10 Feb 2024 09:36:27 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 0EFF 207 KB
207 KB 24ms
23ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

6e9d827bc7fbd23d9123edf8b6536480b8ef251eaccdb34bad0345eee10704f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30905298
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 211822
expires: Thu, 15 Feb 2024 11:03:53 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 0EFF 20 KB
20 KB 22ms
22ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ca9016ba9d853943ed2c67e95d2bd046f0aabb13940d997872150e7598791136

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=220808
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 20190
expires: Sat, 25 Feb 2023 07:35:43 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 0EFF 354 B
618 B 27ms
26ms Image
image/png 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=400&m=0&partner=1144&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fbonprix%2Fstarrating%2Fstar_4.png&v=3&w=400&s=mlh_ElNsgU2iaaAyaNK9VM5I

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

193952b59c9a975154471a0ce405acdc8c3f6fa17b2414e818c14cee77f1d460

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30468142
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 354
expires: Sat, 10 Feb 2024 09:37:57 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 0EFF 0
127 B 23ms
22ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=48MZ9IYd5qQbxLG0MdWAnxfixcgZBHgbn0tTfQVnbjfi4m5jTqt20-h_srN39qwPxpwNTuSYchAVPYXQG9CNM6JuqbdH1RobTYA4V2npm5DohPp6Tnt6ruiPU_zaQj60SZC6jxA0N7KzhtXKfk33FTmOd4-ABY6l4E7XafNWKYTxo-1sSSLgmA3B9rLF_8v-cmpccyH1moYN_icwLHymeun0NKVW53rOqcxjFE0BgMJEALBMcoKKdjbozt8O2rpl3FYr4A&sds=2&rev=84699&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 22 Feb 2023 18:15:34 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 0EFF 2 KB
1 KB 447ms
447ms Image
image/svg+xml 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Feb 2024 18:15:35 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 0EFF 2 KB
1 KB 491ms
491ms Image
image/svg+xml 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Feb 2024 18:15:35 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 8B4A 48 KB
48 KB 21ms
20ms Image
image/png 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

c4cca3667c38220c749975744351a573b280308d1f9662ebd407d7bc14a42a9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30468052
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 48778
expires: Sat, 10 Feb 2024 09:36:27 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/ Frame C8CF 10 KB
4 KB 26ms
26ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scamfoo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 79673
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Feb 2023 20:07:42 GMT
etag: 10353107486223812946
expires: Tue, 07 Mar 2023 20:07:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/ Frame DFA7 10 KB
4 KB 30ms
26ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scamfoo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 79673
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Feb 2023 20:07:42 GMT
etag: 10353107486223812946
expires: Tue, 07 Mar 2023 20:07:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/ Frame 5676 10 KB
4 KB 30ms
29ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scamfoo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 79673
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Feb 2023 20:07:42 GMT
etag: 10353107486223812946
expires: Tue, 07 Mar 2023 20:07:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/ Frame 0E69 10 KB
4 KB 29ms
28ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scamfoo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 79673
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Feb 2023 20:07:42 GMT
etag: 10353107486223812946
expires: Tue, 07 Mar 2023 20:07:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 2C38 48 KB
48 KB 24ms
20ms Image
image/png 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

c4cca3667c38220c749975744351a573b280308d1f9662ebd407d7bc14a42a9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30468052
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 48778
expires: Sat, 10 Feb 2024 09:36:27 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 2C38 207 KB
207 KB 25ms
21ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

6e9d827bc7fbd23d9123edf8b6536480b8ef251eaccdb34bad0345eee10704f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30905298
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 211822
expires: Thu, 15 Feb 2024 11:03:53 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 8B4A 207 KB
207 KB 25ms
24ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

6e9d827bc7fbd23d9123edf8b6536480b8ef251eaccdb34bad0345eee10704f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30905298
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 211822
expires: Thu, 15 Feb 2024 11:03:53 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 8B4A 20 KB
20 KB 22ms
22ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ca9016ba9d853943ed2c67e95d2bd046f0aabb13940d997872150e7598791136

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=220808
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 20190
expires: Sat, 25 Feb 2023 07:35:43 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame C8CF 4 KB
636 B 68ms
67ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 22 Feb 2023 18:15:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 22 Feb 2023 16:52:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Feb 2023 18:15:35 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C8CF 205 B
294 B 146ms
45ms Image
image/png 2a00:1450:400d:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 17:39:16 GMT
x-content-type-options: nosniff
age: 2179
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 22 Feb 2024 17:39:16 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C8CF 604 B
918 B 145ms
44ms Image
image/png 2a00:1450:400d:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:00:40 GMT
x-content-type-options: nosniff
age: 895
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 22 Feb 2024 18:00:40 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230216/r20110914/elements/html/ Frame C8CF 19 KB
8 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230216/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e14ff3e75a1030bfcc4f49ce62a2036c3f239b81339024d1745b581ca4e76b35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 02:55:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55207
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8251
x-xss-protection: 0
server: cafe
etag: 12882883664474914621
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Mar 2023 02:55:28 GMT

GET
H2 200 030db783cd93f01ccad1528166361a91.js Show response
www.gstatic.com/mysidia/ Frame DFA7 9 KB
5 KB 137ms
39ms Script
text/javascript 2a00:1450:400d:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/030db783cd93f01ccad1528166361a91.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3deda25f1d4dacb2dcb6291e32e305b3390f6225a657f45ce798101dcfcb9865

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 00:53:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 580950
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4099
x-xss-protection: 0
last-modified: Wed, 15 Feb 2023 00:53:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 17 May 2023 00:53:05 GMT

GET
H2 200 e87dfde068666f2a4f45f2cf8d9866f9.js Show response
www.gstatic.com/mysidia/ Frame DFA7 10 KB
4 KB 139ms
42ms Script
text/javascript 2a00:1450:400d:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e87dfde068666f2a4f45f2cf8d9866f9.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e0fe839dbaeea0ad5f7f386e4246dfd27eb9e9408d39bd78a5b240eaff3bc80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 09:30:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31520
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4350
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 03:30:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 23 May 2023 09:30:15 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame DFA7 8 KB
895 B 66ms
65ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 22 Feb 2023 18:15:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 22 Feb 2023 17:30:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Feb 2023 18:15:35 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230216/r20110914/client/ Frame DFA7 2 KB
765 B 30ms
27ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230216/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 12:22:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21184
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Mar 2023 12:22:31 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230216/r20110914/ Frame DFA7 22 KB
9 KB 31ms
28ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230216/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 12:22:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21184
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8814
x-xss-protection: 0
server: cafe
etag: 11378319237421819138
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Mar 2023 12:22:31 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230216/r20110914/client/ Frame DFA7 3 KB
1 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230216/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:05:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 599
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Mar 2023 18:05:36 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230216/r20110914/client/ Frame DFA7 20 KB
8 KB 39ms
37ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230216/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 12:22:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21184
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Mar 2023 12:22:31 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DFA7 157 KB
48 KB 47ms
45ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6908a17080533cc597c4b17bd876ce02ba3c2aeaec4bb9763571dd31b98162c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49018
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1676996822105882"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 22 Feb 2023 18:15:35 GMT

GET
H2 200 ed8ae2896763956dad3710d8730c1299.js Show response
www.gstatic.com/mysidia/ Frame DFA7 33 KB
14 KB 140ms
46ms Script
text/javascript 2a00:1450:400d:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ed8ae2896763956dad3710d8730c1299.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9282b885825f1f265eb093acf11379fc90dd4e156588a02790c1515822e79858

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 19:00:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 515704
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14007
x-xss-protection: 0
last-modified: Wed, 15 Feb 2023 00:53:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 17 May 2023 19:00:31 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame D18F 150 KB
50 KB 96ms
81ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_ZbxQAJVVkEf4lsAAMoXEzPSeO8_Xqb-LkxSg&u=%7CVmn2Rt7oCW38LQDsaL0071vTnRwJNwbWp7OlAsrJV%2FU%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9QtxaN2yFPYz7E27bdan5Oj7k42CU8oFGZHTaUmqAemxOBSpoOgQyLw66gecPY-rhZAeTFhBSx2tENI0sDDS18Gsovo8aLnMV7qfQ4bLn1mu-_4ZNC_J4totCRilsRqYzyNAQ9giD3b-vhz4KFVUlGEd4NirF16L3JdUoVtNR57UBJh-sVMJMbnUjQoP_2qGwPeDom491WsigmYmRf3VmP9YOYDA83yqahhyUUwOubvPc9cDdv04GRV7IOxJCTo2ueXOMRt6MxzvEHJr2IFOSES4gZYTEcY0wu5FeklDakCqIPKm4SiYc1V69lCiUvmd1prGH3z2HsB81wp9NBnsYGAXy2WCVDFTliM8ia-8O7SXanrZobwNxrNyfcOVB2U0PKFCIj-7-1DhjzLTu5BXJS6ByVJK7mtNvD8MPnye2B3IPI2vhiVzgZZKdstauoeGFZyc1fUdNJ1UGKzp6yH-IIhPD4EDJuFdes62w-BzT7LZlKqTkJNGRzdigv0-GZ1OsZCM5_iG7yX3qcS7J0bSBaFSWFprrEAObptz9FbW_t9XGjvIN9Ha3pmaXtZrSokMr2ms6vw84nqCO12yUf9jeA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkPszxVv2Y9mqJeyS_tMP3NCMwA7JntKxXNWdkfdwwI23ARABIABg-wGCARdjYS1wdWItMjMwMzU5MDIzODUyNjgyNsgBCakCda6mCKjXsT6oAwGqBNUBT9ARj03owM3SmPxeHJdqpmlrZ988BExmgJPq5PcpPtxMFtpVS78WcRLUVTGrnO40PmddlYpkyFq29nNRAyNS9I1TLMrx3DOn1WYVDP4OHxsfrAO0RLyZ_mXANDgwCxTAsw01MhEKP33Pe7vImQ2CN5Cvgcp9m5BVxo4ZC-TUbOMAbV2fsGWPjAViiU9Ds3HA8yAdZx5P3q4GMb-wXo1csBcV7uPrj_LYgCj6SD_qKW8fDNbkUDpfjYGoT6dnyOzg7x5u2z2iRraxw0-5aF_EnesYQMXPgAb-wcKCuN-mjagBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1twrFj7eBR2An1Wi83SENvHLUr6A%26client%3Dca-pub-2303590238526826%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

adcd95dd49427458eaf132f51bbd6325a82a23f7c08e0a994885b49d7ea2d0e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 22 Feb 2023 18:15:35 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=YOz72oYd5qQbxLG0RxJZT2jZS2zwB--gfi80koRzllNbWFHOBJdUtXxAqB85xQjwv09LZCQ2QryScEttbIGKWxRDSO_67rl3ZScTz8sda_nHpdGaJMKuY4ZLdjwZPppY-ArVjE63TbsdDJEUXLkdaZfbQt4Q20kVl9LrgZOXaeJWAL89iVlO2rUEofeLwUppZCIbFoYK2uKl0NvqmmaBONX0GkRHwwkq1Y0oonUKNIY5bx8cMj0KGYK07b6uWvG6UergDg"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 53414057
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230216/r20110914/client/ Frame 5676 3 KB
1 KB 35ms
32ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230216/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:05:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 599
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Mar 2023 18:05:36 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230216/r20110914/client/ Frame 5676 20 KB
8 KB 37ms
33ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230216/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 12:22:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21184
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Mar 2023 12:22:31 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5676 157 KB
48 KB 77ms
73ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6908a17080533cc597c4b17bd876ce02ba3c2aeaec4bb9763571dd31b98162c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49018
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1676996822105882"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 22 Feb 2023 18:15:35 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230216/r20110914/ Frame 0E69 22 KB
9 KB 37ms
33ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230216/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 12:22:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21184
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8814
x-xss-protection: 0
server: cafe
etag: 11378319237421819138
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Mar 2023 12:22:31 GMT

GET
H3 200 16855518304963360577
tpc.googlesyndication.com/daca_images/simgad/ Frame 0E69 32 KB
32 KB 61ms
57ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/16855518304963360577

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54376e76a46c45c731d315ff1cb6c048e33d36ba907f567b8364d7835ff04571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 16:03:46 GMT
x-content-type-options: nosniff
age: 526309
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32971
x-xss-protection: 0
last-modified: Sun, 29 Jan 2023 10:16:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 16 Feb 2024 16:03:46 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230216/r20110914/client/ Frame 0E69 3 KB
1 KB 55ms
51ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230216/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:05:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 599
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Mar 2023 18:05:36 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230216/r20110914/client/ Frame 0E69 20 KB
8 KB 52ms
48ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230216/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 12:22:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21184
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Mar 2023 12:22:31 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0E69 157 KB
48 KB 91ms
88ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6908a17080533cc597c4b17bd876ce02ba3c2aeaec4bb9763571dd31b98162c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49018
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1676996822105882"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 22 Feb 2023 18:15:35 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230216/r20110914/client/ Frame 0E69 33 KB
13 KB 58ms
55ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230216/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea488b4ce9e192ce45a4da3bccae3141a3b7ded30dccc39c09923c3b0dbf6105

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 12:22:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21184
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13432
x-xss-protection: 0
server: cafe
etag: 14260516833774306430
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Mar 2023 12:22:31 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 2FC7 8 KB
895 B 66ms
66ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 22 Feb 2023 18:15:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 22 Feb 2023 16:39:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Feb 2023 18:15:35 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230216/r20110914/client/ Frame 2FC7 2 KB
765 B 28ms
28ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230216/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 12:22:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21184
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Mar 2023 12:22:31 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230216/r20110914/ Frame 2FC7 22 KB
9 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230216/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 12:22:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21184
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8814
x-xss-protection: 0
server: cafe
etag: 11378319237421819138
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Mar 2023 12:22:31 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230216/r20110914/client/ Frame 2FC7 3 KB
1 KB 28ms
26ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230216/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:05:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 599
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Mar 2023 18:05:36 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230216/r20110914/client/ Frame 2FC7 20 KB
8 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230216/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 12:22:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21184
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Mar 2023 12:22:31 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2FC7 157 KB
48 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6908a17080533cc597c4b17bd876ce02ba3c2aeaec4bb9763571dd31b98162c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49018
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1676996822105882"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 22 Feb 2023 18:15:35 GMT

GET
H2 200 ed8ae2896763956dad3710d8730c1299.js Show response
www.gstatic.com/mysidia/ Frame 2FC7 33 KB
14 KB 69ms
68ms Script
text/javascript 2a00:1450:400d:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ed8ae2896763956dad3710d8730c1299.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9282b885825f1f265eb093acf11379fc90dd4e156588a02790c1515822e79858

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 19:00:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 515704
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14007
x-xss-protection: 0
last-modified: Wed, 15 Feb 2023 00:53:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 17 May 2023 19:00:31 GMT

GET
H3 200 141513201450354983
tpc.googlesyndication.com/daca_images/simgad/ Frame AFAF 116 KB
116 KB 34ms
31ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/141513201450354983

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2303590238526826&output=html&h=280&adk=1282251284&adf=3758370479&pi=t.aa~a.2417213347~rp.4&w=938&fwrn=4&fwrnh=100&lmt=1677089734&rafmt=1&to=qs&pwprc=1521673879&format=938x280&url=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677089734960&bpp=1&bdt=2286&idt=1&shv=r20230216&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6e6481329ffb4785-224c1d62f8dc00f2%3AT%3D1677089733%3ART%3D1677089733%3AS%3DALNI_MaVKg2u9jZeMyporVRPEU2KTJF9jw&gpic=UID%3D00000bbae2df8668%3AT%3D1677089733%3ART%3D1677089733%3AS%3DALNI_MavvGqaBMjc9LdOwIXZ7KyV4RAHqw&prev_fmts=0x0%2C728x280%2C728x280%2C728x280%2C938x280&nras=3&correlator=8232058220225&frm=20&pv=1&ga_vid=880433619.1677089733&ga_sid=1677089734&ga_hid=1012116864&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=4008&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44777877%2C44759837%2C31072348%2C44779794&oid=2&psts=AD37Y7vpb-npXAVK2ZmOJ00Bx3uHhxKZwGW2Q4XQzigXGMcC0z6k63oGbK_QJ3TS3smDDIUnP-el5_j4kAt8%2CAD37Y7uTwM0IEVytyoKj8G3HGB_3bUKLRelxBMVWkk10UK_l_2szM9fxBBnzjEFcCPEtZ-e2O7FwSYqlAHom&pvsid=271215218793982&tmod=480944890&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=v8tOOG3rQU&p=https%3A//www.scamfoo.com&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea0aa0abedfaf5dc7abf2277d6045920f477d5c7bce22849466b7320a7ef16e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 14:06:08 GMT
x-content-type-options: nosniff
age: 533367
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 118937
x-xss-protection: 0
last-modified: Fri, 03 Feb 2023 08:10:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 16 Feb 2024 14:06:08 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230216/r20110914/ Frame AFAF 22 KB
9 KB 29ms
26ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230216/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 12:22:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21184
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8814
x-xss-protection: 0
server: cafe
etag: 11378319237421819138
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Mar 2023 12:22:31 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230216/r20110914/client/ Frame AFAF 3 KB
1 KB 37ms
29ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230216/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:05:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 599
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Mar 2023 18:05:36 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230216/r20110914/client/ Frame AFAF 20 KB
8 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230216/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 12:22:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21184
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Mar 2023 12:22:31 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame AFAF 0
0 70ms
60ms Image
text/html 2a00:1450:400d:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQuDc7d3Ldf6-UoU1sdCclMnLp8TQsND666WYBVjE6tGmZ9bZVWbQ1lsHQwgX6RvB01yOMO
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2303590238526826&output=html&h=280&adk=1282251284&adf=3758370479&pi=t.aa~a.2417213347~rp.4&w=938&fwrn=4&fwrnh=100&lmt=1677089734&rafmt=1&to=qs&pwprc=1521673879&format=938x280&url=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677089734960&bpp=1&bdt=2286&idt=1&shv=r20230216&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6e6481329ffb4785-224c1d62f8dc00f2%3AT%3D1677089733%3ART%3D1677089733%3AS%3DALNI_MaVKg2u9jZeMyporVRPEU2KTJF9jw&gpic=UID%3D00000bbae2df8668%3AT%3D1677089733%3ART%3D1677089733%3AS%3DALNI_MavvGqaBMjc9LdOwIXZ7KyV4RAHqw&prev_fmts=0x0%2C728x280%2C728x280%2C728x280%2C938x280&nras=3&correlator=8232058220225&frm=20&pv=1&ga_vid=880433619.1677089733&ga_sid=1677089734&ga_hid=1012116864&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=4008&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44777877%2C44759837%2C31072348%2C44779794&oid=2&psts=AD37Y7vpb-npXAVK2ZmOJ00Bx3uHhxKZwGW2Q4XQzigXGMcC0z6k63oGbK_QJ3TS3smDDIUnP-el5_j4kAt8%2CAD37Y7uTwM0IEVytyoKj8G3HGB_3bUKLRelxBMVWkk10UK_l_2szM9fxBBnzjEFcCPEtZ-e2O7FwSYqlAHom&pvsid=271215218793982&tmod=480944890&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=v8tOOG3rQU&p=https%3A//www.scamfoo.com&dtd=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AFAF 157 KB
48 KB 51ms
47ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6908a17080533cc597c4b17bd876ce02ba3c2aeaec4bb9763571dd31b98162c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49018
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1676996822105882"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 22 Feb 2023 18:15:35 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230216/r20110914/client/ Frame AFAF 33 KB
13 KB 37ms
31ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230216/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea488b4ce9e192ce45a4da3bccae3141a3b7ded30dccc39c09923c3b0dbf6105

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 12:22:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21184
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13432
x-xss-protection: 0
server: cafe
etag: 14260516833774306430
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Mar 2023 12:22:31 GMT

GET
H2 200 st Show response
imprammp.taboola.com/ Frame B9B3 737 B
572 B 48ms
36ms Document
text/html 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7ZxMCFgOmyueWjOy3swSmyueWjOy3swUAAAAGBuIHJGLxmEbD3WotGi03a9FquXFLXMOJWzGauWzGkW2yGDmMQCIWj2k03K3WotFysxatlhu3xDWcuBWjmctmHNkmi5HDDStoOh0-171e9_vdNR-H2-b32zV-t1_zNL38aufF8jT5XJa7xu_2ywEAAADg4f___x8CAAAAIAIAAABAAgAAAIAioOLfQuACAAAAAOP___9fAyCJowAelqfnHwAAAAAgAAAAACQAA25NJQAlhpUn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAHEMHZqqofn71n0QFx0WMAAAAALi8qSOOJnVCZVH1___fbwVwBQAQYKhn5decpTso8RYGAAAgIJYUGFPbsAv7OLZAD4vfb3bYNX63y_7_________zf7P_tGEhuBI04AqhB_VfgEBANZ-AQEA2NQNAOAtAC7kMNB0Onyue73u97trPg63ze-3a_xuv-gIWjEYrC4gZgcAAABw9____4-XFBhT27AL-6gHYibnxLEYrnbL1Wa2HC6cq8lmsBu5lruNxTNY-LYHD7mV4xp5d-43YYvRajLZLIez5WIyGI6Go9H-BmIxGOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEKVo0mKxGo8liMlyNJqvZcrHbbZCiVavZaDMYrmaT2W63Gg6Gy9EIJ2wxWk0mm-VwtlxMBsPRcDQaIkx5PMuJZTdY6za-3Vq03DjWEpdjtJZZTJuRYzMYLoyjtej1MT1cNpdjNNuiYADLXiRPi3QiWTlHnpVnuNuYZhabY7ebuWaGjW03XM2Wo-XCMxFLNCeLdCK77Gsm58SxGK52y9VmthwunKvJZrAbuZa7jcUzWPj2LY9nObHsBmvdxrdbi5Ybx1ricozWMotpM3JsBsOFcbQWvT6mh8vmcoxm-8ZstxsMl7vNaN-Y7XaD4XK3Ge07TKZn6nM2CjdroUclMScjM93NYVC4DBbvU7W6GLujg7fkPDpV2rKyszP6_X6_3-_3-_1-v0HrOZgNCt-1GxObM7e-9HeaGMQGgyKWCC7Sicjpebw-b83H4bb5_RaxRGm6SCd6zdP08qudF8vT5HNZ7hq_2yKWCE4X6UT0Mp4u6j825GQumUzmksVkrtitEgAAAAAAAADAEubMmwAAAACcBjIZDUerdR7IaLWcDFfLBZjYL9EFBgEAAAAAAChu_NiBnJ7H6_PWfBxum99vZYAHp0XmzZ8JYq1WyxoAAEAAGwAAIIBbN--BJNEo_v___z8OAABARo4eAABAfB8AAAAAAAAAgL8gBpvZbg!&cmcv=&pix=undefined&cb=1677089735591&uv=3256&tms=1677089735591&abt=dpa_vA!esv_vC!ufm&ru=https://www.scamfoo.com/site/mybridger.com/&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=bbc44875-4493-459c-b58b-14fef8d621da&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.8/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f02d549c3e04546ab27e01a989a0d0d1cbe9614444bd656938402782b22033b7

Request headers

Referer: https://www.scamfoo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Wed, 22 Feb 2023 18:15:35 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-cdg20773-CDG
x-timer: S1677089736.616351,VS0,VE11

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 46BF 546 B
640 B 348ms
34ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V7ZxMCFgOmyueWjOy3swSmyueWjOy3swUAAAAGBuIHJGLxmEbD3WotGi03a9FquXFLXMOJWzGauWzGkW2yGDmMQCIWj2k03K3WotFysxatlhu3xDWcuBWjmctmHNkmi5HDDStoOh0-171e9_vdNR-H2-b32zV-t1_zNL38aufF8jT5XJa7xu_2ywEAAADg4f___x8CAAAAIAIAAABAAgAAAIAioOLfQuACAAAAAOP___9fAyCJowAelqfnHwAAAAAgAAAAACQAA25NJQAlhpUn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAHEMHZqqofn71n0QFx0WMAAAAALi8qSOOJnVCZVH1___fbwVwBQAQYKhn5decpTso8RYGAAAgIJYUGFPbsAv7OLZAD4vfb3bYNX63y_7_________zf7P_tGEhuBI04AqhB_VfgEBANZ-AQEA2NQNAOAtAC7kMNB0Onyue73u97trPg63ze-3a_xuv-gIWjEYrC4gZgcAAABw9____4-XFBhT27AL-6gHYibnxLEYrnbL1Wa2HC6cq8lmsBu5lruNxTNY-LYHD7mV4xp5d-43YYvRajLZLIez5WIyGI6Go9H-BmIxGOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEKVo0mKxGo8liMlyNJqvZcrHbbZCiVavZaDMYrmaT2W63Gg6Gy9EIJ2wxWk0mm-VwtlxMBsPRcDQaIkx5PMuJZTdY6za-3Vq03DjWEpdjtJZZTJuRYzMYLoyjtej1MT1cNpdjNNuiYADLXiRPi3QiWTlHnpVnuNuYZhabY7ebuWaGjW03XM2Wo-XCMxFLNCeLdCK77Gsm58SxGK52y9VmthwunKvJZrAbuZa7jcUzWPj2LY9nObHsBmvdxrdbi5Ybx1ricozWMotpM3JsBsOFcbQWvT6mh8vmcoxm-8ZstxsMl7vNaN-Y7XaD4XK3Ge07TKZn6nM2CjdroUclMScjM93NYVC4DBbvU7W6GLujg7fkPDpV2rKyszP6_X6_3-_3-_1-v0HrOZgNCt-1GxObM7e-9HeaGMQGgyKWCC7Sicjpebw-b83H4bb5_RaxRGm6SCd6zdP08qudF8vT5HNZ7hq_2yKWCE4X6UT0Mp4u6j825GQumUzmksVkrtitEgAAAAAAAADAEubMmwAAAACcBjIZDUerdR7IaLWcDFfLBZjYL9EFBgEAAAAAAChu_NiBnJ7H6_PWfBxum99vZYAHp0XmzZ8JYq1WyxoAAEAAGwAAIIBbN--BJNEo_v___z8OAABARo4eAABAfB8AAAAAAAAAgL8gBpvZbg!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.8/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 595a9899c05532f7feb4efece8c92b9f2cd9fa71212cd876a803aa369ace46fb

