treat-primary-immunodeficiency.today Open in urlscan Pro
2606:4700:3033::ac43:aa6f Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://treat-primary-immunodeficiency.today/?shiny
Effective URL:
https://treat-primary-immunodeficiency.today/?shiny
Submission Tags: shiny c290acadafe6362a fc6b18fd85158e2b bfst honeypoter@gmail.com Search All
Submission: On January 06 via api (January 6th 2024, 11:19:00 pm UTC) from JP — Scanned from JP

Summary HTTP 28 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 2 countries across 10 domains to perform 28 HTTP transactions. The main IP is 2606:4700:3033::ac43:aa6f, located in United States and belongs to CLOUDFLARENET, US. The main domain is treat-primary-immunodeficiency.today.
TLS certificate: Issued by GTS CA 1P5 on December 28th 2023. Valid for: 3 months.

This is the only time treat-primary-immunodeficiency.today was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3033::6815:1c56	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700:303... 2606:4700:3033::ac43:aa6f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2404:6800:400... 2404:6800:4004:820::2004	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:827::2002	15169 (GOOGLE) (GOOGLE)
4	2404:6800:400... 2404:6800:4004:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:821::2001	15169 (GOOGLE) (GOOGLE)
6	151.101.129.44 151.101.129.44	() ()
2	2a03:2880:f00... 2a03:2880:f00f:104:face:b00c:0:3	() ()
1	2a04:4e42:200... 2a04:4e42:200::300	() ()
1 1	18.172.52.88 18.172.52.88	() ()
2	54.84.89.69 54.84.89.69	() ()
1 1	13.249.160.101 13.249.160.101	() ()
1	141.226.224.32 141.226.224.32	() ()
2	141.226.231.48 141.226.231.48	() ()
1	2a03:2880:f10... 2a03:2880:f10f:83:face:b00c:0:25de	() ()
28	12

1 2606:4700:3033::6815:1c56 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

treat-primary-immunodeficiency.today	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3033::ac43:aa6f (United States)

ASN13335 (CLOUDFLARENET, US)

treat-primary-immunodeficiency.today	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:820::2004 (Australia)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:827::2002 (Australia)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:80f::200e (Australia)

ASN15169 (GOOGLE, US)

www.adsensecustomsearchads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:821::2001 (Australia)

ASN15169 (GOOGLE, US)

afs.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.129.44 (None, )

ASN- ()

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f00f:104:face:b00c:0:3 (None, )

ASN- ()

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::300 (None, )

ASN- ()

pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.172.52.88 (None, ) 1 redirects

ASN- ()

api.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.84.89.69 (None, )

ASN- ()

ucgfk6g6s7.execute-api.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.249.160.101 (None, ) 1 redirects

ASN- ()

sync.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (None, )

ASN- ()

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.231.48 (None, )

ASN- ()

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f10f:83:face:b00c:0:25de (None, )

ASN- ()

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	taboola.com cdn.taboola.com trc.taboola.com pips.taboola.com cds.taboola.com trc-events.taboola.com	47 KB
7	treat-primary-immunodeficiency.today 1 redirects treat-primary-immunodeficiency.today	40 KB
4	adsensecustomsearchads.com www.adsensecustomsearchads.com — Cisco Umbrella Rank: 3803	57 KB
2	amazonaws.com ucgfk6g6s7.execute-api.us-east-1.amazonaws.com	2 KB
2	intentiq.com 2 redirects api.intentiq.com sync.intentiq.com	2 KB
2	facebook.net connect.facebook.net	105 KB
1	facebook.com www.facebook.com	185 B
1	googleusercontent.com afs.googleusercontent.com — Cisco Umbrella Rank: 9809	700 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 5917	611 B
1	google.com www.google.com — Cisco Umbrella Rank: 6	54 KB
28	10

	Domain	Requested by
7	treat-primary-immunodeficiency.today	1 redirects treat-primary-immunodeficiency.today
5	cdn.taboola.com	treat-primary-immunodeficiency.today cdn.taboola.com
4	www.adsensecustomsearchads.com	www.google.com www.adsensecustomsearchads.com treat-primary-immunodeficiency.today
2	trc-events.taboola.com	cdn.taboola.com
2	ucgfk6g6s7.execute-api.us-east-1.amazonaws.com
2	connect.facebook.net	treat-primary-immunodeficiency.today connect.facebook.net
1	www.facebook.com
1	cds.taboola.com	cdn.taboola.com
1	sync.intentiq.com	1 redirects
1	api.intentiq.com	1 redirects
1	pips.taboola.com	cdn.taboola.com
1	trc.taboola.com	cdn.taboola.com
1	afs.googleusercontent.com	treat-primary-immunodeficiency.today
1	partner.googleadservices.com	www.google.com
1	www.google.com	treat-primary-immunodeficiency.today
28	15

This site contains no links.