Request headers

Referer: https://www.scamfoo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Wed, 22 Feb 2023 18:15:35 GMT
machineid: 3408
server: nginx

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ Frame 9D4A 1 KB
709 B 70ms
63ms XHR
application/json 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1677089735601&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1505&pt=-1551788584&tz=0&viewable=true&ddast=V7ZxMCFgOmyueWjOy3swSmyueWjOy3swUAAAAGBuIHJGLxmEbD3WotGi03a9FquXFLXMOJWzGauWzGkW2yGDmMQCIWj2k03K3WotFysxatlhu3xDWcuBWjmctmHNkmi5HDDStoOh0-171e9_vdNR-H2-b32zV-t1_zNL38aufF8jT5XJa7xu_2ywEAAADg4f___x8CAAAAIAIAAABAAgAAAIAioOLfQuACAAAAAOP___9fAyCJowAelqfnHwAAAAAgAAAAACQAA25NJQAlhpUn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAHEMHZqqofn71n0QFx0WMAAAAALi8qSOOJnVCZVH1___fbwVwBQAQYKhn5decpTso8RYGAAAgIJYUGFPbsAv7OLZAD4vfb3bYNX63y_7_________zf7P_tGEhuBI04AqhB_VfgEBANZ-AQEA2NQNAOAtAC7kMNB0Onyue73u97trPg63ze-3a_xuv-gIWjEYrC4gZgcAAABw9____4-XFBhT27AL-6gHYibnxLEYrnbL1Wa2HC6cq8lmsBu5lruNxTNY-LYHD7mV4xp5d-43YYvRajLZLIez5WIyGI6Go9H-BmIxGOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEKVo0mKxGo8liMlyNJqvZcrHbbZCiVavZaDMYrmaT2W63Gg6Gy9EIJ2wxWk0mm-VwtlxMBsPRcDQaIkx5PMuJZTdY6za-3Vq03DjWEpdjtJZZTJuRYzMYLoyjtej1MT1cNpdjNNuiYADLXiRPi3QiWTlHnpVnuNuYZhabY7ebuWaGjW03XM2Wo-XCMxFLNCeLdCK77Gsm58SxGK52y9VmthwunKvJZrAbuZa7jcUzWPj2LY9nObHsBmvdxrdbi5Ybx1ricozWMotpM3JsBsOFcbQWvT6mh8vmcoxm-8ZstxsMl7vNaN-Y7XaD4XK3Ge07TKZn6nM2CjdroUclMScjM93NYVC4DBbvU7W6GLujg7fkPDpV2rKyszP6_X6_3-_3-_1-v0HrOZgNCt-1GxObM7e-9HeaGMQGgyKWCC7Sicjpebw-b83H4bb5_RaxRGm6SCd6zdP08qudF8vT5HNZ7hq_2yKWCE4X6UT0Mp4u6j825GQumUzmksVkrtitEgAAAAAAAADAEubMmwAAAACcBjIZDUerdR7IaLWcDFfLBZjYL9EFBgEAAAAAAChu_NiBnJ7H6_PWfBxum99vZYAHp0XmzZ8JYq1WyxoAAEAAGwAAIIBbN--BJNEo_v___z8OAABARo4eAABAfB8AAAAAAAAAgL8gBpvZbg!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=1&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2459285&dpubid=224845&abtst=dpa_vA!esv_vC!ufm&mPre=0.033&cirf=https%3A%2F%2Fwww.scamfoo.com&en=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.8/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 075cee321d3d65bcfd7b9baa7bd3dd7022af3f9c639f7055663d716b785852f0

Request headers

Referer: https://www.scamfoo.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Wed, 22 Feb 2023 18:15:35 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1438
x-cache: MISS
x-served-by: cache-cdg20773-CDG
pragma: no-cache
server: nginx
x-timer: S1677089736.619518,VS0,VE43
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.scamfoo.com
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 st
am-vid-events.taboola.com/ Frame 9D4A 0
43 B 305ms
21ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V7ZxMCFgOmyueWjOy3swSmyueWjOy3swUAAAAGBuIHJGLxmEbD3WotGi03a9FquXFLXMOJWzGauWzGkW2yGDmMQCIWj2k03K3WotFysxatlhu3xDWcuBWjmctmHNkmi5HDDStoOh0-171e9_vdNR-H2-b32zV-t1_zNL38aufF8jT5XJa7xu_2ywEAAADg4f___x8CAAAAIAIAAABAAgAAAIAioOLfQuACAAAAAOP___9fAyCJowAelqfnHwAAAAAgAAAAACQAA25NJQAlhpUn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAHEMHZqqofn71n0QFx0WMAAAAALi8qSOOJnVCZVH1___fbwVwBQAQYKhn5decpTso8RYGAAAgIJYUGFPbsAv7OLZAD4vfb3bYNX63y_7_________zf7P_tGEhuBI04AqhB_VfgEBANZ-AQEA2NQNAOAtAC7kMNB0Onyue73u97trPg63ze-3a_xuv-gIWjEYrC4gZgcAAABw9____4-XFBhT27AL-6gHYibnxLEYrnbL1Wa2HC6cq8lmsBu5lruNxTNY-LYHD7mV4xp5d-43YYvRajLZLIez5WIyGI6Go9H-BmIxGOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEKVo0mKxGo8liMlyNJqvZcrHbbZCiVavZaDMYrmaT2W63Gg6Gy9EIJ2wxWk0mm-VwtlxMBsPRcDQaIkx5PMuJZTdY6za-3Vq03DjWEpdjtJZZTJuRYzMYLoyjtej1MT1cNpdjNNuiYADLXiRPi3QiWTlHnpVnuNuYZhabY7ebuWaGjW03XM2Wo-XCMxFLNCeLdCK77Gsm58SxGK52y9VmthwunKvJZrAbuZa7jcUzWPj2LY9nObHsBmvdxrdbi5Ybx1ricozWMotpM3JsBsOFcbQWvT6mh8vmcoxm-8ZstxsMl7vNaN-Y7XaD4XK3Ge07TKZn6nM2CjdroUclMScjM93NYVC4DBbvU7W6GLujg7fkPDpV2rKyszP6_X6_3-_3-_1-v0HrOZgNCt-1GxObM7e-9HeaGMQGgyKWCC7Sicjpebw-b83H4bb5_RaxRGm6SCd6zdP08qudF8vT5HNZ7hq_2yKWCE4X6UT0Mp4u6j825GQumUzmksVkrtitEgAAAAAAAADAEubMmwAAAACcBjIZDUerdR7IaLWcDFfLBZjYL9EFBgEAAAAAAChu_NiBnJ7H6_PWfBxum99vZYAHp0XmzZ8JYq1WyxoAAEAAGwAAIIBbN--BJNEo_v___z8OAABARo4eAABAfB8AAAAAAAAAgL8gBpvZbg!&cmcv=&pix=31589837&cb=1677089735591&uv=3256&tms=1677089735591&abt=dpa_vA!esv_vC!ufm&ru=https://www.scamfoo.com/site/mybridger.com/&ft=1&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1677089733276.8!ts:1677089735590&mntl=1
Requested by: Host: www.scamfoo.com
URL: https://www.scamfoo.com/site/mybridger.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:35 GMT
content-length: 0
server: nginx

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame AFAF 0
0 77ms
71ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CDPsHx1v2Y5HRBJSziwOb1pSADp_u4_Nuh5fck5IR4dCJjYU1EAEgo5q7C2D7AaABgaGkuSjIAQKoAwHIA8kEqgTuAU_QRAcUaATyv7N5QsUN-91OanBMaqpnPwsNzH9RhjQjDzUpeDqM_yDrG3xv8-M2Q94SQIKJClx7knEdESFQ5DDP9RfgNKU0Q3js95uJ5pNid0ErDNCDApnhpWpoMqjAiCvxJC-TXyA65JY2KDoN5iiXeTYYetAOXuP7iOA9TfyxhtXcMwWVZNeETGgDVdel0jXm8M5dfCx7-UcwCXRJ6RdWVta63HpH2lTF7fCNdYPBFn4N6mXwQUQnLIBiQy-ESZdNi2rDlchHhkA4dawCTveFEM6GavvjHlR3uDIWs5KzHx6kW1HZzb-ivvGa8trABJ_mteybBJIFBAgEGAGSBQQIBRgEoAYCgAeB2fSYA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcDEOld0ggRCIDhgHAQARgfMgLrAjoCgECACgHICwHYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItMjMwMzU5MDIzODUyNjgyNhgA&sigh=8DoJAQchA4w&uach_m=[UACH]&cid=CAQSOwDUE5ymnhPUBvaBMsgoSQ2yj0sEYRSwsG7aUIrpialWu1pONLRm9Jlrp0IWvXDWVtvyT4grt5z_iiy1GAE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2303590238526826&output=html&h=280&adk=1282251284&adf=3758370479&pi=t.aa~a.2417213347~rp.4&w=938&fwrn=4&fwrnh=100&lmt=1677089734&rafmt=1&to=qs&pwprc=1521673879&format=938x280&url=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677089734960&bpp=1&bdt=2286&idt=1&shv=r20230216&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6e6481329ffb4785-224c1d62f8dc00f2%3AT%3D1677089733%3ART%3D1677089733%3AS%3DALNI_MaVKg2u9jZeMyporVRPEU2KTJF9jw&gpic=UID%3D00000bbae2df8668%3AT%3D1677089733%3ART%3D1677089733%3AS%3DALNI_MavvGqaBMjc9LdOwIXZ7KyV4RAHqw&prev_fmts=0x0%2C728x280%2C728x280%2C728x280%2C938x280&nras=3&correlator=8232058220225&frm=20&pv=1&ga_vid=880433619.1677089733&ga_sid=1677089734&ga_hid=1012116864&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=4008&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44777877%2C44759837%2C31072348%2C44779794&oid=2&psts=AD37Y7vpb-npXAVK2ZmOJ00Bx3uHhxKZwGW2Q4XQzigXGMcC0z6k63oGbK_QJ3TS3smDDIUnP-el5_j4kAt8%2CAD37Y7uTwM0IEVytyoKj8G3HGB_3bUKLRelxBMVWkk10UK_l_2szM9fxBBnzjEFcCPEtZ-e2O7FwSYqlAHom&pvsid=271215218793982&tmod=480944890&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=v8tOOG3rQU&p=https%3A//www.scamfoo.com&dtd=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 22 Feb 2023 18:15:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5FB9 143 B
166 B 29ms
26ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 1717
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Feb 2023 17:46:58 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame D18F 2 KB
1 KB 273ms
266ms Image
image/svg+xml 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_ZbxQAJVVkEf4lsAAMoXEzPSeO8_Xqb-LkxSg&u=%7CVmn2Rt7oCW38LQDsaL0071vTnRwJNwbWp7OlAsrJV%2FU%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9QtxaN2yFPYz7E27bdan5Oj7k42CU8oFGZHTaUmqAemxOBSpoOgQyLw66gecPY-rhZAeTFhBSx2tENI0sDDS18Gsovo8aLnMV7qfQ4bLn1mu-_4ZNC_J4totCRilsRqYzyNAQ9giD3b-vhz4KFVUlGEd4NirF16L3JdUoVtNR57UBJh-sVMJMbnUjQoP_2qGwPeDom491WsigmYmRf3VmP9YOYDA83yqahhyUUwOubvPc9cDdv04GRV7IOxJCTo2ueXOMRt6MxzvEHJr2IFOSES4gZYTEcY0wu5FeklDakCqIPKm4SiYc1V69lCiUvmd1prGH3z2HsB81wp9NBnsYGAXy2WCVDFTliM8ia-8O7SXanrZobwNxrNyfcOVB2U0PKFCIj-7-1DhjzLTu5BXJS6ByVJK7mtNvD8MPnye2B3IPI2vhiVzgZZKdstauoeGFZyc1fUdNJ1UGKzp6yH-IIhPD4EDJuFdes62w-BzT7LZlKqTkJNGRzdigv0-GZ1OsZCM5_iG7yX3qcS7J0bSBaFSWFprrEAObptz9FbW_t9XGjvIN9Ha3pmaXtZrSokMr2ms6vw84nqCO12yUf9jeA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkPszxVv2Y9mqJeyS_tMP3NCMwA7JntKxXNWdkfdwwI23ARABIABg-wGCARdjYS1wdWItMjMwMzU5MDIzODUyNjgyNsgBCakCda6mCKjXsT6oAwGqBNUBT9ARj03owM3SmPxeHJdqpmlrZ988BExmgJPq5PcpPtxMFtpVS78WcRLUVTGrnO40PmddlYpkyFq29nNRAyNS9I1TLMrx3DOn1WYVDP4OHxsfrAO0RLyZ_mXANDgwCxTAsw01MhEKP33Pe7vImQ2CN5Cvgcp9m5BVxo4ZC-TUbOMAbV2fsGWPjAViiU9Ds3HA8yAdZx5P3q4GMb-wXo1csBcV7uPrj_LYgCj6SD_qKW8fDNbkUDpfjYGoT6dnyOzg7x5u2z2iRraxw0-5aF_EnesYQMXPgAb-wcKCuN-mjagBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1twrFj7eBR2An1Wi83SENvHLUr6A%26client%3Dca-pub-2303590238526826%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Feb 2024 18:15:35 GMT

GET
H2 200 adchoices_fr.svg
static.criteo.net/flash/icon/ Frame D18F 2 KB
1 KB 280ms
273ms Image
image/svg+xml 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_fr.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

8bc40f263d0a1fbb8421a5fe91ccb4ab7eb23b9b4c12a16e09703cd336d7cbb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-75e"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Feb 2024 18:15:35 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame D18F 308 B
636 B 273ms
269ms Image
image/svg+xml 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 17 Feb 2024 18:15:35 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame D18F 293 B
621 B 274ms
270ms Image
image/svg+xml 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sat, 17 Feb 2024 18:15:35 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame D18F 43 B
347 B 29ms
25ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=5tZ7fjxqvNo0E12k2jvtwvGtB33RitSUnJo5i53YzYJYDtOEg2SA4lWOyp3npGg_notpirNEQPtO1-haCgKW4M-eYIhC_yp_baKJd5GS1E2UeK8RRcP8eKywLuWEpk7JT4bDtUeLSRdViBXtT6zxyrWNVVMBScsN8NbsGKltdz-ahodJZ2_odbvXKEvepNil6A4fD3ZuojpAvO8yWp1ivP4wwukgbBPfUUNHIXJxtBlfp0ZHFUj8FtYNbMBH1ZEI7YTQe4ZHa-lKhehUhmMpJGk_QP7heKe2B_9qQO0Cr0HZL7ZKLWqeIvOCG5lPZIxgzIfwhD1MqnpOshlDOcQqLYy3G5noAh63pvfSnDM3mVlIawkHslA_4eOXB01NKLLFbpZZ2L2IJNxw-KnKi_049bXYeeSbdVCtSFg_n9KJGJ19gEBp

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 18:15:34 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2011825
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A019 143 B
166 B 28ms
26ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 1717
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Feb 2023 17:46:58 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 st Show response
imprammp.taboola.com/ Frame B3D1 564 B
387 B 48ms
47ms Document
text/html 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V77YoCFgOsD8lGfQDXPASsD8lGfQDXPAUAAAAGBuIHJOGZ7JajyWitsawca9FkZlwrfKvNWrSxOBzOkcXhHC6MQBKeyW45mozWGsvKsRZNZsa1wrfarEUbi8PhHFkczuHCDStoOh0-171e9_vdNR-H2-b32zV-t1_zNL38aufF8jT5XJa7xu_2ywEAAADg4f___x8CAAAAIAIAAABAAgAAAIAioOLfQuACAAAAAOP___9fAyCJowAelqfnHwAAAAAgAAAAACQAA25NJQAlhpUn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAHENgh7TiJN5FC0QFeUWMAAAAALi8qSOOJnVCZVH1___fbwVwBQAQYKhn9QeVpTso8RYGAAAgIJYUGFPbsAv7OLZAD4vfb3bYNX63y_7_________zf7P_tGEhuBI04AqhB_VfgEBANZ-AQEA2NQNAOAtAC7kMNB0Onyue73u97trPg63ze-3a_xuv-gIWjEYrC4gZgcAAABw9____4-XFBhT27AL-6gHYqbFaGGYGAYb43Aym3gWHudqtty4RraVcWOxDba3nHPe-o_gneU3YYvRajLZLIez5WIyGI6Go9H-BmIxGOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEKVo0mKxGo8liMlyNJqvZcrHbbZCiVavZaDMYrmaT2W63Gg6Gy9EIJ2wxWk0mm-VwtlxMBsPRcDQaIkzZbAvjaDFYSwazyVo0WBnWyo3FtZZYjIOJZbgwLnzDtej1MT1cNpdjNNuiYADLXiRPi3QisYxGhtHGtliOdoOJb-HcjFamlW0yWkxWG9dsNhFLNCeLdCK77GumxWhhmBgGG-NwMpt4Fh7narbcuEa2lXFjsQ32LZttYRwtBmvJYDZZiwYrw1q5sbjWEotxMLEMF8aFb7gWvT6mh8vmcoxm-8ZstxsMl7vNaN-Y7XaD4XK3Ge07TKZn6nM2CjdroUclMScjM93NYVC4DBbvU7W6GLujg7fkPDpV2rKyszP6_X6_3-_3-_1-v0HrOZgNCt-1GxObM7e-9HeaGMQGgyKWCC7Sicjpebw-b83H4bb5_RaxRGm6SCd6zdP08qudF8vT5HNZ7hq_2yKWCE4X6UT0Mp4u6j825GQumUzmksVkrtitEgAAAAAAAADAEubMmwAAAACcBjIZDUerdR7IaLWcDFfLBZjYL9EFBgEAAAAAAChu_NiBnJ7H6_PWfBxum99vZYAHp0XmzZ8JYq1WyxoAAEAAGwAAIIBbN--BJNEo_v___z8OAABARo4eAABAfB8AAAAAAAAAgH-gVYMB!&cmcv=&pix=undefined&cb=1677089735697&uv=3257&tms=1677089735697&abt=ufm!ul3257_vA&ru=https://www.scamfoo.com/site/mybridger.com/&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=a3279424-c2e1-42f8-a753-4cbaa9dba98a&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.8/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a8565a0aa214e2ecf8ad9dba771e98012ce6303a370e05806269a1c220a0fd0b

Request headers

Referer: https://www.scamfoo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Wed, 22 Feb 2023 18:15:35 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-cdg20773-CDG
x-timer: S1677089736.708630,VS0,VE12

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 2D8A 738 B
823 B 238ms
33ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V77YoCFgOsD8lGfQDXPASsD8lGfQDXPAUAAAAGBuIHJOGZ7JajyWitsawca9FkZlwrfKvNWrSxOBzOkcXhHC6MQBKeyW45mozWGsvKsRZNZsa1wrfarEUbi8PhHFkczuHCDStoOh0-171e9_vdNR-H2-b32zV-t1_zNL38aufF8jT5XJa7xu_2ywEAAADg4f___x8CAAAAIAIAAABAAgAAAIAioOLfQuACAAAAAOP___9fAyCJowAelqfnHwAAAAAgAAAAACQAA25NJQAlhpUn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAHENgh7TiJN5FC0QFeUWMAAAAALi8qSOOJnVCZVH1___fbwVwBQAQYKhn9QeVpTso8RYGAAAgIJYUGFPbsAv7OLZAD4vfb3bYNX63y_7_________zf7P_tGEhuBI04AqhB_VfgEBANZ-AQEA2NQNAOAtAC7kMNB0Onyue73u97trPg63ze-3a_xuv-gIWjEYrC4gZgcAAABw9____4-XFBhT27AL-6gHYqbFaGGYGAYb43Aym3gWHudqtty4RraVcWOxDba3nHPe-o_gneU3YYvRajLZLIez5WIyGI6Go9H-BmIxGOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEKVo0mKxGo8liMlyNJqvZcrHbbZCiVavZaDMYrmaT2W63Gg6Gy9EIJ2wxWk0mm-VwtlxMBsPRcDQaIkzZbAvjaDFYSwazyVo0WBnWyo3FtZZYjIOJZbgwLnzDtej1MT1cNpdjNNuiYADLXiRPi3QisYxGhtHGtliOdoOJb-HcjFamlW0yWkxWG9dsNhFLNCeLdCK77GumxWhhmBgGG-NwMpt4Fh7narbcuEa2lXFjsQ32LZttYRwtBmvJYDZZiwYrw1q5sbjWEotxMLEMF8aFb7gWvT6mh8vmcoxm-8ZstxsMl7vNaN-Y7XaD4XK3Ge07TKZn6nM2CjdroUclMScjM93NYVC4DBbvU7W6GLujg7fkPDpV2rKyszP6_X6_3-_3-_1-v0HrOZgNCt-1GxObM7e-9HeaGMQGgyKWCC7Sicjpebw-b83H4bb5_RaxRGm6SCd6zdP08qudF8vT5HNZ7hq_2yKWCE4X6UT0Mp4u6j825GQumUzmksVkrtitEgAAAAAAAADAEubMmwAAAACcBjIZDUerdR7IaLWcDFfLBZjYL9EFBgEAAAAAAChu_NiBnJ7H6_PWfBxum99vZYAHp0XmzZ8JYq1WyxoAAEAAGwAAIIBbN--BJNEo_v___z8OAABARo4eAABAfB8AAAAAAAAAgH-gVYMB!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.8/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 84713e73b3cf1844f688b3c92369b5dccd2b31b175c8c1056d240c40761997df

Request headers

Referer: https://www.scamfoo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Wed, 22 Feb 2023 18:15:35 GMT
machineid: 3407
server: nginx

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ Frame E552 1 KB
561 B 93ms
91ms XHR
application/json 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1677089735703&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1505&pt=-1573525442&tz=0&viewable=true&ddast=V77YoCFgOsD8lGfQDXPASsD8lGfQDXPAUAAAAGBuIHJOGZ7JajyWitsawca9FkZlwrfKvNWrSxOBzOkcXhHC6MQBKeyW45mozWGsvKsRZNZsa1wrfarEUbi8PhHFkczuHCDStoOh0-171e9_vdNR-H2-b32zV-t1_zNL38aufF8jT5XJa7xu_2ywEAAADg4f___x8CAAAAIAIAAABAAgAAAIAioOLfQuACAAAAAOP___9fAyCJowAelqfnHwAAAAAgAAAAACQAA25NJQAlhpUn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAHENgh7TiJN5FC0QFeUWMAAAAALi8qSOOJnVCZVH1___fbwVwBQAQYKhn9QeVpTso8RYGAAAgIJYUGFPbsAv7OLZAD4vfb3bYNX63y_7_________zf7P_tGEhuBI04AqhB_VfgEBANZ-AQEA2NQNAOAtAC7kMNB0Onyue73u97trPg63ze-3a_xuv-gIWjEYrC4gZgcAAABw9____4-XFBhT27AL-6gHYqbFaGGYGAYb43Aym3gWHudqtty4RraVcWOxDba3nHPe-o_gneU3YYvRajLZLIez5WIyGI6Go9H-BmIxGOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEKVo0mKxGo8liMlyNJqvZcrHbbZCiVavZaDMYrmaT2W63Gg6Gy9EIJ2wxWk0mm-VwtlxMBsPRcDQaIkzZbAvjaDFYSwazyVo0WBnWyo3FtZZYjIOJZbgwLnzDtej1MT1cNpdjNNuiYADLXiRPi3QisYxGhtHGtliOdoOJb-HcjFamlW0yWkxWG9dsNhFLNCeLdCK77GumxWhhmBgGG-NwMpt4Fh7narbcuEa2lXFjsQ32LZttYRwtBmvJYDZZiwYrw1q5sbjWEotxMLEMF8aFb7gWvT6mh8vmcoxm-8ZstxsMl7vNaN-Y7XaD4XK3Ge07TKZn6nM2CjdroUclMScjM93NYVC4DBbvU7W6GLujg7fkPDpV2rKyszP6_X6_3-_3-_1-v0HrOZgNCt-1GxObM7e-9HeaGMQGgyKWCC7Sicjpebw-b83H4bb5_RaxRGm6SCd6zdP08qudF8vT5HNZ7hq_2yKWCE4X6UT0Mp4u6j825GQumUzmksVkrtitEgAAAAAAAADAEubMmwAAAACcBjIZDUerdR7IaLWcDFfLBZjYL9EFBgEAAAAAAChu_NiBnJ7H6_PWfBxum99vZYAHp0XmzZ8JYq1WyxoAAEAAGwAAIIBbN--BJNEo_v___z8OAABARo4eAABAfB8AAAAAAAAAgH-gVYMB!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=1&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2459285&dpubid=224845&abtst=ufm!ul3257_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.scamfoo.com&en=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.8/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3365cc561f7225c273384ec6060a70e6dc3fb71ea6195b7d759b191c086ec17a

Request headers

Referer: https://www.scamfoo.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Wed, 22 Feb 2023 18:15:35 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1470
x-cache: MISS
x-served-by: cache-cdg20773-CDG
pragma: no-cache
server: nginx
x-timer: S1677089736.712304,VS0,VE71
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.scamfoo.com
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 st
am-vid-events.taboola.com/ Frame E552 0
43 B 207ms
23ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V77YoCFgOsD8lGfQDXPASsD8lGfQDXPAUAAAAGBuIHJOGZ7JajyWitsawca9FkZlwrfKvNWrSxOBzOkcXhHC6MQBKeyW45mozWGsvKsRZNZsa1wrfarEUbi8PhHFkczuHCDStoOh0-171e9_vdNR-H2-b32zV-t1_zNL38aufF8jT5XJa7xu_2ywEAAADg4f___x8CAAAAIAIAAABAAgAAAIAioOLfQuACAAAAAOP___9fAyCJowAelqfnHwAAAAAgAAAAACQAA25NJQAlhpUn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAHENgh7TiJN5FC0QFeUWMAAAAALi8qSOOJnVCZVH1___fbwVwBQAQYKhn9QeVpTso8RYGAAAgIJYUGFPbsAv7OLZAD4vfb3bYNX63y_7_________zf7P_tGEhuBI04AqhB_VfgEBANZ-AQEA2NQNAOAtAC7kMNB0Onyue73u97trPg63ze-3a_xuv-gIWjEYrC4gZgcAAABw9____4-XFBhT27AL-6gHYqbFaGGYGAYb43Aym3gWHudqtty4RraVcWOxDba3nHPe-o_gneU3YYvRajLZLIez5WIyGI6Go9H-BmIxGOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEKVo0mKxGo8liMlyNJqvZcrHbbZCiVavZaDMYrmaT2W63Gg6Gy9EIJ2wxWk0mm-VwtlxMBsPRcDQaIkzZbAvjaDFYSwazyVo0WBnWyo3FtZZYjIOJZbgwLnzDtej1MT1cNpdjNNuiYADLXiRPi3QisYxGhtHGtliOdoOJb-HcjFamlW0yWkxWG9dsNhFLNCeLdCK77GumxWhhmBgGG-NwMpt4Fh7narbcuEa2lXFjsQ32LZttYRwtBmvJYDZZiwYrw1q5sbjWEotxMLEMF8aFb7gWvT6mh8vmcoxm-8ZstxsMl7vNaN-Y7XaD4XK3Ge07TKZn6nM2CjdroUclMScjM93NYVC4DBbvU7W6GLujg7fkPDpV2rKyszP6_X6_3-_3-_1-v0HrOZgNCt-1GxObM7e-9HeaGMQGgyKWCC7Sicjpebw-b83H4bb5_RaxRGm6SCd6zdP08qudF8vT5HNZ7hq_2yKWCE4X6UT0Mp4u6j825GQumUzmksVkrtitEgAAAAAAAADAEubMmwAAAACcBjIZDUerdR7IaLWcDFfLBZjYL9EFBgEAAAAAAChu_NiBnJ7H6_PWfBxum99vZYAHp0XmzZ8JYq1WyxoAAEAAGwAAIIBbN--BJNEo_v___z8OAABARo4eAABAfB8AAAAAAAAAgH-gVYMB!&cmcv=&pix=31589837&cb=1677089735697&uv=3257&tms=1677089735697&abt=ufm!ul3257_vA&ru=https://www.scamfoo.com/site/mybridger.com/&ft=1&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1677089733285.6!ts:1677089735697&mntl=1
Requested by: Host: www.scamfoo.com
URL: https://www.scamfoo.com/site/mybridger.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:35 GMT
content-length: 0
server: nginx

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame B9B3 70 B
265 B 148ms
37ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7ZxMCFgOmyueWjOy3swSmyueWjOy3swUAAAAGBuIHJGLxmEbD3WotGi03a9FquXFLXMOJWzGauWzGkW2yGDmMQCIWj2k03K3WotFysxatlhu3xDWcuBWjmctmHNkmi5HDDStoOh0-171e9_vdNR-H2-b32zV-t1_zNL38aufF8jT5XJa7xu_2ywEAAADg4f___x8CAAAAIAIAAABAAgAAAIAioOLfQuACAAAAAOP___9fAyCJowAelqfnHwAAAAAgAAAAACQAA25NJQAlhpUn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAHEMHZqqofn71n0QFx0WMAAAAALi8qSOOJnVCZVH1___fbwVwBQAQYKhn5decpTso8RYGAAAgIJYUGFPbsAv7OLZAD4vfb3bYNX63y_7_________zf7P_tGEhuBI04AqhB_VfgEBANZ-AQEA2NQNAOAtAC7kMNB0Onyue73u97trPg63ze-3a_xuv-gIWjEYrC4gZgcAAABw9____4-XFBhT27AL-6gHYibnxLEYrnbL1Wa2HC6cq8lmsBu5lruNxTNY-LYHD7mV4xp5d-43YYvRajLZLIez5WIyGI6Go9H-BmIxGOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEKVo0mKxGo8liMlyNJqvZcrHbbZCiVavZaDMYrmaT2W63Gg6Gy9EIJ2wxWk0mm-VwtlxMBsPRcDQaIkx5PMuJZTdY6za-3Vq03DjWEpdjtJZZTJuRYzMYLoyjtej1MT1cNpdjNNuiYADLXiRPi3QiWTlHnpVnuNuYZhabY7ebuWaGjW03XM2Wo-XCMxFLNCeLdCK77Gsm58SxGK52y9VmthwunKvJZrAbuZa7jcUzWPj2LY9nObHsBmvdxrdbi5Ybx1ricozWMotpM3JsBsOFcbQWvT6mh8vmcoxm-8ZstxsMl7vNaN-Y7XaD4XK3Ge07TKZn6nM2CjdroUclMScjM93NYVC4DBbvU7W6GLujg7fkPDpV2rKyszP6_X6_3-_3-_1-v0HrOZgNCt-1GxObM7e-9HeaGMQGgyKWCC7Sicjpebw-b83H4bb5_RaxRGm6SCd6zdP08qudF8vT5HNZ7hq_2yKWCE4X6UT0Mp4u6j825GQumUzmksVkrtitEgAAAAAAAADAEubMmwAAAACcBjIZDUerdR7IaLWcDFfLBZjYL9EFBgEAAAAAAChu_NiBnJ7H6_PWfBxum99vZYAHp0XmzZ8JYq1WyxoAAEAAGwAAIIBbN--BJNEo_v___z8OAABARo4eAABAfB8AAAAAAAAAgL8gBpvZbg!&cmcv=&pix=undefined&cb=1677089735591&uv=3256&tms=1677089735591&abt=dpa_vA!esv_vC!ufm&ru=https://www.scamfoo.com/site/mybridger.com/&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=bbc44875-4493-459c-b58b-14fef8d621da&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 22 Feb 2023 18:15:35 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame B9B3 43 B
183 B 427ms
95ms Image
image/gif 2600:1f18:612b:4200:b1cf:6448:b8ed:e475
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7ZxMCFgOmyueWjOy3swSmyueWjOy3swUAAAAGBuIHJGLxmEbD3WotGi03a9FquXFLXMOJWzGauWzGkW2yGDmMQCIWj2k03K3WotFysxatlhu3xDWcuBWjmctmHNkmi5HDDStoOh0-171e9_vdNR-H2-b32zV-t1_zNL38aufF8jT5XJa7xu_2ywEAAADg4f___x8CAAAAIAIAAABAAgAAAIAioOLfQuACAAAAAOP___9fAyCJowAelqfnHwAAAAAgAAAAACQAA25NJQAlhpUn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAHEMHZqqofn71n0QFx0WMAAAAALi8qSOOJnVCZVH1___fbwVwBQAQYKhn5decpTso8RYGAAAgIJYUGFPbsAv7OLZAD4vfb3bYNX63y_7_________zf7P_tGEhuBI04AqhB_VfgEBANZ-AQEA2NQNAOAtAC7kMNB0Onyue73u97trPg63ze-3a_xuv-gIWjEYrC4gZgcAAABw9____4-XFBhT27AL-6gHYibnxLEYrnbL1Wa2HC6cq8lmsBu5lruNxTNY-LYHD7mV4xp5d-43YYvRajLZLIez5WIyGI6Go9H-BmIxGOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEKVo0mKxGo8liMlyNJqvZcrHbbZCiVavZaDMYrmaT2W63Gg6Gy9EIJ2wxWk0mm-VwtlxMBsPRcDQaIkx5PMuJZTdY6za-3Vq03DjWEpdjtJZZTJuRYzMYLoyjtej1MT1cNpdjNNuiYADLXiRPi3QiWTlHnpVnuNuYZhabY7ebuWaGjW03XM2Wo-XCMxFLNCeLdCK77Gsm58SxGK52y9VmthwunKvJZrAbuZa7jcUzWPj2LY9nObHsBmvdxrdbi5Ybx1ricozWMotpM3JsBsOFcbQWvT6mh8vmcoxm-8ZstxsMl7vNaN-Y7XaD4XK3Ge07TKZn6nM2CjdroUclMScjM93NYVC4DBbvU7W6GLujg7fkPDpV2rKyszP6_X6_3-_3-_1-v0HrOZgNCt-1GxObM7e-9HeaGMQGgyKWCC7Sicjpebw-b83H4bb5_RaxRGm6SCd6zdP08qudF8vT5HNZ7hq_2yKWCE4X6UT0Mp4u6j825GQumUzmksVkrtitEgAAAAAAAADAEubMmwAAAACcBjIZDUerdR7IaLWcDFfLBZjYL9EFBgEAAAAAAChu_NiBnJ7H6_PWfBxum99vZYAHp0XmzZ8JYq1WyxoAAEAAGwAAIIBbN--BJNEo_v___z8OAABARo4eAABAfB8AAAAAAAAAgL8gBpvZbg!&cmcv=&pix=undefined&cb=1677089735591&uv=3256&tms=1677089735591&abt=dpa_vA!esv_vC!ufm&ru=https://www.scamfoo.com/site/mybridger.com/&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=bbc44875-4493-459c-b58b-14fef8d621da&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4200:b1cf:6448:b8ed:e475 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Wed, 22 Feb 2023 18:15:36 GMT
server: Apache-Coyote/1.1
content-type: image/gif

GET
H2 200 cmTagWIDGET_ITEM.js Show response
vidstat.taboola.com/vpaid/units/32_5_6/infra/ Frame 9D4A 739 KB
124 KB 29ms
24ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/32_5_6/infra/cmTagWIDGET_ITEM.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.8/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 88e3e3bfcf232e93c3de77cb2f644801a7e812b8b933ae6bdece0a5b031dba7d

Request headers

Referer: https://www.scamfoo.com/
Origin: https://www.scamfoo.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-meta-mtime: 1676887602
date: Wed, 22 Feb 2023 18:15:35 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: 9MFQSCRQS3NDTGC7
age: 201969
x-cache: HIT
x-amz-meta-ctime: 1676887603
x-amz-meta-mode: 33188
content-length: 126619
x-amz-id-2: C3tWzjQycyUmUNkKdYeVVhmFdMUQjGDt/wxmDVEXRMuIpe13VCw8mPJSzIMInju8Kl2cMM0iO7E=
x-served-by: cache-cdg20775-CDG
last-modified: Mon, 20 Feb 2023 10:06:44 GMT
server: AmazonS3-br
x-timer: S1677089736.807314,VS0,VE0
etag: "4cb47e7c3ee358bc96c1d2eab1c03e29"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 11743

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/32_5_6/assets/css/ Frame 9D4A 59 KB
8 KB 26ms
22ms Stylesheet
text/css 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/32_5_6/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.8/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 4e902c64b724e110bbb3a8840f46d79f8569949376c73edf7955dbf388159cc5

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-meta-mtime: 1676887653
date: Wed, 22 Feb 2023 18:15:35 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: 6GZQMZ0YD1ZW2Z7E
age: 201973
x-cache: HIT
x-amz-meta-ctime: 1676887653
x-amz-meta-mode: 33188
content-length: 7742
x-amz-id-2: NFF0m4gtrxRtxOZwG7yGwG60Ar+8bAtYMCjXJrQw/BFVcqe6OhSFU4iKehRGfiH6TwYTt324Lf0=
x-served-by: cache-cdg20773-CDG
last-modified: Mon, 20 Feb 2023 10:07:34 GMT
server: AmazonS3-br
x-timer: S1677089736.805090,VS0,VE0
etag: "910667a2fde737fb00f85f576307d7c1"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 46679

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F97C 143 B
166 B 33ms
31ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 1717
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Feb 2023 17:46:58 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

usync.html Show response
eus.rubiconproject.com/ Frame 5D9E
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

281 B
410 B

155ms
111ms

Document
text/html

104.96.145.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7ZxMCFgOmyueWjOy3swSmyueWjOy3swUAAAAGBuIHJGLxmEbD3WotGi03a9FquXFLXMOJWzGauWzGkW2yGDmMQCIWj2k03K3WotFysxatlhu3xDWcuBWjmctmHNkmi5HDDStoOh0-171e9_vdNR-H2-b32zV-t1_zNL38aufF8jT5XJa7xu_2ywEAAADg4f___x8CAAAAIAIAAABAAgAAAIAioOLfQuACAAAAAOP___9fAyCJowAelqfnHwAAAAAgAAAAACQAA25NJQAlhpUn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAHEMHZqqofn71n0QFx0WMAAAAALi8qSOOJnVCZVH1___fbwVwBQAQYKhn5decpTso8RYGAAAgIJYUGFPbsAv7OLZAD4vfb3bYNX63y_7_________zf7P_tGEhuBI04AqhB_VfgEBANZ-AQEA2NQNAOAtAC7kMNB0Onyue73u97trPg63ze-3a_xuv-gIWjEYrC4gZgcAAABw9____4-XFBhT27AL-6gHYibnxLEYrnbL1Wa2HC6cq8lmsBu5lruNxTNY-LYHD7mV4xp5d-43YYvRajLZLIez5WIyGI6Go9H-BmIxGOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEKVo0mKxGo8liMlyNJqvZcrHbbZCiVavZaDMYrmaT2W63Gg6Gy9EIJ2wxWk0mm-VwtlxMBsPRcDQaIkx5PMuJZTdY6za-3Vq03DjWEpdjtJZZTJuRYzMYLoyjtej1MT1cNpdjNNuiYADLXiRPi3QiWTlHnpVnuNuYZhabY7ebuWaGjW03XM2Wo-XCMxFLNCeLdCK77Gsm58SxGK52y9VmthwunKvJZrAbuZa7jcUzWPj2LY9nObHsBmvdxrdbi5Ybx1ricozWMotpM3JsBsOFcbQWvT6mh8vmcoxm-8ZstxsMl7vNaN-Y7XaD4XK3Ge07TKZn6nM2CjdroUclMScjM93NYVC4DBbvU7W6GLujg7fkPDpV2rKyszP6_X6_3-_3-_1-v0HrOZgNCt-1GxObM7e-9HeaGMQGgyKWCC7Sicjpebw-b83H4bb5_RaxRGm6SCd6zdP08qudF8vT5HNZ7hq_2yKWCE4X6UT0Mp4u6j825GQumUzmksVkrtitEgAAAAAAAADAEubMmwAAAACcBjIZDUerdR7IaLWcDFfLBZjYL9EFBgEAAAAAAChu_NiBnJ7H6_PWfBxum99vZYAHp0XmzZ8JYq1WyxoAAEAAGwAAIIBbN--BJNEo_v___z8OAABARo4eAABAfB8AAAAAAAAAgL8gBpvZbg!&cmcv=&pix=undefined&cb=1677089735591&uv=3256&tms=1677089735591&abt=dpa_vA!esv_vC!ufm&ru=https://www.scamfoo.com/site/mybridger.com/&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=bbc44875-4493-459c-b58b-14fef8d621da&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-145-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://imprammp.taboola.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 233
content-type: text/html; charset=UTF-8
date: Wed, 22 Feb 2023 18:15:36 GMT
etag: "403b9-119-5ec73a0a33d00"
last-modified: Wed, 02 Nov 2022 02:30:44 GMT
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Wed, 22 Feb 2023 18:15:36 GMT
location: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
server: AkamaiGHost

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2962 143 B
166 B 54ms
42ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2303590238526826&output=html&h=280&adk=1282251284&adf=3758370479&pi=t.aa~a.2417213347~rp.4&w=938&fwrn=4&fwrnh=100&lmt=1677089734&rafmt=1&to=qs&pwprc=1521673879&format=938x280&url=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677089734960&bpp=1&bdt=2286&idt=1&shv=r20230216&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6e6481329ffb4785-224c1d62f8dc00f2%3AT%3D1677089733%3ART%3D1677089733%3AS%3DALNI_MaVKg2u9jZeMyporVRPEU2KTJF9jw&gpic=UID%3D00000bbae2df8668%3AT%3D1677089733%3ART%3D1677089733%3AS%3DALNI_MavvGqaBMjc9LdOwIXZ7KyV4RAHqw&prev_fmts=0x0%2C728x280%2C728x280%2C728x280%2C938x280&nras=3&correlator=8232058220225&frm=20&pv=1&ga_vid=880433619.1677089733&ga_sid=1677089734&ga_hid=1012116864&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=4008&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44777877%2C44759837%2C31072348%2C44779794&oid=2&psts=AD37Y7vpb-npXAVK2ZmOJ00Bx3uHhxKZwGW2Q4XQzigXGMcC0z6k63oGbK_QJ3TS3smDDIUnP-el5_j4kAt8%2CAD37Y7uTwM0IEVytyoKj8G3HGB_3bUKLRelxBMVWkk10UK_l_2szM9fxBBnzjEFcCPEtZ-e2O7FwSYqlAHom&pvsid=271215218793982&tmod=480944890&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=v8tOOG3rQU&p=https%3A//www.scamfoo.com&dtd=12
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 1717
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Feb 2023 17:46:58 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 redir.html Show response
p4-hpwjbghamdl72-vuxl5tt62pknex5i-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 8D5E 247 B
871 B 223ms
74ms Document
text/html 142.250.201.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-hpwjbghamdl72-vuxl5tt62pknex5i-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.201.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f3.1e100.net

Software

sffe /

Resource Hash

d7914969f8111a8e1f5c6abec59f7906d75b9b21f857f6fbdf8a3a8862859110

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 205
content-security-policy-report-only: script-src 'nonce-DAQNlN_FzLeqBJBTRXo8wg' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Wed, 22 Feb 2023 18:15:36 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Mon, 02 Dec 2019 20:15:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame B3D1 43 B
182 B 238ms
97ms Image
image/gif 2600:1f18:612b:4200:b1cf:6448:b8ed:e475
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V77YoCFgOsD8lGfQDXPASsD8lGfQDXPAUAAAAGBuIHJOGZ7JajyWitsawca9FkZlwrfKvNWrSxOBzOkcXhHC6MQBKeyW45mozWGsvKsRZNZsa1wrfarEUbi8PhHFkczuHCDStoOh0-171e9_vdNR-H2-b32zV-t1_zNL38aufF8jT5XJa7xu_2ywEAAADg4f___x8CAAAAIAIAAABAAgAAAIAioOLfQuACAAAAAOP___9fAyCJowAelqfnHwAAAAAgAAAAACQAA25NJQAlhpUn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAHENgh7TiJN5FC0QFeUWMAAAAALi8qSOOJnVCZVH1___fbwVwBQAQYKhn9QeVpTso8RYGAAAgIJYUGFPbsAv7OLZAD4vfb3bYNX63y_7_________zf7P_tGEhuBI04AqhB_VfgEBANZ-AQEA2NQNAOAtAC7kMNB0Onyue73u97trPg63ze-3a_xuv-gIWjEYrC4gZgcAAABw9____4-XFBhT27AL-6gHYqbFaGGYGAYb43Aym3gWHudqtty4RraVcWOxDba3nHPe-o_gneU3YYvRajLZLIez5WIyGI6Go9H-BmIxGOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEKVo0mKxGo8liMlyNJqvZcrHbbZCiVavZaDMYrmaT2W63Gg6Gy9EIJ2wxWk0mm-VwtlxMBsPRcDQaIkzZbAvjaDFYSwazyVo0WBnWyo3FtZZYjIOJZbgwLnzDtej1MT1cNpdjNNuiYADLXiRPi3QisYxGhtHGtliOdoOJb-HcjFamlW0yWkxWG9dsNhFLNCeLdCK77GumxWhhmBgGG-NwMpt4Fh7narbcuEa2lXFjsQ32LZttYRwtBmvJYDZZiwYrw1q5sbjWEotxMLEMF8aFb7gWvT6mh8vmcoxm-8ZstxsMl7vNaN-Y7XaD4XK3Ge07TKZn6nM2CjdroUclMScjM93NYVC4DBbvU7W6GLujg7fkPDpV2rKyszP6_X6_3-_3-_1-v0HrOZgNCt-1GxObM7e-9HeaGMQGgyKWCC7Sicjpebw-b83H4bb5_RaxRGm6SCd6zdP08qudF8vT5HNZ7hq_2yKWCE4X6UT0Mp4u6j825GQumUzmksVkrtitEgAAAAAAAADAEubMmwAAAACcBjIZDUerdR7IaLWcDFfLBZjYL9EFBgEAAAAAAChu_NiBnJ7H6_PWfBxum99vZYAHp0XmzZ8JYq1WyxoAAEAAGwAAIIBbN--BJNEo_v___z8OAABARo4eAABAfB8AAAAAAAAAgH-gVYMB!&cmcv=&pix=undefined&cb=1677089735697&uv=3257&tms=1677089735697&abt=ufm!ul3257_vA&ru=https://www.scamfoo.com/site/mybridger.com/&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=a3279424-c2e1-42f8-a753-4cbaa9dba98a&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4200:b1cf:6448:b8ed:e475 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Wed, 22 Feb 2023 18:15:36 GMT
server: Apache-Coyote/1.1
content-type: image/gif