Subject Issuer	Validity	Valid
treat-primary-immunodeficiency.today GTS CA 1P5	`2023-12-28` - `2024-03-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-16` - `2024-01-14`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://treat-primary-immunodeficiency.today/?shiny
Frame ID: 3FE15443BFD641843B2E375F61CE6163
Requests: 25 HTTP requests in this frame

Frame: https://www.adsensecustomsearchads.com/afs/ads?adsafe=medium&psid=1459540868&pcsa=false&channel=seg16&client=dp-domainactive_31_3ph_xml&r=m&hl=en&rpbu=https%3A%2F%2Ftreat-primary-immunodeficiency.today%2F%3Fcaf_results%3D1%26uuid%3D426406a9-bc7e-42bd-9119-fec5f5e4c506%26t1%3D%26t2%3D%26t3%3D%26u%3D%26u2%3D%26sqs%3D%26tpct%3D%26rfpi%3D%26at2%3D31%26at3%3Dseg16%26acid%3D%26avid%3D%26asrc%3D%26atxt%3D%26exp%3D1%26grp%3D%26nterm%3D0%26pcid%3D%26src%3D%26ct%3D113&type=3&uiopt=false&swp=as-drid-2390228348497018&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301383&format=r1&nocache=7571704583126618&num=0&output=afd_ads&domain_name=treat-primary-immunodeficiency.today&v=3&bsl=8&pac=0&u_his=2&u_tz=540&dt=1704583126618&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=1200&frm=0&cl=588056317&uio=-&cont=kwBlock1&drt=0&jsid=caf&jsv=588056317&rurl=https%3A%2F%2Ftreat-primary-immunodeficiency.today%2F%3Fshiny
Frame ID: 776BDB728AEC9B17C5D337A4BB9C5A99
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://treat-primary-immunodeficiency.today/?shiny HTTP 301
https://treat-primary-immunodeficiency.today/?shiny Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

28
Requests

93 %
HTTPS

60 %
IPv6

10
Domains

15
Subdomains

12
IPs

2
Countries

304 kB
Transfer

918 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://treat-primary-immunodeficiency.today/?shiny HTTP 301
https://treat-primary-immunodeficiency.today/?shiny Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21

https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=359446293&pt=17&dpn=1&jsver=5.4&iiqidtype=2&iiqpcid=cc578d9a-c6dd-4b2a-9909-03d8fee71a8f&iiqpciddate=1704583131522&jaesc=0&jafc=0&jaensc=0&iiqlocalstorageenabled=true&tsrnd=318_1704583131523&cttl=43200000&rrtt=0&dud=0&abtg=A&vrref=treat-primary-immunodeficiency.today&japbjs=false&japs=false HTTP 302
https://ucgfk6g6s7.execute-api.us-east-1.amazonaws.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=359446293&pt=17&dpn=1&jsver=5.4&iiqidtype=2&iiqpcid=cc578d9a-c6dd-4b2a-9909-03d8fee71a8f&iiqpciddate=1704583131522&jaesc=0&jafc=0&jaensc=0&iiqlocalstorageenabled=true&tsrnd=318_1704583131523&cttl=43200000&rrtt=0&dud=0&abtg=A&vrref=treat-primary-immunodeficiency.today&japbjs=false&japs=false&arid=true&ckls=true&ci=eG4HQbXqVs&nc=false&gtw=true&gwpe=true

Request Chain 22

https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=359446293&rnd=225925&iiqidtype=2&iiqpcid=cc578d9a-c6dd-4b2a-9909-03d8fee71a8f&iiqpciddate=1704583131522&tsrnd=779_1704583131525&vrref=treat-primary-immunodeficiency.today&jsver=5.4&abtp=100&abtg=A HTTP 302
https://ucgfk6g6s7.execute-api.us-east-1.amazonaws.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=359446293&rnd=225925&iiqidtype=2&iiqpcid=cc578d9a-c6dd-4b2a-9909-03d8fee71a8f&iiqpciddate=1704583131522&tsrnd=779_1704583131525&vrref=treat-primary-immunodeficiency.today&jsver=5.4&abtp=100&abtg=A&gtw=true&gwpe=true&arid=true&ckls=true&ci=RTxeLwSrSl&nc=false

28 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
treat-primary-immunodeficiency.today/
Redirect Chain

http://treat-primary-immunodeficiency.today/?shiny
https://treat-primary-immunodeficiency.today/?shiny