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame B3D1 70 B
264 B 52ms
51ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V77YoCFgOsD8lGfQDXPASsD8lGfQDXPAUAAAAGBuIHJOGZ7JajyWitsawca9FkZlwrfKvNWrSxOBzOkcXhHC6MQBKeyW45mozWGsvKsRZNZsa1wrfarEUbi8PhHFkczuHCDStoOh0-171e9_vdNR-H2-b32zV-t1_zNL38aufF8jT5XJa7xu_2ywEAAADg4f___x8CAAAAIAIAAABAAgAAAIAioOLfQuACAAAAAOP___9fAyCJowAelqfnHwAAAAAgAAAAACQAA25NJQAlhpUn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAHENgh7TiJN5FC0QFeUWMAAAAALi8qSOOJnVCZVH1___fbwVwBQAQYKhn9QeVpTso8RYGAAAgIJYUGFPbsAv7OLZAD4vfb3bYNX63y_7_________zf7P_tGEhuBI04AqhB_VfgEBANZ-AQEA2NQNAOAtAC7kMNB0Onyue73u97trPg63ze-3a_xuv-gIWjEYrC4gZgcAAABw9____4-XFBhT27AL-6gHYqbFaGGYGAYb43Aym3gWHudqtty4RraVcWOxDba3nHPe-o_gneU3YYvRajLZLIez5WIyGI6Go9H-BmIxGOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEKVo0mKxGo8liMlyNJqvZcrHbbZCiVavZaDMYrmaT2W63Gg6Gy9EIJ2wxWk0mm-VwtlxMBsPRcDQaIkzZbAvjaDFYSwazyVo0WBnWyo3FtZZYjIOJZbgwLnzDtej1MT1cNpdjNNuiYADLXiRPi3QisYxGhtHGtliOdoOJb-HcjFamlW0yWkxWG9dsNhFLNCeLdCK77GumxWhhmBgGG-NwMpt4Fh7narbcuEa2lXFjsQ32LZttYRwtBmvJYDZZiwYrw1q5sbjWEotxMLEMF8aFb7gWvT6mh8vmcoxm-8ZstxsMl7vNaN-Y7XaD4XK3Ge07TKZn6nM2CjdroUclMScjM93NYVC4DBbvU7W6GLujg7fkPDpV2rKyszP6_X6_3-_3-_1-v0HrOZgNCt-1GxObM7e-9HeaGMQGgyKWCC7Sicjpebw-b83H4bb5_RaxRGm6SCd6zdP08qudF8vT5HNZ7hq_2yKWCE4X6UT0Mp4u6j825GQumUzmksVkrtitEgAAAAAAAADAEubMmwAAAACcBjIZDUerdR7IaLWcDFfLBZjYL9EFBgEAAAAAAChu_NiBnJ7H6_PWfBxum99vZYAHp0XmzZ8JYq1WyxoAAEAAGwAAIIBbN--BJNEo_v___z8OAABARo4eAABAfB8AAAAAAAAAgH-gVYMB!&cmcv=&pix=undefined&cb=1677089735697&uv=3257&tms=1677089735697&abt=ufm!ul3257_vA&ru=https://www.scamfoo.com/site/mybridger.com/&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=a3279424-c2e1-42f8-a753-4cbaa9dba98a&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 22 Feb 2023 18:15:35 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 sync
x.bidswitch.net/ Frame B3D1 43 B
146 B 262ms
30ms Image
image/gif 35.157.214.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V77YoCFgOsD8lGfQDXPASsD8lGfQDXPAUAAAAGBuIHJOGZ7JajyWitsawca9FkZlwrfKvNWrSxOBzOkcXhHC6MQBKeyW45mozWGsvKsRZNZsa1wrfarEUbi8PhHFkczuHCDStoOh0-171e9_vdNR-H2-b32zV-t1_zNL38aufF8jT5XJa7xu_2ywEAAADg4f___x8CAAAAIAIAAABAAgAAAIAioOLfQuACAAAAAOP___9fAyCJowAelqfnHwAAAAAgAAAAACQAA25NJQAlhpUn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAHENgh7TiJN5FC0QFeUWMAAAAALi8qSOOJnVCZVH1___fbwVwBQAQYKhn9QeVpTso8RYGAAAgIJYUGFPbsAv7OLZAD4vfb3bYNX63y_7_________zf7P_tGEhuBI04AqhB_VfgEBANZ-AQEA2NQNAOAtAC7kMNB0Onyue73u97trPg63ze-3a_xuv-gIWjEYrC4gZgcAAABw9____4-XFBhT27AL-6gHYqbFaGGYGAYb43Aym3gWHudqtty4RraVcWOxDba3nHPe-o_gneU3YYvRajLZLIez5WIyGI6Go9H-BmIxGOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEKVo0mKxGo8liMlyNJqvZcrHbbZCiVavZaDMYrmaT2W63Gg6Gy9EIJ2wxWk0mm-VwtlxMBsPRcDQaIkzZbAvjaDFYSwazyVo0WBnWyo3FtZZYjIOJZbgwLnzDtej1MT1cNpdjNNuiYADLXiRPi3QisYxGhtHGtliOdoOJb-HcjFamlW0yWkxWG9dsNhFLNCeLdCK77GumxWhhmBgGG-NwMpt4Fh7narbcuEa2lXFjsQ32LZttYRwtBmvJYDZZiwYrw1q5sbjWEotxMLEMF8aFb7gWvT6mh8vmcoxm-8ZstxsMl7vNaN-Y7XaD4XK3Ge07TKZn6nM2CjdroUclMScjM93NYVC4DBbvU7W6GLujg7fkPDpV2rKyszP6_X6_3-_3-_1-v0HrOZgNCt-1GxObM7e-9HeaGMQGgyKWCC7Sicjpebw-b83H4bb5_RaxRGm6SCd6zdP08qudF8vT5HNZ7hq_2yKWCE4X6UT0Mp4u6j825GQumUzmksVkrtitEgAAAAAAAADAEubMmwAAAACcBjIZDUerdR7IaLWcDFfLBZjYL9EFBgEAAAAAAChu_NiBnJ7H6_PWfBxum99vZYAHp0XmzZ8JYq1WyxoAAEAAGwAAIIBbN--BJNEo_v___z8OAABARo4eAABAfB8AAAAAAAAAgH-gVYMB!&cmcv=&pix=undefined&cb=1677089735697&uv=3257&tms=1677089735697&abt=ufm!ul3257_vA&ru=https://www.scamfoo.com/site/mybridger.com/&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=a3279424-c2e1-42f8-a753-4cbaa9dba98a&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.214.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-214-223.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:36 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
DATA 200
OK truncated
/ Frame AFAF 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 88db2738fc112dbd531e3a1e42ac7276a68473a075780dcbd9c3dd237dda301c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame D18F 12 KB
5 KB 28ms
26ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 502051
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b0TZ4k39J9LmUlIbI8CGhEFGdv9w8GbcnbNBbo5yntxLC5fPdRAgtDBZZutQVikRI1UAwuYwX0%2BKzwx2NDfGtQ8SYoaUFjPpF%2BJtGDae6eja7B3h907%2BCithFjUjHVFXtKb2O5ObK2hjfdSCHgg0XJKe"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 79d9b541e83af158-CDG
expires: Mon, 12 Feb 2024 18:15:35 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame D18F 12 KB
6 KB 284ms
284ms Script
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Feb 2024 18:15:36 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame D18F 0
127 B 23ms
22ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=YOz72oYd5qQbxLG0RxJZT2jZS2zwB--gfi80koRzllNbWFHOBJdUtXxAqB85xQjwv09LZCQ2QryScEttbIGKWxRDSO_67rl3ZScTz8sda_nHpdGaJMKuY4ZLdjwZPppY-ArVjE63TbsdDJEUXLkdaZfbQt4Q20kVl9LrgZOXaeJWAL89iVlO2rUEofeLwUppZCIbFoYK2uKl0NvqmmaBONX0GkRHwwkq1Y0oonUKNIY5bx8cMj0KGYK07b6uWvG6UergDg&sds=2&rev=84699&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 22 Feb 2023 18:15:35 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame D18F 2 KB
1 KB 278ms
276ms Image
image/svg+xml 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Feb 2024 18:15:36 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame D18F 2 KB
1 KB 282ms
281ms Image
image/svg+xml 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Feb 2024 18:15:36 GMT

GET
H2 200 cmTagWIDGET_ITEM.js Show response
vidstat.taboola.com/vpaid/units/32_5_7/infra/ Frame E552 739 KB
124 KB 27ms
24ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/32_5_7/infra/cmTagWIDGET_ITEM.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.8/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 61d0d8c1d8f8da4ddc8da836aa1af85603b2761cc96a0aaa70839fc2749bf51d

Request headers

Referer: https://www.scamfoo.com/
Origin: https://www.scamfoo.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-meta-mtime: 1677060389
date: Wed, 22 Feb 2023 18:15:36 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: GD0DH2F9B00WBJPT
age: 29175
x-cache: HIT
x-amz-meta-ctime: 1677060390
x-amz-meta-mode: 33188
content-length: 126859
x-amz-id-2: 3EBHdfu+pwWsPNZXO66pss45F5S+0+s3QfjQskV65yRyNbV55VDH68VemOiFBS7fLt0N6aHCMbw=
x-served-by: cache-cdg20775-CDG
last-modified: Wed, 22 Feb 2023 10:06:31 GMT
server: AmazonS3-br
x-timer: S1677089736.025441,VS0,VE0
etag: "358fb50b59baf1c624c6886f99975265"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 551

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/32_5_7/assets/css/ Frame E552 59 KB
8 KB 27ms
26ms Stylesheet
text/css 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/32_5_7/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.8/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 4e902c64b724e110bbb3a8840f46d79f8569949376c73edf7955dbf388159cc5

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-meta-mtime: 1677060440
date: Wed, 22 Feb 2023 18:15:36 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: ZAJQJXJ2HCDF9S25
age: 29175
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1677060440
x-amz-meta-mode: 33188
content-length: 7742
x-amz-id-2: P0pO9gNBpLSX7VSrMhoMMQGhdkoEfVeDphk6VpxAueWdefXgj6CLSalP+ldWbORHw6XAxu1E52k=
x-served-by: cache-cdg20773-CDG
last-modified: Wed, 22 Feb 2023 10:07:21 GMT
server: AmazonS3-br
x-timer: S1677089736.025474,VS0,VE0
etag: "910667a2fde737fb00f85f576307d7c1"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 1899

POST
H2 204 bulk Show response
trc.taboola.com/disqus-scamfoo/log/3/ Frame 9D4A 0
269 B 35ms
35ms XHR
image/gif 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/disqus-scamfoo/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230221-21-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.scamfoo.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 11
pragma: no-cache
date: Wed, 22 Feb 2023 18:15:36 GMT
via: 1.1 varnish
x-served-by: cache-cdg20773-CDG
server: nginx
x-timer: S1677089736.041632,VS0,VE11
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.scamfoo.com
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230216/r20110914/client/ Frame 500B 3 KB
1 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230216/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2303590238526826&output=html&h=280&adk=1816755489&adf=1230875943&pi=t.aa~a.3921975827~i.3~rp.4&w=938&fwrn=4&fwrnh=100&lmt=1677089734&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1521673879&ad_type=text_image&format=938x280&url=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F&fwr=0&pra=3&rh=200&rw=938&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677089734942&bpp=1&bdt=2268&idt=2&shv=r20230216&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6e6481329ffb4785-224c1d62f8dc00f2%3AT%3D1677089733%3ART%3D1677089733%3AS%3DALNI_MaVKg2u9jZeMyporVRPEU2KTJF9jw&gpic=UID%3D00000bbae2df8668%3AT%3D1677089733%3ART%3D1677089733%3AS%3DALNI_MavvGqaBMjc9LdOwIXZ7KyV4RAHqw&prev_fmts=0x0%2C728x280%2C728x280%2C728x280&nras=2&correlator=8232058220225&frm=20&pv=1&ga_vid=880433619.1677089733&ga_sid=1677089734&ga_hid=1012116864&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=1776&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44777877%2C44759837%2C31072348%2C44779794&oid=2&psts=AD37Y7vpb-npXAVK2ZmOJ00Bx3uHhxKZwGW2Q4XQzigXGMcC0z6k63oGbK_QJ3TS3smDDIUnP-el5_j4kAt8%2CAD37Y7uTwM0IEVytyoKj8G3HGB_3bUKLRelxBMVWkk10UK_l_2szM9fxBBnzjEFcCPEtZ-e2O7FwSYqlAHom&pvsid=271215218793982&tmod=480944890&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=E6VldsSkG4&p=https%3A//www.scamfoo.com&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:05:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 600
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Mar 2023 18:05:36 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230216/r20110914/client/ Frame 500B 20 KB
8 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230216/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 12:22:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21185
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Mar 2023 12:22:31 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 500B 157 KB
48 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6908a17080533cc597c4b17bd876ce02ba3c2aeaec4bb9763571dd31b98162c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49018
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1676996822105882"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 22 Feb 2023 18:15:36 GMT

POST
H2 204 bulk Show response
trc.taboola.com/disqus-scamfoo/log/3/ Frame E552 0
61 B 30ms
30ms XHR
image/gif 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/disqus-scamfoo/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230221-21-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.scamfoo.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 10
pragma: no-cache
date: Wed, 22 Feb 2023 18:15:36 GMT
via: 1.1 varnish
x-served-by: cache-cdg20773-CDG
server: nginx
x-timer: S1677089736.124667,VS0,VE10
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.scamfoo.com
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 2D8A 70 B
264 B 39ms
38ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V77YoCFgOsD8lGfQDXPASsD8lGfQDXPAUAAAAGBuIHJOGZ7JajyWitsawca9FkZlwrfKvNWrSxOBzOkcXhHC6MQBKeyW45mozWGsvKsRZNZsa1wrfarEUbi8PhHFkczuHCDStoOh0-171e9_vdNR-H2-b32zV-t1_zNL38aufF8jT5XJa7xu_2ywEAAADg4f___x8CAAAAIAIAAABAAgAAAIAioOLfQuACAAAAAOP___9fAyCJowAelqfnHwAAAAAgAAAAACQAA25NJQAlhpUn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAHENgh7TiJN5FC0QFeUWMAAAAALi8qSOOJnVCZVH1___fbwVwBQAQYKhn9QeVpTso8RYGAAAgIJYUGFPbsAv7OLZAD4vfb3bYNX63y_7_________zf7P_tGEhuBI04AqhB_VfgEBANZ-AQEA2NQNAOAtAC7kMNB0Onyue73u97trPg63ze-3a_xuv-gIWjEYrC4gZgcAAABw9____4-XFBhT27AL-6gHYqbFaGGYGAYb43Aym3gWHudqtty4RraVcWOxDba3nHPe-o_gneU3YYvRajLZLIez5WIyGI6Go9H-BmIxGOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEKVo0mKxGo8liMlyNJqvZcrHbbZCiVavZaDMYrmaT2W63Gg6Gy9EIJ2wxWk0mm-VwtlxMBsPRcDQaIkzZbAvjaDFYSwazyVo0WBnWyo3FtZZYjIOJZbgwLnzDtej1MT1cNpdjNNuiYADLXiRPi3QisYxGhtHGtliOdoOJb-HcjFamlW0yWkxWG9dsNhFLNCeLdCK77GumxWhhmBgGG-NwMpt4Fh7narbcuEa2lXFjsQ32LZttYRwtBmvJYDZZiwYrw1q5sbjWEotxMLEMF8aFb7gWvT6mh8vmcoxm-8ZstxsMl7vNaN-Y7XaD4XK3Ge07TKZn6nM2CjdroUclMScjM93NYVC4DBbvU7W6GLujg7fkPDpV2rKyszP6_X6_3-_3-_1-v0HrOZgNCt-1GxObM7e-9HeaGMQGgyKWCC7Sicjpebw-b83H4bb5_RaxRGm6SCd6zdP08qudF8vT5HNZ7hq_2yKWCE4X6UT0Mp4u6j825GQumUzmksVkrtitEgAAAAAAAADAEubMmwAAAACcBjIZDUerdR7IaLWcDFfLBZjYL9EFBgEAAAAAAChu_NiBnJ7H6_PWfBxum99vZYAHp0XmzZ8JYq1WyxoAAEAAGwAAIIBbN--BJNEo_v___z8OAABARo4eAABAfB8AAAAAAAAAgH-gVYMB!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 22 Feb 2023 18:15:36 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame 2D8A 43 B
182 B 97ms
96ms Image
image/gif 2600:1f18:612b:4200:b1cf:6448:b8ed:e475
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V77YoCFgOsD8lGfQDXPASsD8lGfQDXPAUAAAAGBuIHJOGZ7JajyWitsawca9FkZlwrfKvNWrSxOBzOkcXhHC6MQBKeyW45mozWGsvKsRZNZsa1wrfarEUbi8PhHFkczuHCDStoOh0-171e9_vdNR-H2-b32zV-t1_zNL38aufF8jT5XJa7xu_2ywEAAADg4f___x8CAAAAIAIAAABAAgAAAIAioOLfQuACAAAAAOP___9fAyCJowAelqfnHwAAAAAgAAAAACQAA25NJQAlhpUn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAHENgh7TiJN5FC0QFeUWMAAAAALi8qSOOJnVCZVH1___fbwVwBQAQYKhn9QeVpTso8RYGAAAgIJYUGFPbsAv7OLZAD4vfb3bYNX63y_7_________zf7P_tGEhuBI04AqhB_VfgEBANZ-AQEA2NQNAOAtAC7kMNB0Onyue73u97trPg63ze-3a_xuv-gIWjEYrC4gZgcAAABw9____4-XFBhT27AL-6gHYqbFaGGYGAYb43Aym3gWHudqtty4RraVcWOxDba3nHPe-o_gneU3YYvRajLZLIez5WIyGI6Go9H-BmIxGOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEKVo0mKxGo8liMlyNJqvZcrHbbZCiVavZaDMYrmaT2W63Gg6Gy9EIJ2wxWk0mm-VwtlxMBsPRcDQaIkzZbAvjaDFYSwazyVo0WBnWyo3FtZZYjIOJZbgwLnzDtej1MT1cNpdjNNuiYADLXiRPi3QisYxGhtHGtliOdoOJb-HcjFamlW0yWkxWG9dsNhFLNCeLdCK77GumxWhhmBgGG-NwMpt4Fh7narbcuEa2lXFjsQ32LZttYRwtBmvJYDZZiwYrw1q5sbjWEotxMLEMF8aFb7gWvT6mh8vmcoxm-8ZstxsMl7vNaN-Y7XaD4XK3Ge07TKZn6nM2CjdroUclMScjM93NYVC4DBbvU7W6GLujg7fkPDpV2rKyszP6_X6_3-_3-_1-v0HrOZgNCt-1GxObM7e-9HeaGMQGgyKWCC7Sicjpebw-b83H4bb5_RaxRGm6SCd6zdP08qudF8vT5HNZ7hq_2yKWCE4X6UT0Mp4u6j825GQumUzmksVkrtitEgAAAAAAAADAEubMmwAAAACcBjIZDUerdR7IaLWcDFfLBZjYL9EFBgEAAAAAAChu_NiBnJ7H6_PWfBxum99vZYAHp0XmzZ8JYq1WyxoAAEAAGwAAIIBbN--BJNEo_v___z8OAABARo4eAABAfB8AAAAAAAAAgH-gVYMB!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4200:b1cf:6448:b8ed:e475 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Wed, 22 Feb 2023 18:15:36 GMT
server: Apache-Coyote/1.1
content-type: image/gif

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 46BF 70 B
264 B 38ms
37ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7ZxMCFgOmyueWjOy3swSmyueWjOy3swUAAAAGBuIHJGLxmEbD3WotGi03a9FquXFLXMOJWzGauWzGkW2yGDmMQCIWj2k03K3WotFysxatlhu3xDWcuBWjmctmHNkmi5HDDStoOh0-171e9_vdNR-H2-b32zV-t1_zNL38aufF8jT5XJa7xu_2ywEAAADg4f___x8CAAAAIAIAAABAAgAAAIAioOLfQuACAAAAAOP___9fAyCJowAelqfnHwAAAAAgAAAAACQAA25NJQAlhpUn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAHEMHZqqofn71n0QFx0WMAAAAALi8qSOOJnVCZVH1___fbwVwBQAQYKhn5decpTso8RYGAAAgIJYUGFPbsAv7OLZAD4vfb3bYNX63y_7_________zf7P_tGEhuBI04AqhB_VfgEBANZ-AQEA2NQNAOAtAC7kMNB0Onyue73u97trPg63ze-3a_xuv-gIWjEYrC4gZgcAAABw9____4-XFBhT27AL-6gHYibnxLEYrnbL1Wa2HC6cq8lmsBu5lruNxTNY-LYHD7mV4xp5d-43YYvRajLZLIez5WIyGI6Go9H-BmIxGOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEKVo0mKxGo8liMlyNJqvZcrHbbZCiVavZaDMYrmaT2W63Gg6Gy9EIJ2wxWk0mm-VwtlxMBsPRcDQaIkx5PMuJZTdY6za-3Vq03DjWEpdjtJZZTJuRYzMYLoyjtej1MT1cNpdjNNuiYADLXiRPi3QiWTlHnpVnuNuYZhabY7ebuWaGjW03XM2Wo-XCMxFLNCeLdCK77Gsm58SxGK52y9VmthwunKvJZrAbuZa7jcUzWPj2LY9nObHsBmvdxrdbi5Ybx1ricozWMotpM3JsBsOFcbQWvT6mh8vmcoxm-8ZstxsMl7vNaN-Y7XaD4XK3Ge07TKZn6nM2CjdroUclMScjM93NYVC4DBbvU7W6GLujg7fkPDpV2rKyszP6_X6_3-_3-_1-v0HrOZgNCt-1GxObM7e-9HeaGMQGgyKWCC7Sicjpebw-b83H4bb5_RaxRGm6SCd6zdP08qudF8vT5HNZ7hq_2yKWCE4X6UT0Mp4u6j825GQumUzmksVkrtitEgAAAAAAAADAEubMmwAAAACcBjIZDUerdR7IaLWcDFfLBZjYL9EFBgEAAAAAAChu_NiBnJ7H6_PWfBxum99vZYAHp0XmzZ8JYq1WyxoAAEAAGwAAIIBbN--BJNEo_v___z8OAABARo4eAABAfB8AAAAAAAAAgL8gBpvZbg!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 22 Feb 2023 18:15:36 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame 46BF 43 B
182 B 218ms
217ms Image
image/gif 2600:1f18:612b:4200:b1cf:6448:b8ed:e475
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7ZxMCFgOmyueWjOy3swSmyueWjOy3swUAAAAGBuIHJGLxmEbD3WotGi03a9FquXFLXMOJWzGauWzGkW2yGDmMQCIWj2k03K3WotFysxatlhu3xDWcuBWjmctmHNkmi5HDDStoOh0-171e9_vdNR-H2-b32zV-t1_zNL38aufF8jT5XJa7xu_2ywEAAADg4f___x8CAAAAIAIAAABAAgAAAIAioOLfQuACAAAAAOP___9fAyCJowAelqfnHwAAAAAgAAAAACQAA25NJQAlhpUn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAHEMHZqqofn71n0QFx0WMAAAAALi8qSOOJnVCZVH1___fbwVwBQAQYKhn5decpTso8RYGAAAgIJYUGFPbsAv7OLZAD4vfb3bYNX63y_7_________zf7P_tGEhuBI04AqhB_VfgEBANZ-AQEA2NQNAOAtAC7kMNB0Onyue73u97trPg63ze-3a_xuv-gIWjEYrC4gZgcAAABw9____4-XFBhT27AL-6gHYibnxLEYrnbL1Wa2HC6cq8lmsBu5lruNxTNY-LYHD7mV4xp5d-43YYvRajLZLIez5WIyGI6Go9H-BmIxGOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEKVo0mKxGo8liMlyNJqvZcrHbbZCiVavZaDMYrmaT2W63Gg6Gy9EIJ2wxWk0mm-VwtlxMBsPRcDQaIkx5PMuJZTdY6za-3Vq03DjWEpdjtJZZTJuRYzMYLoyjtej1MT1cNpdjNNuiYADLXiRPi3QiWTlHnpVnuNuYZhabY7ebuWaGjW03XM2Wo-XCMxFLNCeLdCK77Gsm58SxGK52y9VmthwunKvJZrAbuZa7jcUzWPj2LY9nObHsBmvdxrdbi5Ybx1ricozWMotpM3JsBsOFcbQWvT6mh8vmcoxm-8ZstxsMl7vNaN-Y7XaD4XK3Ge07TKZn6nM2CjdroUclMScjM93NYVC4DBbvU7W6GLujg7fkPDpV2rKyszP6_X6_3-_3-_1-v0HrOZgNCt-1GxObM7e-9HeaGMQGgyKWCC7Sicjpebw-b83H4bb5_RaxRGm6SCd6zdP08qudF8vT5HNZ7hq_2yKWCE4X6UT0Mp4u6j825GQumUzmksVkrtitEgAAAAAAAADAEubMmwAAAACcBjIZDUerdR7IaLWcDFfLBZjYL9EFBgEAAAAAAChu_NiBnJ7H6_PWfBxum99vZYAHp0XmzZ8JYq1WyxoAAEAAGwAAIIBbN--BJNEo_v___z8OAABARo4eAABAfB8AAAAAAAAAgL8gBpvZbg!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4200:b1cf:6448:b8ed:e475 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Wed, 22 Feb 2023 18:15:36 GMT
server: Apache-Coyote/1.1
content-type: image/gif

GET
H2

200

/
sync.taboola.com/sg/yahoosspus-network/1/rtb-h/ Frame 46BF
Redirect Chain

https://ups.analytics.yahoo.com/ups/58534/occ
https://ups.analytics.yahoo.com/ups/58534/occ?verify=true
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-AtSrrKFE2uGws6mM3sKGXQUgWyoIDVlv0DIEFsw-~A

0
98 B

373ms
21ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-AtSrrKFE2uGws6mM3sKGXQUgWyoIDVlv0DIEFsw-~A
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7ZxMCFgOmyueWjOy3swSmyueWjOy3swUAAAAGBuIHJGLxmEbD3WotGi03a9FquXFLXMOJWzGauWzGkW2yGDmMQCIWj2k03K3WotFysxatlhu3xDWcuBWjmctmHNkmi5HDDStoOh0-171e9_vdNR-H2-b32zV-t1_zNL38aufF8jT5XJa7xu_2ywEAAADg4f___x8CAAAAIAIAAABAAgAAAIAioOLfQuACAAAAAOP___9fAyCJowAelqfnHwAAAAAgAAAAACQAA25NJQAlhpUn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAHEMHZqqofn71n0QFx0WMAAAAALi8qSOOJnVCZVH1___fbwVwBQAQYKhn5decpTso8RYGAAAgIJYUGFPbsAv7OLZAD4vfb3bYNX63y_7_________zf7P_tGEhuBI04AqhB_VfgEBANZ-AQEA2NQNAOAtAC7kMNB0Onyue73u97trPg63ze-3a_xuv-gIWjEYrC4gZgcAAABw9____4-XFBhT27AL-6gHYibnxLEYrnbL1Wa2HC6cq8lmsBu5lruNxTNY-LYHD7mV4xp5d-43YYvRajLZLIez5WIyGI6Go9H-BmIxGOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEKVo0mKxGo8liMlyNJqvZcrHbbZCiVavZaDMYrmaT2W63Gg6Gy9EIJ2wxWk0mm-VwtlxMBsPRcDQaIkx5PMuJZTdY6za-3Vq03DjWEpdjtJZZTJuRYzMYLoyjtej1MT1cNpdjNNuiYADLXiRPi3QiWTlHnpVnuNuYZhabY7ebuWaGjW03XM2Wo-XCMxFLNCeLdCK77Gsm58SxGK52y9VmthwunKvJZrAbuZa7jcUzWPj2LY9nObHsBmvdxrdbi5Ybx1ricozWMotpM3JsBsOFcbQWvT6mh8vmcoxm-8ZstxsMl7vNaN-Y7XaD4XK3Ge07TKZn6nM2CjdroUclMScjM93NYVC4DBbvU7W6GLujg7fkPDpV2rKyszP6_X6_3-_3-_1-v0HrOZgNCt-1GxObM7e-9HeaGMQGgyKWCC7Sicjpebw-b83H4bb5_RaxRGm6SCd6zdP08qudF8vT5HNZ7hq_2yKWCE4X6UT0Mp4u6j825GQumUzmksVkrtitEgAAAAAAAADAEubMmwAAAACcBjIZDUerdR7IaLWcDFfLBZjYL9EFBgEAAAAAAChu_NiBnJ7H6_PWfBxum99vZYAHp0XmzZ8JYq1WyxoAAEAAGwAAIIBbN--BJNEo_v___z8OAABARo4eAABAfB8AAAAAAAAAgL8gBpvZbg!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:37 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 25174

Redirect headers

location: https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-AtSrrKFE2uGws6mM3sKGXQUgWyoIDVlv0DIEFsw-~A
date: Wed, 22 Feb 2023 18:15:36 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 500B 0
0 68ms
67ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C-HRTx1v2Y72pA-uQ_tMPuf-j0A7JntKxXM2jlvdwwI23ARABIABg-wGCARdjYS1wdWItMjMwMzU5MDIzODUyNjgyNsgBCakCda6mCKjXsT6oAwGqBNgBT9Bn5tbLYAEVYxlYIfKbnHhnGhCDHzlfAyAdP5PrvUFM_MKSiZHGwI4zFy_YgaRT1YUNr8QLBmPmjjvDvKwqdLBvETyFwNAGaWdMX_eymrHThqTDlQDr9Qe7Ayyaft9JLbQmwE1lLRjIb11WfF_WEw667jJKn17dbiyccJty-LiLV-pnPC9PeGmlMvyiKRcSOelED4S59GlzQnECu5Cy3EHVf2vVpwmQbOZxg03Vj3eMrdpa95GGP13BJc3b3_ajQ1zwBImVPS7aQsQec9hGvSouZv4epTQlgAb-wcKCuN-mjagBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0yMzAzNTkwMjM4NTI2ODI2GAA&sigh=HKRnVGrga_Y&uach_m=[UACH]&cid=CAQSOwDUE5ymClxFl1ZDaZ8vyXirAB4lQtIf8gTL6f_H3PKC1OEGb4DSt0kIxWFkJHbWJg3LmdJROuXlxbPYGAE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2303590238526826&output=html&h=280&adk=1816755489&adf=1230875943&pi=t.aa~a.3921975827~i.3~rp.4&w=938&fwrn=4&fwrnh=100&lmt=1677089734&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1521673879&ad_type=text_image&format=938x280&url=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F&fwr=0&pra=3&rh=200&rw=938&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677089734942&bpp=1&bdt=2268&idt=2&shv=r20230216&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6e6481329ffb4785-224c1d62f8dc00f2%3AT%3D1677089733%3ART%3D1677089733%3AS%3DALNI_MaVKg2u9jZeMyporVRPEU2KTJF9jw&gpic=UID%3D00000bbae2df8668%3AT%3D1677089733%3ART%3D1677089733%3AS%3DALNI_MavvGqaBMjc9LdOwIXZ7KyV4RAHqw&prev_fmts=0x0%2C728x280%2C728x280%2C728x280&nras=2&correlator=8232058220225&frm=20&pv=1&ga_vid=880433619.1677089733&ga_sid=1677089734&ga_hid=1012116864&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=1776&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44777877%2C44759837%2C31072348%2C44779794&oid=2&psts=AD37Y7vpb-npXAVK2ZmOJ00Bx3uHhxKZwGW2Q4XQzigXGMcC0z6k63oGbK_QJ3TS3smDDIUnP-el5_j4kAt8%2CAD37Y7uTwM0IEVytyoKj8G3HGB_3bUKLRelxBMVWkk10UK_l_2szM9fxBBnzjEFcCPEtZ-e2O7FwSYqlAHom&pvsid=271215218793982&tmod=480944890&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=E6VldsSkG4&p=https%3A//www.scamfoo.com&dtd=9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 22 Feb 2023 18:15:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 500B 0
0 39ms
38ms Fetch 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kqe_EMD6RKoHmAKdg2ICAgAAAI5YgFN6_MEl4K2o3xDGW_Zj52p5619K6524UQAAEgAACg5BUVVEQVFZQkFRRUJBUQ&wp=Y_ZbxwAA1L0Ef4hrAAj_uXCr98v4SdSQKW_Y7Q

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:35 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 204103
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame A189 135 KB
46 KB 87ms
86ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_ZbxwAA1L0Ef4hrAAj_uXCr98v4SdSQKW_Y7Q&u=%7CseXUhV9f4c45qU0Y1iKYWtQGvl5SEixGiglvYyPHeUI%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8R0XTFg4n334JzDG0QxBnFq0ZBTpmYDd8OqS4ilYwIpBoHzA8ktjKkD-a_IeRtSTThcFDrOVjcYIQqrmyTVuSIHEy10wcmNp6Zy1K6YhzLSNaIFhBvQS0XUNiyo8929pLlwZfnUj6DRJJqnLVbaTUz3ADbdxJjB6he3V13W2j5sYywcCeIgSDBifH2dVU2h3Foqr4JrwDXTmWm2WHD6xSL6KcfsJJnSVpPwp6CMtfZ9CAo2tI8cP9gVh2nP_tgzqzkhl62eXXeB1OSLPYmaZVYyuZsCWOqqjgbIi3pd3VYC6uBUQnXQte5Duxh3u-0bvr4unbh_v4uGv5TakpMMsk_G8_-K51ILQwlDFJEHPfqgtuX1gpAbIDbCAsJFCGNU2i_9H31sVyN7dgp-p0-qNs01KVhWkRez1T0N_qgOs9MRAKmbKtbjI_Ul52Z9x0b-V2TPnmlyU0VvpOfS6qps4eoIV0Sud_TGSI6pZ6vNVhfQkQfOfuihITYasuMweUPdHsFdCY5ndvr_DlagzjfbLKr_QVSO9evQCBJ5JhpMdWqdJIn2L6w1D-Wq&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCty6Ex1v2Y72pA-uQ_tMPuf-j0A7JntKxXM2jlvdwwI23ARABIABg-wGCARdjYS1wdWItMjMwMzU5MDIzODUyNjgyNsgBCakCda6mCKjXsT6oAwGqBNsBT9Bn5tbLYAEVYxlYIfKbnHhnGhCDHzlfAyAdP5PrvUFM_MKSiZHGwI4zFy_YgaRT1YUNr8QLBmPmjjvDvKwqdLBvETyFwNAGaWdMX_eymrHThqTDlQDr9Qe7Ayyaft9JLbQmwE1lLRjIb11WfF_WEw667jJKn17dbiyccJty-LiLV-pnPC9PeGmlMvyiKRcSOelED4S59GlzQnECu5Cy3EHVf2vVpwmQbOZxg03Vj3eMrZhY1gMBsMHSmlHPfCae5aT5EIMjNwDCwHDWTn60AjQCfnu0ISeaaXUugAb-wcKCuN-mjagBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1p-VKWJMyt3TCJ-U_LtRkU-Q6S_Q%26client%3Dca-pub-2303590238526826%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

54604a0e284c1d6fa29e38ab0fd33176580d4858a4d7d771f29d2d5e24f9c03a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 22 Feb 2023 18:15:35 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=M6dq_4Yd5qQbxLG0_DrzQB495eFsxRFHY2k_3MjmVSIcDpbNjRYCxdBTpUH_FpB6HPCVsS-SPC45kJMJafBvx51XE3rJNs2wDm034wvzYUmn6QPWyEXHNEPmHSTlksDfo7ZvoQh4geZKGaXgMDfHWoJpGXg-k1SDHHRbaiebsqsKdLthevbShRO6D1SY6xysOCmTRr85WAVCL3saMHgR4mSJEubdwrzpzkWAZQ6DnvgQpcEOUw_ndvG4zJw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 55404450
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

usync.html Show response
eus.rubiconproject.com/ Frame 7372
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

281 B
410 B

61ms
61ms

Document
text/html

104.96.145.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V77YoCFgOsD8lGfQDXPASsD8lGfQDXPAUAAAAGBuIHJOGZ7JajyWitsawca9FkZlwrfKvNWrSxOBzOkcXhHC6MQBKeyW45mozWGsvKsRZNZsa1wrfarEUbi8PhHFkczuHCDStoOh0-171e9_vdNR-H2-b32zV-t1_zNL38aufF8jT5XJa7xu_2ywEAAADg4f___x8CAAAAIAIAAABAAgAAAIAioOLfQuACAAAAAOP___9fAyCJowAelqfnHwAAAAAgAAAAACQAA25NJQAlhpUn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAHENgh7TiJN5FC0QFeUWMAAAAALi8qSOOJnVCZVH1___fbwVwBQAQYKhn9QeVpTso8RYGAAAgIJYUGFPbsAv7OLZAD4vfb3bYNX63y_7_________zf7P_tGEhuBI04AqhB_VfgEBANZ-AQEA2NQNAOAtAC7kMNB0Onyue73u97trPg63ze-3a_xuv-gIWjEYrC4gZgcAAABw9____4-XFBhT27AL-6gHYqbFaGGYGAYb43Aym3gWHudqtty4RraVcWOxDba3nHPe-o_gneU3YYvRajLZLIez5WIyGI6Go9H-BmIxGOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEKVo0mKxGo8liMlyNJqvZcrHbbZCiVavZaDMYrmaT2W63Gg6Gy9EIJ2wxWk0mm-VwtlxMBsPRcDQaIkzZbAvjaDFYSwazyVo0WBnWyo3FtZZYjIOJZbgwLnzDtej1MT1cNpdjNNuiYADLXiRPi3QisYxGhtHGtliOdoOJb-HcjFamlW0yWkxWG9dsNhFLNCeLdCK77GumxWhhmBgGG-NwMpt4Fh7narbcuEa2lXFjsQ32LZttYRwtBmvJYDZZiwYrw1q5sbjWEotxMLEMF8aFb7gWvT6mh8vmcoxm-8ZstxsMl7vNaN-Y7XaD4XK3Ge07TKZn6nM2CjdroUclMScjM93NYVC4DBbvU7W6GLujg7fkPDpV2rKyszP6_X6_3-_3-_1-v0HrOZgNCt-1GxObM7e-9HeaGMQGgyKWCC7Sicjpebw-b83H4bb5_RaxRGm6SCd6zdP08qudF8vT5HNZ7hq_2yKWCE4X6UT0Mp4u6j825GQumUzmksVkrtitEgAAAAAAAADAEubMmwAAAACcBjIZDUerdR7IaLWcDFfLBZjYL9EFBgEAAAAAAChu_NiBnJ7H6_PWfBxum99vZYAHp0XmzZ8JYq1WyxoAAEAAGwAAIIBbN--BJNEo_v___z8OAABARo4eAABAfB8AAAAAAAAAgH-gVYMB!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-145-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://am-match.taboola.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 233
content-type: text/html; charset=UTF-8
date: Wed, 22 Feb 2023 18:15:36 GMT
etag: "403b9-119-5ec73a0a33d00"
last-modified: Wed, 02 Nov 2022 02:30:44 GMT
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Wed, 22 Feb 2023 18:15:36 GMT
location: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
server: AkamaiGHost

GET
DATA 200
OK truncated
/ Frame DFA7 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d197c1abf7818e9f21a431f89507ba1035292e0529c2ff7a7ca3fb67fc1a6ac8

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v15.0.5/ Frame 9D4A 440 KB
84 KB 20ms
19ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.0.5/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/32_5_6/infra/cmTagWIDGET_ITEM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 8a502d5288ea8ace408fbeb3fcbbedde698c1fa0b80e2215c22138f21c6f2d66

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-meta-mtime: 1677058881
date: Wed, 22 Feb 2023 18:15:36 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: P5S5GCT8SWYMGZ6M
age: 30796
x-cache: HIT
x-amz-meta-ctime: 1677058894
x-amz-meta-mode: 33188
content-length: 85338
x-amz-id-2: sgi1E+Mdf40VF8p/BCdlggo4OE7TUKQJbZv9cnwG5F9XW2DJzkT3fC4qgsk59jP2huUibg6tWvo=
x-served-by: cache-cdg20773-CDG
last-modified: Wed, 22 Feb 2023 09:41:35 GMT
server: AmazonS3-br
x-timer: S1677089736.439805,VS0,VE0
etag: "a7a112fdaf248edd0a8b4f4a89a58db8"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 12047

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 31A0 546 B
631 B 24ms
23ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V7ZxMCFgOmyueWjOy3swSmyueWjOy3swUAAAAGBuIHJGLxmEbD3WotGi03a9FquXFLXMOJWzGauWzGkW2yGDmMQCIWj2k03K3WotFysxatlhu3xDWcuBWjmctmHNkmi5HDDStoOh0-171e9_vdNR-H2-b32zV-t1_zNL38aufF8jT5XJa7xu_2ywEAAADg4f___x8CAAAAIAIAAABAAgAAAIAioOLfQuACAAAAAOP___9fAyCJowAelqfnHwAAAAAgAAAAACQAA25NJQAlhpUn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAHEMHZqqofn71n0QFx0WMAAAAALi8qSOOJnVCZVH1___fbwVwBQAQYKhn5decpTso8RYGAAAgIJYUGFPbsAv7OLZAD4vfb3bYNX63y_7_________zf7P_tGEhuBI04AqhB_VfgEBANZ-AQEA2NQNAOAtAC7kMNB0Onyue73u97trPg63ze-3a_xuv-gIWjEYrC4gZgcAAABw9____4-XFBhT27AL-6gHYibnxLEYrnbL1Wa2HC6cq8lmsBu5lruNxTNY-LYHD7mV4xp5d-43YYvRajLZLIez5WIyGI6Go9H-BmIxGOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEKVo0mKxGo8liMlyNJqvZcrHbbZCiVavZaDMYrmaT2W63Gg6Gy9EIJ2wxWk0mm-VwtlxMBsPRcDQaIkx5PMuJZTdY6za-3Vq03DjWEpdjtJZZTJuRYzMYLoyjtej1MT1cNpdjNNuiYADLXiRPi3QiWTlHnpVnuNuYZhabY7ebuWaGjW03XM2Wo-XCMxFLNCeLdCK77Gsm58SxGK52y9VmthwunKvJZrAbuZa7jcUzWPj2LY9nObHsBmvdxrdbi5Ybx1ricozWMotpM3JsBsOFcbQWvT6mh8vmcoxm-8ZstxsMl7vNaN-Y7XaD4XK3Ge07TKZn6nM2CjdroUclMScjM93NYVC4DBbvU7W6GLujg7fkPDpV2rKyszP6_X6_3-_3-_1-v0HrOZgNCt-1GxObM7e-9HeaGMQGgyKWCC7Sicjpebw-b83H4bb5_RaxRGm6SCd6zdP08qudF8vT5HNZ7hq_2yKWCE4X6UT0Mp4u6j825GQumUzmksVkrtitEgAAAAAAAADAEubMmwAAAACcBjIZDUerdR7IaLWcDFfLBZjYL9EFBgEAAAAAAChu_NiBnJ7H6_PWfBxum99vZYAHp0XmzZ8JYq1WyxoAAEAAGwAAIIBbN--BJNEo_v___z8OAABARo4eAABAfB8AAAAAAAAAgL8gBpvZbg!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/32_5_6/infra/cmTagWIDGET_ITEM.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 27bd01c8e79dcd85fd696e9d10581f0414f22dc14eb57d48cd8e2d129d275e42

Request headers

Referer: https://www.scamfoo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Wed, 22 Feb 2023 18:15:36 GMT
machineid: 3408
server: nginx

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5FB9
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

37ms
36ms

Document
text/html

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Feb 2023 18:15:36 GMT
expires: Wed, 22 Feb 2023 18:15:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Feb 2023 18:15:36 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js Show response
pagead2.googlesyndication.com/bg/ Frame B5F7 36 KB
14 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b59b178a96926571c770bdd3cc086face21d4a9c03c897d63064dbffac53eb13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 16:16:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7166
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14406
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Feb 2024 16:16:10 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2344 42 B
64 B 116ms
60ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstTxAEJhrhDV8eR5kMvgf4BGA1u4VOdbintw-66Y7ATi9to_6SiijfNYYTobANbEsow0v50drECakwTZEB9jF1yybdo&sig=Cg0ArKJSzNFJKiZLzNLDEAE&id=lidar2&mcvt=1295&p=0,0,280,728&mtos=1295,1295,1295,1295,1295&tos=1295,0,0,0,0&v=20230221&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=207406793&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1677089733520&rpt=1617&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 18:15:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A019
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

59ms
58ms

Document
text/html

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Feb 2023 18:15:36 GMT
expires: Wed, 22 Feb 2023 18:15:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Feb 2023 18:15:36 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js Show response
pagead2.googlesyndication.com/bg/ Frame 7D4D 36 KB
14 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js

Requested by

Host: www.scamfoo.com
URL: https://www.scamfoo.com/site/mybridger.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b59b178a96926571c770bdd3cc086face21d4a9c03c897d63064dbffac53eb13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 16:16:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7166
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14406
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Feb 2024 16:16:10 GMT

GET
H2 200 iframe.html Show response
p4-hpwjbghamdl72-vuxl5tt62pknex5i-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 8D5E 5 KB
2 KB 76ms
72ms Document
text/html 142.250.201.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-hpwjbghamdl72-vuxl5tt62pknex5i-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-hpwjbghamdl72-vuxl5tt62pknex5i-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-hpwjbghamdl72-vuxl5tt62pknex5i-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.201.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f3.1e100.net

Software

sffe /

Resource Hash

76efcb008fec73349e0402908f3a2eb7fdf9ed3a9a88264ec42ec8b835ee3e36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-hpwjbghamdl72-vuxl5tt62pknex5i-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 1987
content-security-policy-report-only: script-src 'nonce-Y-HSElfd0RrzRP8xaqWX_g' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Wed, 22 Feb 2023 18:15:36 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Fri, 03 Feb 2023 22:38:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F97C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

42ms
42ms

Document
text/html

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Feb 2023 18:15:36 GMT
expires: Wed, 22 Feb 2023 18:15:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Feb 2023 18:15:36 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 usync.js Show response
eus.rubiconproject.com/ Frame 5D9E 33 KB
10 KB 139ms
138ms Script
text/html 104.96.145.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-145-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 8d0d509a8218f67a249b5163bfd7c30265729a30ec703cca5d35e1c0ebe68edb

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:36 GMT
content-encoding: gzip
last-modified: Wed, 22 Feb 2023 14:28:33 GMT
server: Apache/2.2.15 (CentOS)
x-powered-by: PHP/5.3.3
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control: max-age=72777
content-length: 10007
expires: Thu, 23 Feb 2023 14:28:33 GMT

GET
H3 200 tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js Show response
pagead2.googlesyndication.com/bg/ Frame 1C1C 36 KB
14 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b59b178a96926571c770bdd3cc086face21d4a9c03c897d63064dbffac53eb13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 16:16:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7166
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14406
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Feb 2024 16:16:10 GMT

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame 9D4A 254 B
743 B 20ms
19ms Image
image/png 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: www.scamfoo.com
URL: https://www.scamfoo.com/site/mybridger.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date: Wed, 22 Feb 2023 18:15:36 GMT
via: 1.1 varnish
x-amz-request-id: YPR93VMR3A8JGEX4
age: 27967
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: zDuIcdt6S3stmzYEfDXrVDdNiMz2/9b67ArEVSE+q2VR4x9Mp+wDNkBA2o6YRkq7ELRmLKpGRJk=
x-served-by: cache-cdg20773-CDG
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1677089737.514337,VS0,VE0
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
content-type: image/png
abp: 99
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 5824

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame A189 2 KB
1 KB 268ms
266ms Image
image/svg+xml 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_ZbxwAA1L0Ef4hrAAj_uXCr98v4SdSQKW_Y7Q&u=%7CseXUhV9f4c45qU0Y1iKYWtQGvl5SEixGiglvYyPHeUI%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8R0XTFg4n334JzDG0QxBnFq0ZBTpmYDd8OqS4ilYwIpBoHzA8ktjKkD-a_IeRtSTThcFDrOVjcYIQqrmyTVuSIHEy10wcmNp6Zy1K6YhzLSNaIFhBvQS0XUNiyo8929pLlwZfnUj6DRJJqnLVbaTUz3ADbdxJjB6he3V13W2j5sYywcCeIgSDBifH2dVU2h3Foqr4JrwDXTmWm2WHD6xSL6KcfsJJnSVpPwp6CMtfZ9CAo2tI8cP9gVh2nP_tgzqzkhl62eXXeB1OSLPYmaZVYyuZsCWOqqjgbIi3pd3VYC6uBUQnXQte5Duxh3u-0bvr4unbh_v4uGv5TakpMMsk_G8_-K51ILQwlDFJEHPfqgtuX1gpAbIDbCAsJFCGNU2i_9H31sVyN7dgp-p0-qNs01KVhWkRez1T0N_qgOs9MRAKmbKtbjI_Ul52Z9x0b-V2TPnmlyU0VvpOfS6qps4eoIV0Sud_TGSI6pZ6vNVhfQkQfOfuihITYasuMweUPdHsFdCY5ndvr_DlagzjfbLKr_QVSO9evQCBJ5JhpMdWqdJIn2L6w1D-Wq&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCty6Ex1v2Y72pA-uQ_tMPuf-j0A7JntKxXM2jlvdwwI23ARABIABg-wGCARdjYS1wdWItMjMwMzU5MDIzODUyNjgyNsgBCakCda6mCKjXsT6oAwGqBNsBT9Bn5tbLYAEVYxlYIfKbnHhnGhCDHzlfAyAdP5PrvUFM_MKSiZHGwI4zFy_YgaRT1YUNr8QLBmPmjjvDvKwqdLBvETyFwNAGaWdMX_eymrHThqTDlQDr9Qe7Ayyaft9JLbQmwE1lLRjIb11WfF_WEw667jJKn17dbiyccJty-LiLV-pnPC9PeGmlMvyiKRcSOelED4S59GlzQnECu5Cy3EHVf2vVpwmQbOZxg03Vj3eMrZhY1gMBsMHSmlHPfCae5aT5EIMjNwDCwHDWTn60AjQCfnu0ISeaaXUugAb-wcKCuN-mjagBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1p-VKWJMyt3TCJ-U_LtRkU-Q6S_Q%26client%3Dca-pub-2303590238526826%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Feb 2024 18:15:36 GMT

GET
H2 200 adchoices_fr.svg
static.criteo.net/flash/icon/ Frame A189 2 KB
1 KB 271ms
269ms Image
image/svg+xml 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_fr.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

8bc40f263d0a1fbb8421a5fe91ccb4ab7eb23b9b4c12a16e09703cd336d7cbb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-75e"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Feb 2024 18:15:36 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame A189 308 B
636 B 269ms
268ms Image
image/svg+xml 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 17 Feb 2024 18:15:36 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame A189 293 B
621 B 270ms
269ms Image
image/svg+xml 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sat, 17 Feb 2024 18:15:36 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame A189 43 B
347 B 28ms
28ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=5IS5SQfa8K_lDPDpIHdqp7XRumG_gfJ36FTR1baPEcc8K_c9evDULaIykkJZRT17T07kyUCFy1ryZhXPHd1EPMKy2ldvoNImnj28KC1Yi_TxeDDZD69GvtbV1V24q_-lhQfNv52JNTaAPUOnJWqYK8ZfUnX21xIAhHrjFQpTAgFAbHgpRQYfKj2ECuV9pMjTScOQtxoG9m4Kexau9RMFy6IUUqVbeTC-R7ih0KIbogq7Qe62eX42DaxVf8u68z-bzDcNfJATTsdzOR38JZifkQv6Tw65trcNBrldw8Qeh-vsG7k9XEdUhH9DT--K41kSfjVk8HB6p6uesrYvTnnHxbb3C2q7MfUBqBk07pIG2Ozsy_Z8ge8xDz4EBYffC6O4CuWHnFtWAoIVngnK6sNECjK1vRtr-z7MDYypk2ZMoGyc1w6u

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 18:15:36 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1579827
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 usync.js Show response
eus.rubiconproject.com/ Frame 7372 33 KB
10 KB 70ms
70ms Script
text/html 104.96.145.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-145-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 8d0d509a8218f67a249b5163bfd7c30265729a30ec703cca5d35e1c0ebe68edb

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:36 GMT
content-encoding: gzip
last-modified: Wed, 22 Feb 2023 14:28:33 GMT
server: Apache/2.2.15 (CentOS)
x-powered-by: PHP/5.3.3
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control: max-age=72777
content-length: 10007
expires: Thu, 23 Feb 2023 14:28:33 GMT

GET
H2 206 blackScreen5.mp4
vidstatb.taboola.com/vid/ Frame 9D4A 89 KB
89 KB 21ms
19ms Media
video/mp4 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by: Host: www.scamfoo.com
URL: https://www.scamfoo.com/site/mybridger.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer: https://www.scamfoo.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Range: bytes=0-

Response headers

x-amz-meta-mtime: 1497790207
date: Wed, 22 Feb 2023 18:15:36 GMT
via: 1.1 d5ee2aa873a3cb23609433e0272dd41c.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: CDG50-P2
age: 753134
x-cache: Hit from cloudfront, HIT
Content-Range: bytes 0-90783/90784
x-amz-meta-mode: 33188
Content-Length: 90784
x-served-by: cache-cdg20773-CDG
last-modified: Sun, 02 Jul 2017 20:40:57 GMT
server: AmazonS3
x-timer: S1677089737.578791,VS0,VE0
etag: "b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid: 0
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: kHm8B9Vy2ecv49_My657sd4OIVOFzJ6y0Ry5AQyOmNDqS4Es8Lf8ig==
x-cache-hits: 140183

POST
H2 200 all
csm.eu.criteo.net/ Frame 0EFF 0
127 B 22ms
21ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 22 Feb 2023 18:15:35 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame E552 254 B
773 B 22ms
22ms Image
image/png 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: www.scamfoo.com
URL: https://www.scamfoo.com/site/mybridger.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date: Wed, 22 Feb 2023 18:15:36 GMT
via: 1.1 varnish
x-amz-request-id: YPR93VMR3A8JGEX4
age: 27967
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: zDuIcdt6S3stmzYEfDXrVDdNiMz2/9b67ArEVSE+q2VR4x9Mp+wDNkBA2o6YRkq7ELRmLKpGRJk=
x-served-by: cache-cdg20773-CDG
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1677089737.580198,VS0,VE0
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
content-type: image/png
abp: 99
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 5825

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DFA7 0
20 B 60ms
59ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=jca&jc=62&version=r20230216&sample=0.01

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 18:15:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame DFA7 0
18 B 69ms
68ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cc8LBxVv2Y9iqJeyS_tMP3NCMwA6t9tesbtu2mrWgDv3j5sC7JRABIKOauwtg-wGgAY3s5NkCyAEBqQLYT_6ZVMGoPqgDAcgDywSqBOIBT9Ae1WGpkCAfMreTGshW7_yFFr2QWmHZ5fdfmhnGrig6UOlpgeCJmhYIKU-v3_zeERnQbnyV_p97Nz9anckXqpQUgF2ysalIXVL_Xo4X705Km2ZJdXjTaVk5iE_qB2rl3L4PMhiq_CGRK7v8cWsv0sPd7wqTL4y2r9M-8-bxfgvTtmEtAFKAmRsPe_VXoI_u7uD6GwCClWwjX3oNqwlKVpIFa1lKkFfI0ZjGLU5U2H6KUGuT9EwvQjHLqur8Un5pxFWf0ht9o_AE1ZhPFk2oPHbSOKcgj5SaqlwdbmNrobjD_MAE4MKdzOYDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGAB9uTm6YBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwMQhTnSCBEIgOGAcBABGB8yAusCOgKAQIAKAcgLAdgTDYgUCNAVAYAXAbIXHAoaCAASFHB1Yi0yMzAzNTkwMjM4NTI2ODI2GAA&sigh=pAtLKIbHdFw&uach_m=[UACH]&cid=CAQSGwDUE5ym22glWvoHQADwUVD7ThtgWqis0t-RMxgB&vis=1

Requested by

Host: www.scamfoo.com
URL: https://www.scamfoo.com/site/mybridger.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 22 Feb 2023 18:15:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v15.0.5/ Frame E552 440 KB
84 KB 22ms
21ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.0.5/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/32_5_7/infra/cmTagWIDGET_ITEM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 8a502d5288ea8ace408fbeb3fcbbedde698c1fa0b80e2215c22138f21c6f2d66

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-meta-mtime: 1677058881
date: Wed, 22 Feb 2023 18:15:36 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: P5S5GCT8SWYMGZ6M
age: 30797
x-cache: HIT
x-amz-meta-ctime: 1677058894
x-amz-meta-mode: 33188
content-length: 85338
x-amz-id-2: sgi1E+Mdf40VF8p/BCdlggo4OE7TUKQJbZv9cnwG5F9XW2DJzkT3fC4qgsk59jP2huUibg6tWvo=
x-served-by: cache-cdg20773-CDG
last-modified: Wed, 22 Feb 2023 09:41:35 GMT
server: AmazonS3-br
x-timer: S1677089737.702391,VS0,VE0
etag: "a7a112fdaf248edd0a8b4f4a89a58db8"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 12048

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 7A16 738 B
823 B 23ms
22ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V77YoCFgOsD8lGfQDXPASsD8lGfQDXPAUAAAAGBuIHJOGZ7JajyWitsawca9FkZlwrfKvNWrSxOBzOkcXhHC6MQBKeyW45mozWGsvKsRZNZsa1wrfarEUbi8PhHFkczuHCDStoOh0-171e9_vdNR-H2-b32zV-t1_zNL38aufF8jT5XJa7xu_2ywEAAADg4f___x8CAAAAIAIAAABAAgAAAIAioOLfQuACAAAAAOP___9fAyCJowAelqfnHwAAAAAgAAAAACQAA25NJQAlhpUn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAHENgh7TiJN5FC0QFeUWMAAAAALi8qSOOJnVCZVH1___fbwVwBQAQYKhn9QeVpTso8RYGAAAgIJYUGFPbsAv7OLZAD4vfb3bYNX63y_7_________zf7P_tGEhuBI04AqhB_VfgEBANZ-AQEA2NQNAOAtAC7kMNB0Onyue73u97trPg63ze-3a_xuv-gIWjEYrC4gZgcAAABw9____4-XFBhT27AL-6gHYqbFaGGYGAYb43Aym3gWHudqtty4RraVcWOxDba3nHPe-o_gneU3YYvRajLZLIez5WIyGI6Go9H-BmIxGOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEKVo0mKxGo8liMlyNJqvZcrHbbZCiVavZaDMYrmaT2W63Gg6Gy9EIJ2wxWk0mm-VwtlxMBsPRcDQaIkzZbAvjaDFYSwazyVo0WBnWyo3FtZZYjIOJZbgwLnzDtej1MT1cNpdjNNuiYADLXiRPi3QisYxGhtHGtliOdoOJb-HcjFamlW0yWkxWG9dsNhFLNCeLdCK77GumxWhhmBgGG-NwMpt4Fh7narbcuEa2lXFjsQ32LZttYRwtBmvJYDZZiwYrw1q5sbjWEotxMLEMF8aFb7gWvT6mh8vmcoxm-8ZstxsMl7vNaN-Y7XaD4XK3Ge07TKZn6nM2CjdroUclMScjM93NYVC4DBbvU7W6GLujg7fkPDpV2rKyszP6_X6_3-_3-_1-v0HrOZgNCt-1GxObM7e-9HeaGMQGgyKWCC7Sicjpebw-b83H4bb5_RaxRGm6SCd6zdP08qudF8vT5HNZ7hq_2yKWCE4X6UT0Mp4u6j825GQumUzmksVkrtitEgAAAAAAAADAEubMmwAAAACcBjIZDUerdR7IaLWcDFfLBZjYL9EFBgEAAAAAAChu_NiBnJ7H6_PWfBxum99vZYAHp0XmzZ8JYq1WyxoAAEAAGwAAIIBbN--BJNEo_v___z8OAABARo4eAABAfB8AAAAAAAAAgH-gVYMB!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/32_5_7/infra/cmTagWIDGET_ITEM.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: f29d6a15dad119f952895a5e28b31ac92fb281d0da77d4beb056cbe74f3a5ece

Request headers

Referer: https://www.scamfoo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Wed, 22 Feb 2023 18:15:36 GMT
machineid: 3406
server: nginx

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2962
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

62ms
62ms

Document
text/html

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Feb 2023 18:15:36 GMT
expires: Wed, 22 Feb 2023 18:15:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Feb 2023 18:15:36 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff
static.criteo.net/design/dt/ Frame D18F 46 KB
46 KB 288ms
287ms Font
application/octet-stream 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-b778"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Feb 2024 18:15:36 GMT

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame 31A0 43 B
182 B 96ms
96ms Image
image/gif 2600:1f18:612b:4200:b1cf:6448:b8ed:e475
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7ZxMCFgOmyueWjOy3swSmyueWjOy3swUAAAAGBuIHJGLxmEbD3WotGi03a9FquXFLXMOJWzGauWzGkW2yGDmMQCIWj2k03K3WotFysxatlhu3xDWcuBWjmctmHNkmi5HDDStoOh0-171e9_vdNR-H2-b32zV-t1_zNL38aufF8jT5XJa7xu_2ywEAAADg4f___x8CAAAAIAIAAABAAgAAAIAioOLfQuACAAAAAOP___9fAyCJowAelqfnHwAAAAAgAAAAACQAA25NJQAlhpUn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAHEMHZqqofn71n0QFx0WMAAAAALi8qSOOJnVCZVH1___fbwVwBQAQYKhn5decpTso8RYGAAAgIJYUGFPbsAv7OLZAD4vfb3bYNX63y_7_________zf7P_tGEhuBI04AqhB_VfgEBANZ-AQEA2NQNAOAtAC7kMNB0Onyue73u97trPg63ze-3a_xuv-gIWjEYrC4gZgcAAABw9____4-XFBhT27AL-6gHYibnxLEYrnbL1Wa2HC6cq8lmsBu5lruNxTNY-LYHD7mV4xp5d-43YYvRajLZLIez5WIyGI6Go9H-BmIxGOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEKVo0mKxGo8liMlyNJqvZcrHbbZCiVavZaDMYrmaT2W63Gg6Gy9EIJ2wxWk0mm-VwtlxMBsPRcDQaIkx5PMuJZTdY6za-3Vq03DjWEpdjtJZZTJuRYzMYLoyjtej1MT1cNpdjNNuiYADLXiRPi3QiWTlHnpVnuNuYZhabY7ebuWaGjW03XM2Wo-XCMxFLNCeLdCK77Gsm58SxGK52y9VmthwunKvJZrAbuZa7jcUzWPj2LY9nObHsBmvdxrdbi5Ybx1ricozWMotpM3JsBsOFcbQWvT6mh8vmcoxm-8ZstxsMl7vNaN-Y7XaD4XK3Ge07TKZn6nM2CjdroUclMScjM93NYVC4DBbvU7W6GLujg7fkPDpV2rKyszP6_X6_3-_3-_1-v0HrOZgNCt-1GxObM7e-9HeaGMQGgyKWCC7Sicjpebw-b83H4bb5_RaxRGm6SCd6zdP08qudF8vT5HNZ7hq_2yKWCE4X6UT0Mp4u6j825GQumUzmksVkrtitEgAAAAAAAADAEubMmwAAAACcBjIZDUerdR7IaLWcDFfLBZjYL9EFBgEAAAAAAChu_NiBnJ7H6_PWfBxum99vZYAHp0XmzZ8JYq1WyxoAAEAAGwAAIIBbN--BJNEo_v___z8OAABARo4eAABAfB8AAAAAAAAAgL8gBpvZbg!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4200:b1cf:6448:b8ed:e475 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Wed, 22 Feb 2023 18:15:36 GMT
server: Apache-Coyote/1.1
content-type: image/gif

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 31A0 70 B
264 B 37ms
37ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7ZxMCFgOmyueWjOy3swSmyueWjOy3swUAAAAGBuIHJGLxmEbD3WotGi03a9FquXFLXMOJWzGauWzGkW2yGDmMQCIWj2k03K3WotFysxatlhu3xDWcuBWjmctmHNkmi5HDDStoOh0-171e9_vdNR-H2-b32zV-t1_zNL38aufF8jT5XJa7xu_2ywEAAADg4f___x8CAAAAIAIAAABAAgAAAIAioOLfQuACAAAAAOP___9fAyCJowAelqfnHwAAAAAgAAAAACQAA25NJQAlhpUn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAHEMHZqqofn71n0QFx0WMAAAAALi8qSOOJnVCZVH1___fbwVwBQAQYKhn5decpTso8RYGAAAgIJYUGFPbsAv7OLZAD4vfb3bYNX63y_7_________zf7P_tGEhuBI04AqhB_VfgEBANZ-AQEA2NQNAOAtAC7kMNB0Onyue73u97trPg63ze-3a_xuv-gIWjEYrC4gZgcAAABw9____4-XFBhT27AL-6gHYibnxLEYrnbL1Wa2HC6cq8lmsBu5lruNxTNY-LYHD7mV4xp5d-43YYvRajLZLIez5WIyGI6Go9H-BmIxGOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEKVo0mKxGo8liMlyNJqvZcrHbbZCiVavZaDMYrmaT2W63Gg6Gy9EIJ2wxWk0mm-VwtlxMBsPRcDQaIkx5PMuJZTdY6za-3Vq03DjWEpdjtJZZTJuRYzMYLoyjtej1MT1cNpdjNNuiYADLXiRPi3QiWTlHnpVnuNuYZhabY7ebuWaGjW03XM2Wo-XCMxFLNCeLdCK77Gsm58SxGK52y9VmthwunKvJZrAbuZa7jcUzWPj2LY9nObHsBmvdxrdbi5Ybx1ricozWMotpM3JsBsOFcbQWvT6mh8vmcoxm-8ZstxsMl7vNaN-Y7XaD4XK3Ge07TKZn6nM2CjdroUclMScjM93NYVC4DBbvU7W6GLujg7fkPDpV2rKyszP6_X6_3-_3-_1-v0HrOZgNCt-1GxObM7e-9HeaGMQGgyKWCC7Sicjpebw-b83H4bb5_RaxRGm6SCd6zdP08qudF8vT5HNZ7hq_2yKWCE4X6UT0Mp4u6j825GQumUzmksVkrtitEgAAAAAAAADAEubMmwAAAACcBjIZDUerdR7IaLWcDFfLBZjYL9EFBgEAAAAAAChu_NiBnJ7H6_PWfBxum99vZYAHp0XmzZ8JYq1WyxoAAEAAGwAAIIBbN--BJNEo_v___z8OAABARo4eAABAfB8AAAAAAAAAgL8gBpvZbg!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 22 Feb 2023 18:15:36 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

/
sync.taboola.com/sg/yahoosspus-network/1/rtb-h/ Frame 31A0
Redirect Chain

https://ups.analytics.yahoo.com/ups/58534/occ
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-AtSrrKFE2uGws6mM3sKGXQUgWyoIDVlv0DIEFsw-~A

0
98 B

22ms
21ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-AtSrrKFE2uGws6mM3sKGXQUgWyoIDVlv0DIEFsw-~A
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7ZxMCFgOmyueWjOy3swSmyueWjOy3swUAAAAGBuIHJGLxmEbD3WotGi03a9FquXFLXMOJWzGauWzGkW2yGDmMQCIWj2k03K3WotFysxatlhu3xDWcuBWjmctmHNkmi5HDDStoOh0-171e9_vdNR-H2-b32zV-t1_zNL38aufF8jT5XJa7xu_2ywEAAADg4f___x8CAAAAIAIAAABAAgAAAIAioOLfQuACAAAAAOP___9fAyCJowAelqfnHwAAAAAgAAAAACQAA25NJQAlhpUn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAHEMHZqqofn71n0QFx0WMAAAAALi8qSOOJnVCZVH1___fbwVwBQAQYKhn5decpTso8RYGAAAgIJYUGFPbsAv7OLZAD4vfb3bYNX63y_7_________zf7P_tGEhuBI04AqhB_VfgEBANZ-AQEA2NQNAOAtAC7kMNB0Onyue73u97trPg63ze-3a_xuv-gIWjEYrC4gZgcAAABw9____4-XFBhT27AL-6gHYibnxLEYrnbL1Wa2HC6cq8lmsBu5lruNxTNY-LYHD7mV4xp5d-43YYvRajLZLIez5WIyGI6Go9H-BmIxGOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEKVo0mKxGo8liMlyNJqvZcrHbbZCiVavZaDMYrmaT2W63Gg6Gy9EIJ2wxWk0mm-VwtlxMBsPRcDQaIkx5PMuJZTdY6za-3Vq03DjWEpdjtJZZTJuRYzMYLoyjtej1MT1cNpdjNNuiYADLXiRPi3QiWTlHnpVnuNuYZhabY7ebuWaGjW03XM2Wo-XCMxFLNCeLdCK77Gsm58SxGK52y9VmthwunKvJZrAbuZa7jcUzWPj2LY9nObHsBmvdxrdbi5Ybx1ricozWMotpM3JsBsOFcbQWvT6mh8vmcoxm-8ZstxsMl7vNaN-Y7XaD4XK3Ge07TKZn6nM2CjdroUclMScjM93NYVC4DBbvU7W6GLujg7fkPDpV2rKyszP6_X6_3-_3-_1-v0HrOZgNCt-1GxObM7e-9HeaGMQGgyKWCC7Sicjpebw-b83H4bb5_RaxRGm6SCd6zdP08qudF8vT5HNZ7hq_2yKWCE4X6UT0Mp4u6j825GQumUzmksVkrtitEgAAAAAAAADAEubMmwAAAACcBjIZDUerdR7IaLWcDFfLBZjYL9EFBgEAAAAAAChu_NiBnJ7H6_PWfBxum99vZYAHp0XmzZ8JYq1WyxoAAEAAGwAAIIBbN--BJNEo_v___z8OAABARo4eAABAfB8AAAAAAAAAgL8gBpvZbg!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:37 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 24586

Redirect headers

location: https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-AtSrrKFE2uGws6mM3sKGXQUgWyoIDVlv0DIEFsw-~A
date: Wed, 22 Feb 2023 18:15:36 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 206 blackScreen5.mp4
vidstatb.taboola.com/vid/ Frame E552 89 KB
89 KB 22ms
22ms Media
video/mp4 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by: Host: www.scamfoo.com
URL: https://www.scamfoo.com/site/mybridger.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer: https://www.scamfoo.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Range: bytes=0-

Response headers

x-amz-meta-mtime: 1497790207
date: Wed, 22 Feb 2023 18:15:36 GMT
via: 1.1 d5ee2aa873a3cb23609433e0272dd41c.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: CDG50-P2
age: 753134
x-cache: Hit from cloudfront, HIT
Content-Range: bytes 0-90783/90784
x-amz-meta-mode: 33188
Content-Length: 90784
x-served-by: cache-cdg20773-CDG
last-modified: Sun, 02 Jul 2017 20:40:57 GMT
server: AmazonS3
x-timer: S1677089737.802368,VS0,VE0
etag: "b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid: 0
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: kHm8B9Vy2ecv49_My657sd4OIVOFzJ6y0Ry5AQyOmNDqS4Es8Lf8ig==
x-cache-hits: 140184

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ Frame 9D4A 3 KB
2 KB 25ms
25ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230221-21-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding: gzip
via: 1.1 varnish
date: Wed, 22 Feb 2023 18:15:36 GMT
x-amz-request-id: FYD57AY8KTDMK17F
age: 1802
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1340
x-amz-id-2: kRP1uXWEvzTHj+3+H/e6eWeq7LP4+46zmRqP/+Ux8tJhL4ZYHuYuCgIMP25/W8SO/SGfbv9pXEs=
x-served-by: cache-cdg20773-CDG
last-modified: Wed, 12 Oct 2022 13:57:57 GMT
server: AmazonS3
x-timer: S1677089737.803430,VS0,VE0
etag: "383fa66d2a0a09f4a6e64a9593ad43bb"
vary: Accept-Encoding
content-type: application/javascript
abp: 99
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 1916

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame 7A16 43 B
182 B 96ms
95ms Image
image/gif 2600:1f18:612b:4200:b1cf:6448:b8ed:e475
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V77YoCFgOsD8lGfQDXPASsD8lGfQDXPAUAAAAGBuIHJOGZ7JajyWitsawca9FkZlwrfKvNWrSxOBzOkcXhHC6MQBKeyW45mozWGsvKsRZNZsa1wrfarEUbi8PhHFkczuHCDStoOh0-171e9_vdNR-H2-b32zV-t1_zNL38aufF8jT5XJa7xu_2ywEAAADg4f___x8CAAAAIAIAAABAAgAAAIAioOLfQuACAAAAAOP___9fAyCJowAelqfnHwAAAAAgAAAAACQAA25NJQAlhpUn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAHENgh7TiJN5FC0QFeUWMAAAAALi8qSOOJnVCZVH1___fbwVwBQAQYKhn9QeVpTso8RYGAAAgIJYUGFPbsAv7OLZAD4vfb3bYNX63y_7_________zf7P_tGEhuBI04AqhB_VfgEBANZ-AQEA2NQNAOAtAC7kMNB0Onyue73u97trPg63ze-3a_xuv-gIWjEYrC4gZgcAAABw9____4-XFBhT27AL-6gHYqbFaGGYGAYb43Aym3gWHudqtty4RraVcWOxDba3nHPe-o_gneU3YYvRajLZLIez5WIyGI6Go9H-BmIxGOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEKVo0mKxGo8liMlyNJqvZcrHbbZCiVavZaDMYrmaT2W63Gg6Gy9EIJ2wxWk0mm-VwtlxMBsPRcDQaIkzZbAvjaDFYSwazyVo0WBnWyo3FtZZYjIOJZbgwLnzDtej1MT1cNpdjNNuiYADLXiRPi3QisYxGhtHGtliOdoOJb-HcjFamlW0yWkxWG9dsNhFLNCeLdCK77GumxWhhmBgGG-NwMpt4Fh7narbcuEa2lXFjsQ32LZttYRwtBmvJYDZZiwYrw1q5sbjWEotxMLEMF8aFb7gWvT6mh8vmcoxm-8ZstxsMl7vNaN-Y7XaD4XK3Ge07TKZn6nM2CjdroUclMScjM93NYVC4DBbvU7W6GLujg7fkPDpV2rKyszP6_X6_3-_3-_1-v0HrOZgNCt-1GxObM7e-9HeaGMQGgyKWCC7Sicjpebw-b83H4bb5_RaxRGm6SCd6zdP08qudF8vT5HNZ7hq_2yKWCE4X6UT0Mp4u6j825GQumUzmksVkrtitEgAAAAAAAADAEubMmwAAAACcBjIZDUerdR7IaLWcDFfLBZjYL9EFBgEAAAAAAChu_NiBnJ7H6_PWfBxum99vZYAHp0XmzZ8JYq1WyxoAAEAAGwAAIIBbN--BJNEo_v___z8OAABARo4eAABAfB8AAAAAAAAAgH-gVYMB!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4200:b1cf:6448:b8ed:e475 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Wed, 22 Feb 2023 18:15:36 GMT
server: Apache-Coyote/1.1
content-type: image/gif

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 7A16 70 B
264 B 41ms
40ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V77YoCFgOsD8lGfQDXPASsD8lGfQDXPAUAAAAGBuIHJOGZ7JajyWitsawca9FkZlwrfKvNWrSxOBzOkcXhHC6MQBKeyW45mozWGsvKsRZNZsa1wrfarEUbi8PhHFkczuHCDStoOh0-171e9_vdNR-H2-b32zV-t1_zNL38aufF8jT5XJa7xu_2ywEAAADg4f___x8CAAAAIAIAAABAAgAAAIAioOLfQuACAAAAAOP___9fAyCJowAelqfnHwAAAAAgAAAAACQAA25NJQAlhpUn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAHENgh7TiJN5FC0QFeUWMAAAAALi8qSOOJnVCZVH1___fbwVwBQAQYKhn9QeVpTso8RYGAAAgIJYUGFPbsAv7OLZAD4vfb3bYNX63y_7_________zf7P_tGEhuBI04AqhB_VfgEBANZ-AQEA2NQNAOAtAC7kMNB0Onyue73u97trPg63ze-3a_xuv-gIWjEYrC4gZgcAAABw9____4-XFBhT27AL-6gHYqbFaGGYGAYb43Aym3gWHudqtty4RraVcWOxDba3nHPe-o_gneU3YYvRajLZLIez5WIyGI6Go9H-BmIxGOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEKVo0mKxGo8liMlyNJqvZcrHbbZCiVavZaDMYrmaT2W63Gg6Gy9EIJ2wxWk0mm-VwtlxMBsPRcDQaIkzZbAvjaDFYSwazyVo0WBnWyo3FtZZYjIOJZbgwLnzDtej1MT1cNpdjNNuiYADLXiRPi3QisYxGhtHGtliOdoOJb-HcjFamlW0yWkxWG9dsNhFLNCeLdCK77GumxWhhmBgGG-NwMpt4Fh7narbcuEa2lXFjsQ32LZttYRwtBmvJYDZZiwYrw1q5sbjWEotxMLEMF8aFb7gWvT6mh8vmcoxm-8ZstxsMl7vNaN-Y7XaD4XK3Ge07TKZn6nM2CjdroUclMScjM93NYVC4DBbvU7W6GLujg7fkPDpV2rKyszP6_X6_3-_3-_1-v0HrOZgNCt-1GxObM7e-9HeaGMQGgyKWCC7Sicjpebw-b83H4bb5_RaxRGm6SCd6zdP08qudF8vT5HNZ7hq_2yKWCE4X6UT0Mp4u6j825GQumUzmksVkrtitEgAAAAAAAADAEubMmwAAAACcBjIZDUerdR7IaLWcDFfLBZjYL9EFBgEAAAAAAChu_NiBnJ7H6_PWfBxum99vZYAHp0XmzZ8JYq1WyxoAAEAAGwAAIIBbN--BJNEo_v___z8OAABARo4eAABAfB8AAAAAAAAAgH-gVYMB!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 22 Feb 2023 18:15:36 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame A189 12 KB
5 KB 30ms
29ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 502052
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9u9Xj23NCwT1jAULaZxg%2BUO90s4w0XW0lHcipnrJ4Ew7IPXzcKQdFuF%2F08bRjUPU0XBk4Rz4K7N2uWccPYnnSo84r9lCfd%2Bo9aU889Apt5vT%2FNgGR%2BGfrtRdVakZ7AoSHf28bxuiPwhG8Qbajehrrfy3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 79d9b54748fbf158-CDG
expires: Mon, 12 Feb 2024 18:15:36 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame A189 12 KB
6 KB 283ms
282ms Script
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Feb 2024 18:15:36 GMT

GET
H2 200 ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff
static.criteo.net/design/dt/ Frame A189 46 KB
46 KB 285ms
284ms Font
application/octet-stream 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-b778"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Feb 2024 18:15:36 GMT

GET
H2 200 0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff
static.criteo.net/design/dt/ Frame A189 38 KB
38 KB 319ms
318ms Font
application/octet-stream 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-97a8"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Feb 2024 18:15:36 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame A189 7 KB
8 KB 23ms
23ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

7ab53cfcdd636dbee30e773959c5bf27021917d2dc301b9f12661d6cc555ed5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=498061
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 7526
expires: Tue, 28 Feb 2023 12:36:38 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame A189 27 KB
27 KB 27ms
24ms Image
image/png 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=556&m=0&partner=1144&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F3018%2F190121%2Fd5e62e10a9934e2bb7fb3aa410880bf8_blanco.png&v=3&w=442&s=B4LpJuQorZeRyqz8il-WhEC3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

929c879c6bc2aae485ed7f225af07267b0b00daea514295b13a5385c48b90d66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30468140
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 27675
expires: Sat, 10 Feb 2024 09:37:57 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame A189 57 KB
57 KB 28ms
25ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=1144&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F1726%2F230103%2F3a1bd9d7344d4a2c915f44041488396a_img_square_3.jpg&v=3&w=1200&s=pOFczWbtUDBPV2LUHmqs6L7x

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

b6da9aaee5808484b1e951ece94821715329d1da4dfc5ecaf18442d81e1aadc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30468033
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 57904
expires: Sat, 10 Feb 2024 09:36:09 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame A189 15 KB
15 KB 30ms
28ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=1144&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.fr%2Fassets%2F1400x1960%2F1606465840%2F20266426-uiAnXaLs.jpg&v=3&w=400&s=tWBjZaN0bMhUULS-X0p8J8yz&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

8bfadf29262ac0c22314bd5abe91f18fdfb92a4bf692c44d3fc08762ddc39f8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=565977
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 15464
expires: Wed, 01 Mar 2023 07:28:34 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame A189 11 KB
11 KB 26ms
23ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=1144&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.fr%2Fassets%2F1400x1960%2F1647469986%2F22059521-76tqhRZf.jpg&v=3&w=400&s=xz7_LkppglPfkzTTOSUKqXl6&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

2f6d4033eeaa4b0ac5e8e47087b1de8c494e7c74a1685df2cdfecdcc94be2bb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=478090
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 10856
expires: Tue, 28 Feb 2023 07:03:47 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame A189 0
127 B 28ms
26ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=M6dq_4Yd5qQbxLG0_DrzQB495eFsxRFHY2k_3MjmVSIcDpbNjRYCxdBTpUH_FpB6HPCVsS-SPC45kJMJafBvx51XE3rJNs2wDm034wvzYUmn6QPWyEXHNEPmHSTlksDfo7ZvoQh4geZKGaXgMDfHWoJpGXg-k1SDHHRbaiebsqsKdLthevbShRO6D1SY6xysOCmTRr85WAVCL3saMHgR4mSJEubdwrzpzkWAZQ6DnvgQpcEOUw_ndvG4zJw&sds=2&rev=84699&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 22 Feb 2023 18:15:36 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame A189 2 KB
1 KB 269ms
268ms Image
image/svg+xml 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Feb 2024 18:15:36 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame A189 2 KB
1 KB 271ms
271ms Image
image/svg+xml 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Feb 2024 18:15:36 GMT

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ Frame E552 3 KB
1 KB 24ms
21ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230221-21-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding: gzip
via: 1.1 varnish
date: Wed, 22 Feb 2023 18:15:36 GMT
x-amz-request-id: FYD57AY8KTDMK17F
age: 1802
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1340
x-amz-id-2: kRP1uXWEvzTHj+3+H/e6eWeq7LP4+46zmRqP/+Ux8tJhL4ZYHuYuCgIMP25/W8SO/SGfbv9pXEs=
x-served-by: cache-cdg20773-CDG
last-modified: Wed, 12 Oct 2022 13:57:57 GMT
server: AmazonS3
x-timer: S1677089737.874698,VS0,VE0
etag: "383fa66d2a0a09f4a6e64a9593ad43bb"
vary: Accept-Encoding
content-type: application/javascript
abp: 99
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 1917

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 7372 284 B
536 B 131ms
25ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 5D9E 284 B
536 B 126ms
26ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
DATA 200
OK truncated
/ Frame 500B 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7a2a37e593864e26773f4ca690bed9243621e913e6648f60ea9d9d2bec56a683

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

usync.html Show response
eus.rubiconproject.com/ Frame 37D4
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

281 B
410 B

71ms
70ms

Document
text/html

104.96.145.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V77YoCFgOsD8lGfQDXPASsD8lGfQDXPAUAAAAGBuIHJOGZ7JajyWitsawca9FkZlwrfKvNWrSxOBzOkcXhHC6MQBKeyW45mozWGsvKsRZNZsa1wrfarEUbi8PhHFkczuHCDStoOh0-171e9_vdNR-H2-b32zV-t1_zNL38aufF8jT5XJa7xu_2ywEAAADg4f___x8CAAAAIAIAAABAAgAAAIAioOLfQuACAAAAAOP___9fAyCJowAelqfnHwAAAAAgAAAAACQAA25NJQAlhpUn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAHENgh7TiJN5FC0QFeUWMAAAAALi8qSOOJnVCZVH1___fbwVwBQAQYKhn9QeVpTso8RYGAAAgIJYUGFPbsAv7OLZAD4vfb3bYNX63y_7_________zf7P_tGEhuBI04AqhB_VfgEBANZ-AQEA2NQNAOAtAC7kMNB0Onyue73u97trPg63ze-3a_xuv-gIWjEYrC4gZgcAAABw9____4-XFBhT27AL-6gHYqbFaGGYGAYb43Aym3gWHudqtty4RraVcWOxDba3nHPe-o_gneU3YYvRajLZLIez5WIyGI6Go9H-BmIxGOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEKVo0mKxGo8liMlyNJqvZcrHbbZCiVavZaDMYrmaT2W63Gg6Gy9EIJ2wxWk0mm-VwtlxMBsPRcDQaIkzZbAvjaDFYSwazyVo0WBnWyo3FtZZYjIOJZbgwLnzDtej1MT1cNpdjNNuiYADLXiRPi3QisYxGhtHGtliOdoOJb-HcjFamlW0yWkxWG9dsNhFLNCeLdCK77GumxWhhmBgGG-NwMpt4Fh7narbcuEa2lXFjsQ32LZttYRwtBmvJYDZZiwYrw1q5sbjWEotxMLEMF8aFb7gWvT6mh8vmcoxm-8ZstxsMl7vNaN-Y7XaD4XK3Ge07TKZn6nM2CjdroUclMScjM93NYVC4DBbvU7W6GLujg7fkPDpV2rKyszP6_X6_3-_3-_1-v0HrOZgNCt-1GxObM7e-9HeaGMQGgyKWCC7Sicjpebw-b83H4bb5_RaxRGm6SCd6zdP08qudF8vT5HNZ7hq_2yKWCE4X6UT0Mp4u6j825GQumUzmksVkrtitEgAAAAAAAADAEubMmwAAAACcBjIZDUerdR7IaLWcDFfLBZjYL9EFBgEAAAAAAChu_NiBnJ7H6_PWfBxum99vZYAHp0XmzZ8JYq1WyxoAAEAAGwAAIIBbN--BJNEo_v___z8OAABARo4eAABAfB8AAAAAAAAAgH-gVYMB!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-145-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://am-match.taboola.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 233
content-type: text/html; charset=UTF-8
date: Wed, 22 Feb 2023 18:15:37 GMT
etag: "403b9-119-5ec73a0a33d00"
last-modified: Wed, 02 Nov 2022 02:30:44 GMT
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Wed, 22 Feb 2023 18:15:37 GMT
location: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
server: AkamaiGHost

GET
DATA 200
OK truncated
/ Frame 5676 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d0697734321480fca8807ae62694752c961822dfd58f805120b46333f29f46c7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 all
csm.eu.criteo.net/ Frame 8B4A 0
127 B 21ms
21ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 22 Feb 2023 18:15:36 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff
static.criteo.net/design/dt/ Frame D18F 38 KB
38 KB 283ms
282ms Font
application/octet-stream 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff

Requested by

Host: www.scamfoo.com
URL: https://www.scamfoo.com/site/mybridger.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:37 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-97a8"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Feb 2024 18:15:37 GMT

GET
H2 200 usync.js Show response
eus.rubiconproject.com/ Frame 37D4 33 KB
10 KB 107ms
107ms Script
text/html 104.96.145.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-145-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 8d0d509a8218f67a249b5163bfd7c30265729a30ec703cca5d35e1c0ebe68edb

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:37 GMT
content-encoding: gzip
last-modified: Wed, 22 Feb 2023 14:28:33 GMT
server: Apache/2.2.15 (CentOS)
x-powered-by: PHP/5.3.3
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control: max-age=72776
content-length: 10007
expires: Thu, 23 Feb 2023 14:28:33 GMT

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 5D9E 0
239 B 105ms
25ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=15414&gdpr=1&us_privacy=1---&gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 / Show response
pips.taboola.com/ Frame 9D4A 4 B
38 B 62ms
24ms XHR
text/plain 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-served-by: cache-cdg20775-CDG
date: Wed, 22 Feb 2023 18:15:37 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://www.scamfoo.com
cache-control: no-store
accept-ranges: bytes
content-length: 4
retry-after: 0
x-cache-hits: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5676 0
18 B 66ms
65ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CsgNDxVv2Y9mqJeyS_tMP3NCMwA7JntKxXNWdkfdwwI23ARABIABg-wGCARdjYS1wdWItMjMwMzU5MDIzODUyNjgyNsgBCakCda6mCKjXsT6oAwGqBNIBT9ARj03owM3SmPxeHJdqpmlrZ988BExmgJPq5PcpPtxMFtpVS78WcRLUVTGrnO40PmddlYpkyFq29nNRAyNS9I1TLMrx3DOn1WYVDP4OHxsfrAO0RLyZ_mXANDgwCxTAsw01MhEKP33Pe7vImQ2CN5Cvgcp9m5BVxo4ZC-TUbOMAbV2fsGWPjAViiU9Ds3HA8yAdZx5P3q4GMb-wXo1csBcV7uPrj_LYgCj6SH3oCP2Yg0r376ZLLlGV6V9u3OZW5TB2WYlqexBDfFGVcNpuGfingAb-wcKCuN-mjagBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0yMzAzNTkwMjM4NTI2ODI2GAA&sigh=4ipE7Ahq9kA&uach_m=[UACH]&cid=CAQSGwDUE5ym22glWvoHQADwUVD7ThtgWqis0t-RMxgB&vis=1

Requested by

Host: www.scamfoo.com
URL: https://www.scamfoo.com/site/mybridger.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 22 Feb 2023 18:15:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 5676 0
125 B 26ms
26ms Image
text/plain 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kqe_EMK-MLQB9AOdg2ICAgAAAI5YgFN6_MEl4K2o3xDFW_ZjphRPRamrG6gR1sAAEgAACg5BUVVCQVFZQkFRRVBBUQ&wp=Y_ZbxQAJVVkEf4lsAAMoXEzPSeO8_Xqb-LkxSg

Requested by

Host: www.scamfoo.com
URL: https://www.scamfoo.com/site/mybridger.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:36 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 157283
content-length: 0

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D18F 57 KB
57 KB 22ms
21ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

b6da9aaee5808484b1e951ece94821715329d1da4dfc5ecaf18442d81e1aadc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:37 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30468032
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 57904
expires: Sat, 10 Feb 2024 09:36:09 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D18F 11 KB
11 KB 23ms
22ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

2f6d4033eeaa4b0ac5e8e47087b1de8c494e7c74a1685df2cdfecdcc94be2bb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=478090
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 10856
expires: Tue, 28 Feb 2023 07:03:47 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D18F 20 KB
20 KB 20ms
20ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ca9016ba9d853943ed2c67e95d2bd046f0aabb13940d997872150e7598791136

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=220806
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 20190
expires: Sat, 25 Feb 2023 07:35:43 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D18F 27 KB
27 KB 21ms
20ms Image
image/png 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=232&m=0&partner=1144&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F3018%2F190121%2F8ee840d4a3ed46b29e29bc1b9545348c_stardardcon.png&v=3&w=356&s=NcZmYNSBC6EX6FujvZCsaF1K

Requested by

Host: www.scamfoo.com
URL: https://www.scamfoo.com/site/mybridger.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

3d44370097c9f3121780271480c8f58764d4c963df7ba0c2be2b11adce5dc0af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30468032
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 27603
expires: Sat, 10 Feb 2024 09:36:09 GMT

GET
H3 200 tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js Show response
pagead2.googlesyndication.com/bg/ Frame F5FA 36 KB
14 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b59b178a96926571c770bdd3cc086face21d4a9c03c897d63064dbffac53eb13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 16:16:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7167
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14406
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Feb 2024 16:16:10 GMT

GET
H2 200 / Show response
pips.taboola.com/ Frame E552 4 B
122 B 29ms
19ms XHR
text/plain 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-served-by: cache-cdg20775-CDG
date: Wed, 22 Feb 2023 18:15:37 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://www.scamfoo.com
cache-control: no-store
accept-ranges: bytes
content-length: 4
retry-after: 0
x-cache-hits: 0

GET
H2 204 / Show response
cds.taboola.com/ Frame E552 0
82 B 398ms
94ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=ef6a8410-2062-40e0-9cb5-bb80b28a8a78-tuctaefe146&mbl=ZmFsc2U=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 22 Feb 2023 18:15:37 GMT
cache-control: no-store
server: nginx

GET
H2 204 / Show response
cds.taboola.com/ Frame 9D4A 0
82 B 672ms
88ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=ec39b270-7c77-49c1-be14-fb43d1308a84-tuctaefe146&mbl=ZmFsc2U=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 22 Feb 2023 18:15:38 GMT
cache-control: no-store
server: nginx

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D18F 20 KB
20 KB 20ms
20ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.scamfoo.com
URL: https://www.scamfoo.com/site/mybridger.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ca9016ba9d853943ed2c67e95d2bd046f0aabb13940d997872150e7598791136

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=220806
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 20190
expires: Sat, 25 Feb 2023 07:35:43 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D18F 57 KB
57 KB 20ms
20ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.scamfoo.com
URL: https://www.scamfoo.com/site/mybridger.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

b6da9aaee5808484b1e951ece94821715329d1da4dfc5ecaf18442d81e1aadc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30468032
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 57904
expires: Sat, 10 Feb 2024 09:36:09 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D18F 11 KB
11 KB 21ms
21ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.scamfoo.com
URL: https://www.scamfoo.com/site/mybridger.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

2f6d4033eeaa4b0ac5e8e47087b1de8c494e7c74a1685df2cdfecdcc94be2bb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=478090
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 10856
expires: Tue, 28 Feb 2023 07:03:47 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D18F 27 KB
27 KB 21ms
21ms Image
image/png 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.scamfoo.com
URL: https://www.scamfoo.com/site/mybridger.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

3d44370097c9f3121780271480c8f58764d4c963df7ba0c2be2b11adce5dc0af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30468032
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 27603
expires: Sat, 10 Feb 2024 09:36:09 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 37D4 284 B
536 B 26ms
26ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 76ms
75ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230216&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d411f1b7cd7de0bdb726df95b027936e358f602afff720f1d441b1822255a7f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11177
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 22 Feb 2023 18:15:37 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 141C 13 KB
5 KB 30ms
26ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scamfoo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 22 Feb 2023 18:15:02 GMT
expires: Thu, 22 Feb 2024 18:15:02 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F56D 783 B
971 B 63ms
61ms Document
text/html 2a00:1450:400d:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f2fae71640d53999b3d266ad8e64e91a111e5742984139ba46b079a29d3407ad

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GRrtMUVFMlNjxdK9IXV2Rg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.scamfoo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-GRrtMUVFMlNjxdK9IXV2Rg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 22 Feb 2023 18:15:37 GMT
expires: Wed, 22 Feb 2023 18:15:37 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js Show response
pagead2.googlesyndication.com/bg/ Frame 141C 36 KB
14 KB 30ms
27ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b59b178a96926571c770bdd3cc086face21d4a9c03c897d63064dbffac53eb13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 16:16:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7167
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14406
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Feb 2024 16:16:10 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DFA7 42 B
64 B 63ms
63ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvJu09FP4XRUjBzrDwK7791leNlikATxlxhYB6869Ievuian27IX-5nW2G8AAAIB3iurie6KZpUTKdY5y7Tv_umSyEbllt_ahmMLdeAt9cb-5Ny0XEvg1XVKF3K_a9QU3sx8GKSgA&sai=AMfl-YTMotim1GL4gb9Pod0oBNyht3n2s0g4gZtDn_KXweTjXGSQ6lsI66Tf8n5xB7x1FNPJD1-HqVurCfx8&sig=Cg0ArKJSzB5QRYr2SEbTEAE&cid=CAQSGwDUE5ym22glWvoHQADwUVD7ThtgWqis0t-RMxgB&id=lidar2&mcvt=1004&p=0,0,500,180&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20230221&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1677089735259&rpt=1024&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 18:15:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F56D 0
0 60ms
59ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230216&jk=271215218793982&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 141C 0
10 B 26ms
26ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?jWOksg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:15:37 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 all
csm.eu.criteo.net/ Frame D18F 0
127 B 28ms
27ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 22 Feb 2023 18:15:37 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5676 42 B
64 B 60ms
60ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu9vGbkZcCRwqIUkPhc4P4BcQwVZ5D5MjMFYRf3xOBcbGF_tr2I4Swih5oV43lXXnOxRn5XKY5nxhwfMdqyAVVPBX4&sig=Cg0ArKJSzPu0HVh08-clEAE&id=lidar2&mcvt=1000&p=0,0,500,180&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230221&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1677089735263&rpt=616&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 18:15:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 67ms
67ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230216&jk=271215218793982&bg=!paalpvLNAAZYlHKzeJQ7ADkAdvg8WgaXiWhlc9O1XuNnLR794UMyt13WSj2xZD9ThF9Bd00UaCrPur9NlgdrdYUK7pVbBprJhXICAAAAkFIAAAAEaAEHmQKbhKKmfWxBNDdhD_yVKc52kUpM4s7Y66Dsd7YKp7KDYC7do-5BFQfes2rNI91gjMZtcDC5V47ENib1Y6volWfu3UN8E-D1eeRBEt6H3o0IUNSiJJI9htlA9GK2GxVwyxLKF_f_wWOPbzXKRVtIlVCmr-L2mHmZ0qK9OIL39Dipiw8KSwnCBkBIqVYm4Alr1nEjohXjO8AKFqm6ccKfbqTGvlHQa9skDmJwI2iy3t7pCMNfZN4WPxUpnvZ2nFL5AxPcEiowY7DvvgV3dYYHyuO3Yt6cNYs6BzSuVdTIa8s2SpXMp7-8zi1qXGzGkAhtJGTT9ZygLaSfdAl9gOw8CLWNca_5eR1zOD-vvzwPbmgHeYWvqMdCdK2en-1oFTXr3btjQy99o3e8bWNaIf60Fg4se0OHj04FH5cCQfWs5NBJEi8RybFBnL9t6ur2z5_fVO2b3jHq_sSPs8Kk6SW5sbPtbIwnIllFumvfUiWUjNn_creTrsL8-xIlsOgK3NboDL8rxBxq0roFhvTT5ffYtr6ZoufddEtkSBwl2jvLARE5Xr4RWl_wYLRSrTZhrp_5qYjKaWZYSYlwt7Ej3yQglfHrWG4JHa-9AEaVEfGTDSge1i2aotizgh1UOnXSrir2IYeWqtjkiwxshSxx6H7tXiWQHUfnlBKKkNAcIDrp-9tXfEAKt8TooGxrZUfJN8Wf6BPzY0scux-BPucFhbjFvdgzrPpYyLGttPoIoAzq6BaVTsVmtyw_CKw_CcMKei1xKd7iuNGMGK2lm6hP15YEzF6ydYeps7n9ZXy8vR_6_ZcYHEvuSO5J9ZAfkJYN3L0ICoQW_o2GJDwngmizueCxItPpwS0smZ4FFOPesvcwQJSiD7zVr6B5abT35ji9IQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.scamfoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ Frame 9D4A 1 KB
588 B 737ms
737ms XHR
application/json 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1677089741343&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1505&pt=-183716309&tz=0&viewable=true&ddast=V7ZxMCFgOmyueWjOy3swSmyueWjOy3swUAAAAGBuIHJGLxmEbD3WotGi03a9FquXFLXMOJWzGauWzGkW2yGDmMQCIWj2k03K3WotFysxatlhu3xDWcuBWjmctmHNkmi5HDDStoOh0-171e9_vdNR-H2-b32zV-t1_zNL38aufF8jT5XJa7xu_2ywEAAADg4f___x8CAAAAIAIAAABAAgAAAIAioOLfQuACAAAAAOP___9fAyCJowAelqfnHwAAAAAgAAAAACQAA25NJQAlhpUn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAHEMHZqqofn71n0QFx0WMAAAAALi8qSOOJnVCZVH1___fbwVwBQAQYKhn5decpTso8RYGAAAgIJYUGFPbsAv7OLZAD4vfb3bYNX63y_7_________zf7P_tGEhuBI04AqhB_VfgEBANZ-AQEA2NQNAOAtAC7kMNB0Onyue73u97trPg63ze-3a_xuv-gIWjEYrC4gZgcAAABw9____4-XFBhT27AL-6gHYibnxLEYrnbL1Wa2HC6cq8lmsBu5lruNxTNY-LYHD7mV4xp5d-43YYvRajLZLIez5WIyGI6Go9H-BmIxGOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEKVo0mKxGo8liMlyNJqvZcrHbbZCiVavZaDMYrmaT2W63Gg6Gy9EIJ2wxWk0mm-VwtlxMBsPRcDQaIkx5PMuJZTdY6za-3Vq03DjWEpdjtJZZTJuRYzMYLoyjtej1MT1cNpdjNNuiYADLXiRPi3QiWTlHnpVnuNuYZhabY7ebuWaGjW03XM2Wo-XCMxFLNCeLdCK77Gsm58SxGK52y9VmthwunKvJZrAbuZa7jcUzWPj2LY9nObHsBmvdxrdbi5Ybx1ricozWMotpM3JsBsOFcbQWvT6mh8vmcoxm-8ZstxsMl7vNaN-Y7XaD4XK3Ge07TKZn6nM2CjdroUclMScjM93NYVC4DBbvU7W6GLujg7fkPDpV2rKyszP6_X6_3-_3-_1-v0HrOZgNCt-1GxObM7e-9HeaGMQGgyKWCC7Sicjpebw-b83H4bb5_RaxRGm6SCd6zdP08qudF8vT5HNZ7hq_2yKWCE4X6UT0Mp4u6j825GQumUzmksVkrtitEgAAAAAAAADAEubMmwAAAACcBjIZDUerdR7IaLWcDFfLBZjYL9EFBgEAAAAAAChu_NiBnJ7H6_PWfBxum99vZYAHp0XmzZ8JYq1WyxoAAEAAGwAAIIBbN--BJNEo_v___z8OAABARo4eAABAfB8AAAAAAAAAgL8gBpvZbg!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=1&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2459285&dpubid=224845&abtst=dpa_vA!esv_vC!ufm_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.scamfoo.com&en=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.8/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 71fcf8955d39b8744643e5b2c15853fa7e7e4f5f63d99cd9e8f800028177b5c2

Request headers

Referer: https://www.scamfoo.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Wed, 22 Feb 2023 18:15:42 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1462
x-cache: MISS
x-served-by: cache-cdg20773-CDG
pragma: no-cache
server: nginx
x-timer: S1677089741.351773,VS0,VE717
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.scamfoo.com
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ Frame E552 1 KB
775 B 71ms
70ms XHR
application/json 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1677089741501&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1505&pt=-1231472454&tz=0&viewable=true&ddast=V77YoCFgOsD8lGfQDXPASsD8lGfQDXPAUAAAAGBuIHJOGZ7JajyWitsawca9FkZlwrfKvNWrSxOBzOkcXhHC6MQBKeyW45mozWGsvKsRZNZsa1wrfarEUbi8PhHFkczuHCDStoOh0-171e9_vdNR-H2-b32zV-t1_zNL38aufF8jT5XJa7xu_2ywEAAADg4f___x8CAAAAIAIAAABAAgAAAIAioOLfQuACAAAAAOP___9fAyCJowAelqfnHwAAAAAgAAAAACQAA25NJQAlhpUn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAHENgh7TiJN5FC0QFeUWMAAAAALi8qSOOJnVCZVH1___fbwVwBQAQYKhn9QeVpTso8RYGAAAgIJYUGFPbsAv7OLZAD4vfb3bYNX63y_7_________zf7P_tGEhuBI04AqhB_VfgEBANZ-AQEA2NQNAOAtAC7kMNB0Onyue73u97trPg63ze-3a_xuv-gIWjEYrC4gZgcAAABw9____4-XFBhT27AL-6gHYqbFaGGYGAYb43Aym3gWHudqtty4RraVcWOxDba3nHPe-o_gneU3YYvRajLZLIez5WIyGI6Go9H-BmIxGOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEKVo0mKxGo8liMlyNJqvZcrHbbZCiVavZaDMYrmaT2W63Gg6Gy9EIJ2wxWk0mm-VwtlxMBsPRcDQaIkzZbAvjaDFYSwazyVo0WBnWyo3FtZZYjIOJZbgwLnzDtej1MT1cNpdjNNuiYADLXiRPi3QisYxGhtHGtliOdoOJb-HcjFamlW0yWkxWG9dsNhFLNCeLdCK77GumxWhhmBgGG-NwMpt4Fh7narbcuEa2lXFjsQ32LZttYRwtBmvJYDZZiwYrw1q5sbjWEotxMLEMF8aFb7gWvT6mh8vmcoxm-8ZstxsMl7vNaN-Y7XaD4XK3Ge07TKZn6nM2CjdroUclMScjM93NYVC4DBbvU7W6GLujg7fkPDpV2rKyszP6_X6_3-_3-_1-v0HrOZgNCt-1GxObM7e-9HeaGMQGgyKWCC7Sicjpebw-b83H4bb5_RaxRGm6SCd6zdP08qudF8vT5HNZ7hq_2yKWCE4X6UT0Mp4u6j825GQumUzmksVkrtitEgAAAAAAAADAEubMmwAAAACcBjIZDUerdR7IaLWcDFfLBZjYL9EFBgEAAAAAAChu_NiBnJ7H6_PWfBxum99vZYAHp0XmzZ8JYq1WyxoAAEAAGwAAIIBbN--BJNEo_v___z8OAABARo4eAABAfB8AAAAAAAAAgH-gVYMB!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=1&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2459285&dpubid=224845&abtst=ufm_vA!ul3257_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.scamfoo.com&en=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.8/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 075cee321d3d65bcfd7b9baa7bd3dd7022af3f9c639f7055663d716b785852f0

Request headers

Referer: https://www.scamfoo.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Wed, 22 Feb 2023 18:15:41 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1491
x-cache: MISS
x-served-by: cache-cdg20773-CDG
pragma: no-cache
server: nginx
x-timer: S1677089742.511618,VS0,VE49
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.scamfoo.com
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: traffic.alexa.com
URL: https://traffic.alexa.com/graph?&w=580&h=300&o=f&c=1&y=t&b=FFFFE5&n=666666&r=6m&u=mybridger.com&

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.scamfoo.com/	1970-01-20 19:27:29	Name: _ga Value: GA1.2.880433619.1677089733
.scamfoo.com/	1970-01-20 09:52:56	Name: _gid Value: GA1.2.1208748442.1677089733
.scamfoo.com/	1970-01-20 09:51:29	Name: _gat Value: 1
www.scamfoo.com/	1970-01-20 19:27:29	Name: _omappvp Value: vV1mH2qLnHvljYX94eF8nXIHMrqu37vcSmEjHWvnD4VVMXa3Vu7Q93k8pKglrhD1WIUSv7MTtZmQJrA66sWuPgsrIuo58gOg
www.scamfoo.com/	1970-01-20 09:51:30	Name: _omappvs Value: 1677089733256
.scamfoo.com/	1970-01-20 19:13:05	Name: __gads Value: ID=6e6481329ffb4785-224c1d62f8dc00f2:T=1677089733:RT=1677089733:S=ALNI_MaVKg2u9jZeMyporVRPEU2KTJF9jw
.scamfoo.com/	1970-01-20 19:13:05	Name: __gpi Value: UID=00000bbae2df8668:T=1677089733:RT=1677089733:S=ALNI_MavvGqaBMjc9LdOwIXZ7KyV4RAHqw
.doubleclick.net/	1970-01-20 19:13:05	Name: IDE Value: AHWqTUkaeCdmy0u4kQTnehelU4p8J_pMqnCL5JanylFoC7jI9KC1mccqB77_KCjKmNo
disqus.com/	1970-01-20 09:51:31	Name: __jid Value: 6hrgmlo26jto20
.disqus.com/	1970-01-20 18:37:05	Name: disqus_unique Value: 6hrgn8r1gcjapn
.scorecardresearch.com/	1970-01-20 19:13:05	Name: UID Value: 110810aa461b87d05927d501677089734
www.scamfoo.com/	1970-01-20 18:37:05	Name: trc_cookie_storage Value: taboola%2520global%253Auser-id%3Def6a8410-2062-40e0-9cb5-bb80b28a8a78-tuctaefe146
.yahoo.com/	1970-01-20 18:37:27	Name: A3 Value: d=AQABBMhb9mMCEC0vlxETNP5pLMND6xaivYgFEgEBAQGt92MAZAAAAAAA_eMAAA&S=AQAAAvPNYrC9hWpKHv8zs5r3hJ8
.analytics.yahoo.com/	1970-01-20 18:37:05	Name: IDSYNC Value: 195y~2a56
.doubleclick.net/	1970-01-20 09:51:33	Name: DSID Value: NO_DATA

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://traffic.alexa.com/graph?&w=580&h=300&o=f&c=1&y=t&b=FFFFE5&n=666666&r=6m&u=mybridger.com& Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://www.surbl.org&size=16 Message: Failed to load resource: the server responded with a status of 404 ()
security	warning	URL: https://scamfoo.disqus.com/embed.js(Line 46) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security	warning	URL: https://scamfoo.disqus.com/embed.js(Line 46) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
network	error	URL: https://api.omappapi.com/v1/optin/30145/583913 Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2303590238526826&output=html&h=280&slotname=1433402308&adk=207406793&adf=2620106563&pi=t.ma~as.1433402308&w=728&fwrn=4&fwrnh=100&lmt=1677089733&rafmt=1&format=728x280&url=https%3A%2F%2Fwww.scamfoo.com%2Fsite%2Fmybridger.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677089733201&bpp=1&bdt=527&idt=343&shv=r20230216&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C728x280&nras=1&correlator=8232058220225&frm=20&pv=1&ga_vid=880433619.1677089733&ga_sid=1677089734&ga_hid=1012116864&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=3790&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44777877%2C44759837%2C31072348%2C44779794&oid=2&pvsid=271215218793982&tmod=480944890&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=Mo%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=pvoMnEiiY8&p=https%3A//www.scamfoo.com&dtd=346 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271803&client=ca-pub-2303590238526826&fa=3&ifi=9&uci=a!9&btvi=5&xpc=ZO2I3FB7F5&p=https%3A//www.scamfoo.com Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.omappapi.com
a.optnmstr.com
ads.eu.criteo.com
adservice.google.com
adservice.google.fr
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
api.omappapi.com
c.disquscdn.com
cat.nl3.eu.criteo.com
cdn.taboola.com
cdnjs.cloudflare.com
cds.taboola.com
code.jquery.com
csm.eu.criteo.net
disqus.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
images.taboola.com
imprammp.taboola.com
match.adsrvr.org
maxcdn.bootstrapcdn.com
p4-hpwjbghamdl72-vuxl5tt62pknex5i-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pips.taboola.com
pix.eu.criteo.net
pixel.rubiconproject.com
referrer.disqus.com
rtb.fr.eu.criteo.com
rtb.nl3.eu.criteo.com
sb.scorecardresearch.com
scamfoo.disqus.com
secure-assets.rubiconproject.com
static.criteo.net
sync.taboola.com
t0.gstatic.com
t2.gstatic.com
t3.gstatic.com
taboola-supply-partners.tremorhub.com
tempest.services.disqus.com
token.rubiconproject.com
tpc.googlesyndication.com
traffic.alexa.com
trc-events.taboola.com
trc.taboola.com
ups.analytics.yahoo.com
vidstat.taboola.com
vidstatb.taboola.com
wf.taboola.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.scamfoo.com
x.bidswitch.net
traffic.alexa.com
104.96.145.246
108.138.189.32
141.226.224.32
141.226.228.48
142.250.201.195
151.101.1.44
151.101.192.134
163.172.255.115
178.250.1.6
18.66.112.67
185.180.12.68
199.232.192.64
199.232.196.134
2001:4de0:ac18::1:a:2b
2406:2600:4::1
2600:1f18:612b:4200:b1cf:6448:b8ed:e475
2600:9000:223d:5200:6:8656:f5c0:93a1
2606:4700::6811:190e
2606:4700::6812:acf
2a00:1450:4001:802::2002
2a00:1450:4001:803::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2001
2a00:1450:400d:802::2003
2a00:1450:400d:804::2004
2a00:1450:400d:806::2004
2a00:1450:400d:807::2002
2a00:1450:400d:808::2004
2a00:1450:400d:80c::200a
2a00:1450:400d:80e::2004
2a02:2638:3::12
2a02:2638:3::9
2a02:2638::1c
2a02:2638::2
2a02:2638::21
2a02:2638::c
3.71.149.231
35.157.214.223
52.223.40.198
69.173.144.138
69.173.144.165
0272213218dd226e85dac4d4c04eac79e7791ad66f82e78078e8b7d9987c2944
02f855880af38e6ce3d28b76f4b2c6f44f0f93a57aef3430e8ad073345ea5fc0
04015d09b0e4d5446692458e86ef150aa9c4a082595c426fc75aa84a44d137bc
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
0589c5845288117448d7aa710af60618b151d78efd1a2653f89a0b57f7eb3de8
068753b8f09b32ad8a3283199c7252090d0076a56924df724dda72828ae31b95
075cee321d3d65bcfd7b9baa7bd3dd7022af3f9c639f7055663d716b785852f0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b11f2524bff6600e0a13ab09b28ae090f3fb5d730452b38702ee873f6e326aa
0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f
0cf8bb170f1a2a7cbe978ba2be4edb781121643b81030fc7946829e93acf8554
0dad155e43d912a28bb4fbe1e0e2141c695e0923ef70a9f902d8fc4ade58229f
103f4d3fbc08fff41f2ddb722186887b3d8977d2a7da27e7ed0f2f5752dc339f
120ba29ed579b0cda11cfbd53dacb62bb36054b3325eac927ecfaa44c5cf60a3
1687b46329e28a6afe7bad32f34e753b276dd268e0679784b4da7fb8e00e465c
171832f39ed45c53d6f3b4ed0f70f900049de1da0187ec60845172be5a8ee617
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
193952b59c9a975154471a0ce405acdc8c3f6fa17b2414e818c14cee77f1d460
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d490a6dee875dcc1503cc7c96199346d9e5e4ea83295ad98c1ddcceaf0f2279
1da88b92dba24e5bf090d31e5b66e0a0958cb60e0f582f78eb41cb4dbaf0628f
1e41ae167d297f60ae0bf52f8cf9548b1d0d65e813945ea319c7397cfe430102
230fca3db0f68f69e84c973b0f5919df7feaf8807c5a02c23f6a5e6fc152924d
27bd01c8e79dcd85fd696e9d10581f0414f22dc14eb57d48cd8e2d129d275e42
29cf63b3a3f220aa82357afebcfda1a2499327ce2429680ab58af2a87ed19f23
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b070b069a185e014ea48900d105c47a98153f775c4608091fefe739a12a5190
2dad213285801020465f93d54e35ca0b20a53f9c4f40c04109b7372426fba914
2e0fe839dbaeea0ad5f7f386e4246dfd27eb9e9408d39bd78a5b240eaff3bc80
2f6d4033eeaa4b0ac5e8e47087b1de8c494e7c74a1685df2cdfecdcc94be2bb7
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4
3365cc561f7225c273384ec6060a70e6dc3fb71ea6195b7d759b191c086ec17a
372e7919085c63af67ee7a26bc6005e890f22dc5fc971469be92571476b16ad7
37b6869852931f3be78c39fbe3f854826e80b774b823d6389de3ed70d04c8a87
3b4ae1af8c061814499a518052fa346dab187f9475abbd595aeb719aed383375
3d44370097c9f3121780271480c8f58764d4c963df7ba0c2be2b11adce5dc0af
3deda25f1d4dacb2dcb6291e32e305b3390f6225a657f45ce798101dcfcb9865
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3eee15d11eb29b6f2258cabfeeca39b3b900a7cae96fc7919b27789f3470b9f9
3f3ded0be4eadf1c18601ad8bd6e7228755a871604f3c97ad01e4236e8a1c810
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
42722376a093d3ef5fb37a24f4c916fedb38b9a4fa35ff666aeb495bbdb11da8
47ec011ded23d7f691a91acb9001c109657000b7497b4152335c73233f880c6d
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0138b422197a3832b7668ae64821740e9f7e760e18dc978e47aed28c9c8ef7
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e902c64b724e110bbb3a8840f46d79f8569949376c73edf7955dbf388159cc5
50de719051ac450992625c5ff7b3dc8de4a1b2e83be9a088e9e36ab7452e25be
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
54376e76a46c45c731d315ff1cb6c048e33d36ba907f567b8364d7835ff04571
54604a0e284c1d6fa29e38ab0fd33176580d4858a4d7d771f29d2d5e24f9c03a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55f4b7c55874aeb1a034061727d660809262cd2d2063e54617337bb4d6a14955
585408a2b9dc027d952b5c543ba76c059ebdf0dfeb8cbb3842483ceede79e916
595a9899c05532f7feb4efece8c92b9f2cd9fa71212cd876a803aa369ace46fb
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
5bd060c4d7413c66456b91af3b13d3a3823c90543d9ccebc7a94a892ecb36d27
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d7b380a8622800488ca14eb8369126d66401b5fc0c4b3de5947aadfb0c79f6d
5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61d0d8c1d8f8da4ddc8da836aa1af85603b2761cc96a0aaa70839fc2749bf51d
65129e24bea54b2b4d21a97daaf5352efe20e9b5771b8f7bbefffff07e78c63d
66aa95645a92aae3b1c321b4d36adab150af7a6a69979817c9d0bd99337bdf8d
68648572302d736202975bde41364646e2d1fabada3c5b2bee7c87697c4d42f4
6908a17080533cc597c4b17bd876ce02ba3c2aeaec4bb9763571dd31b98162c0
6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38
6cf9c54a933c58e06664d81ba301017db383a8d851d43f67d368f8456b56a88a
6e9d827bc7fbd23d9123edf8b6536480b8ef251eaccdb34bad0345eee10704f7
700261a833506c06be76964c2366817dc6dca0f690dffc70fe58276734baa18b
71fcf8955d39b8744643e5b2c15853fa7e7e4f5f63d99cd9e8f800028177b5c2
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7640f81e09415a7ff5ea301404e5ab774be148dea3c650c0a92b60d87a0f7975
76efcb008fec73349e0402908f3a2eb7fdf9ed3a9a88264ec42ec8b835ee3e36
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a2a37e593864e26773f4ca690bed9243621e913e6648f60ea9d9d2bec56a683
7ab53cfcdd636dbee30e773959c5bf27021917d2dc301b9f12661d6cc555ed5c
7d0e475eda9027f07958a8382af45c961dc58976a79c5f9c10100664f621a604
84713e73b3cf1844f688b3c92369b5dccd2b31b175c8c1056d240c40761997df
84fa6dbf7d8f2370e13e095c9e12e30842b1c299592ec7c0b704ce14682cf133
87a40e88963acab5e079bc3643f0bb72a5ff9ead67a7c3da52455ce4a7df28be
88db2738fc112dbd531e3a1e42ac7276a68473a075780dcbd9c3dd237dda301c
88e3e3bfcf232e93c3de77cb2f644801a7e812b8b933ae6bdece0a5b031dba7d
8a502d5288ea8ace408fbeb3fcbbedde698c1fa0b80e2215c22138f21c6f2d66
8bc40f263d0a1fbb8421a5fe91ccb4ab7eb23b9b4c12a16e09703cd336d7cbb5
8bfadf29262ac0c22314bd5abe91f18fdfb92a4bf692c44d3fc08762ddc39f8a
8d0d509a8218f67a249b5163bfd7c30265729a30ec703cca5d35e1c0ebe68edb
8d32c8534ae07d063358a78a03ca24428a1a5cbcefdcab779ffb2f46cac5ac7a
8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f27e2e2bea481c9bc25591c66f8a4743aa3bcb2dc26db73fcd5d71a33c2aaf5
9282b885825f1f265eb093acf11379fc90dd4e156588a02790c1515822e79858
929c879c6bc2aae485ed7f225af07267b0b00daea514295b13a5385c48b90d66
94f0ba828c6a9863bd0f4ba7d7f9c24c20ae64c4bb4f40895221a4af539a72b8
9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3
98c5d085af0203422d443dce1c737ac861630fe6aada284508ca1db3558bde8f
9ad3a15528f72e9ce2a28abe62a31041e849b40d097de32e596fb37ee3ee74ac
9c72aa9048dc4cb5f976e7b1a5be738cdc5429f35291261fab0036d077afaa51
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9dfd12686ce6d33fb4b4f4f63f6db553b98effdd66e8446a22b3d6e9f2fd97a7
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2b99e503b5319a2e1d631cc47480a7168d51f73857323fb4f58db5a2eb66687
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a657bedd3bc0c106f7cfa5fe6556a0b7e175870d33bd7da9ef67ffcffbafda69
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a8565a0aa214e2ecf8ad9dba771e98012ce6303a370e05806269a1c220a0fd0b
a866e634cb1fc275f23b7531b4dd90750d895d6f871f8c3a148c249cbee58f0b
ac277cd42cf8d19737f2974a8edb07f0b4fc12cdf73846a3ac89d4fff0c41209
adcd95dd49427458eaf132f51bbd6325a82a23f7c08e0a994885b49d7ea2d0e7
b00752a14f31593e5642ea377b95698ca657c635e26674356aac76594d1863ba
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1809b0740b88b3986b635cceee0982da6a2065fbdef1cab1fc3bb853c57ffd3
b246d8ebe3eb6d7b265009bfd8f1aec3f1547302a9d18a227a9f4e7371eaf657
b4c7e5be9b57e70381a79f5afbf7f69e990072b90c89ad6ecfc0c18643050da9
b59b178a96926571c770bdd3cc086face21d4a9c03c897d63064dbffac53eb13
b6da9aaee5808484b1e951ece94821715329d1da4dfc5ecaf18442d81e1aadc7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd863b437fcc1aeb37e1a3119c85d2a3089ada081737adffa0680b36200a647b
bdfee30c950d608a9d51cf5555bf2b187756b7c7bcd69180f2046765521ea1e7
c11cb8a2559b0ede513d84f4c2436af3b10ba523fe5541351f036a95a4184d73
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c4cca3667c38220c749975744351a573b280308d1f9662ebd407d7bc14a42a9c
ca9016ba9d853943ed2c67e95d2bd046f0aabb13940d997872150e7598791136
ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf63c0ab8fd88df6f1cfd80fc6ffa24ef21ca8e2446fe8737c46c89b4a9c5c49
d0697734321480fca8807ae62694752c961822dfd58f805120b46333f29f46c7
d0ae8e8f5f5bca0f3a97bc4d1f7e7aef096e1b1170a2e335d98debfe8aa9e8ed
d197c1abf7818e9f21a431f89507ba1035292e0529c2ff7a7ca3fb67fc1a6ac8
d3271f77a12872116d3b86e6abbd4ed30e73045569d838e1bfa0ba5854183ed5
d333ebda191a6d6ecaf864435d51ca6b4f091ce9ae5df6ee2f13b39aa0b3e91a
d411f1b7cd7de0bdb726df95b027936e358f602afff720f1d441b1822255a7f5
d6c5638126aaa7c26ba08402d6ed6ca8c1b9beb2a9ccaab04d81d6905aaa4ac1
d7914969f8111a8e1f5c6abec59f7906d75b9b21f857f6fbdf8a3a8862859110
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
dd34505fc5cf9a672ad93284680dce46944900b10049b893cfb01092d1e5d912
dd7e4c7b99ea5a03e469a48da8a64979180e680ce34c78a7ba452da4a655649f
e017782c9b080b49f41d9ad774661818f60b9a0a02d3082e28ad014b5a4c5cff
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e14ff3e75a1030bfcc4f49ce62a2036c3f239b81339024d1745b581ca4e76b35
e3440454023889622abba1c691bfd259047afc59bce928767fbd2e795e07153e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9008fe282850688d5c8544707e9d97ff6d737ee6791afc1d60448750a451b0a
ea0aa0abedfaf5dc7abf2277d6045920f477d5c7bce22849466b7320a7ef16e8
ea488b4ce9e192ce45a4da3bccae3141a3b7ded30dccc39c09923c3b0dbf6105
ebdedeeeba316cc350ac98e02c8ce02efd8709b4003abcc6000711cb99c92067
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f02d549c3e04546ab27e01a989a0d0d1cbe9614444bd656938402782b22033b7
f29d6a15dad119f952895a5e28b31ac92fb281d0da77d4beb056cbe74f3a5ece
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5
f2fae71640d53999b3d266ad8e64e91a111e5742984139ba46b079a29d3407ad
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fbbf65e748258dc58d268cc5c545d27da1ad736dea03c7c289f1afe9a6142827

www.scamfoo.com Open in urlscan Pro 163.172.255.115 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

371 Requests

97 %HTTPS

59 %IPv6

27 Domains

60 Subdomains

44 IPs

7 Countries

6975 kBTransfer

16724 kBSize

15 Cookies

19 Outgoing links

Redirected requests

371 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.scamfoo.com Open in urlscan Pro
163.172.255.115 Public Scan

Screenshot
Live screenshot

Full Image

371
Requests

97 %
HTTPS

59 %
IPv6

27
Domains

60
Subdomains

44
IPs

7
Countries

6975 kB
Transfer

16724 kB
Size

15
Cookies

371 HTTP transactions
8 data transactions