14 KB
5 KB

224ms
207ms

Document
text/html

2606:4700:3033::ac43:aa6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://treat-primary-immunodeficiency.today/?shiny
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:aa6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b836fd38aedd6f8841b0a3ca266cf9945405e44da48aa6eaea175d84e55cd44

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8417ae97a898f6fe-NRT
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 06 Jan 2024 23:18:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z9hnf401rcD7FTCDlY4G7QAXpHm%2FJIh%2FAGmNccIt6GoFFXDBu8qHvt%2BboH2F1qfT3Q%2Fy8XELWVOsg0K%2FmeuVRC9HoX7wK80RiGhGWmI5f6DVdWlho3vQztu%2FzN32t5AKdw9SQ0b%2BR440WV8D2RzrDXZyjfuPBvyKkyIMWggvB45js2g%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAOkfkOV3lsGKqQ9j5bagzq3wjNQNxWwn/esVXnQFKykdGNnnz7w5UeA2I4OuWHWvh0oBKk747TbfSyNssqOrybkCAwEAAQ==_Uul8R269YIGD/LfLuNz7us6DU2QZLqDakR8Pk7WxeNEUiDTVSOzzM7jvTVBxKr5jx08Nh29P7gdQTFtVe43NUQ==

Redirect headers

CF-RAY: 8417ae977c37f655-NRT
Cache-Control: max-age=3600
Connection: keep-alive
Date: Sat, 06 Jan 2024 23:18:45 GMT
Expires: Sun, 07 Jan 2024 00:18:45 GMT
Location: https://treat-primary-immunodeficiency.today/?shiny
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kbxc9W9Al07g6Q6fpTDiLcONxP8sBf1efYOUeZXKuGMj0PMmuZ4AtTEGuJv9CEtFbHr8JFuIMLjbAcueCXlHWIo%2F%2FHel1fP55FuTLj%2FStADjsJwrz1A3Plm4DmvC4Nd%2BoOAJ9NiLkiHxvH8zyOYM9n9caaAvLAvxVdjA8i7U%2F0W0Cdw%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 caf.js Show response
www.google.com/adsense/domains/ 146 KB
54 KB 88ms
44ms Script
text/javascript 2404:6800:4004:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/adsense/domains/caf.js

Requested by

Host: treat-primary-immunodeficiency.today
URL: https://treat-primary-immunodeficiency.today/?shiny

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dba14e89fd4e3f93c81704e1dba22cb195387a59c91392a36e47a4dbbe75d798

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://treat-primary-immunodeficiency.today/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 06 Jan 2024 23:18:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "4119344319494620179"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
expires: Sat, 06 Jan 2024 23:18:46 GMT

GET
H2 200 jquery-3.4.1.min.js Show response
treat-primary-immunodeficiency.today/include/ 86 KB
31 KB 649ms
646ms Script
application/javascript 2606:4700:3033::ac43:aa6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://treat-primary-immunodeficiency.today/include/jquery-3.4.1.min.js
Requested by: Host: treat-primary-immunodeficiency.today
URL: https://treat-primary-immunodeficiency.today/?shiny
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:aa6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://treat-primary-immunodeficiency.today/?shiny
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 06 Jan 2024 23:18:46 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 20 Dec 2023 22:41:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"15850-60cf8b072cc00-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SS5zd4jTaIrXUfIhqJ2snJJ45T%2FvukE6sTt0AYSHlrZpUpCCCBTC6l4x48i%2B73RkhTSMXfqkC0G6eNQj6udZPM2LBkCXoO%2FJ81yU6PlUTmbiAYjYNIPzftAOX7d2QCtcEoHhNmnHKzpK0%2BB1qal%2BkLoFWVyXQ0HhqnyY7H%2FUUzAA8rA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8417ae9919bff6fe-NRT
alt-svc: h3=":443"; ma=86400

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 426 B
611 B 83ms
41ms Script
text/javascript 2404:6800:4004:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=treat-primary-immunodeficiency.today&client=partner-dp-domainactive_31_3ph_xml&product=SAS&callback=__sasCookie

Requested by

Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09457711aa0092ddd4f659bf81e98fea80525fb62727b95b06a05b63c0480611

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://treat-primary-immunodeficiency.today/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 06 Jan 2024 23:18:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0

GET
H2 200 ads Show response
www.adsensecustomsearchads.com/afs/ Frame 776B 13 KB
3 KB 143ms
105ms Document
text/html 2404:6800:4004:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.adsensecustomsearchads.com/afs/ads?adsafe=medium&psid=1459540868&pcsa=false&channel=seg16&client=dp-domainactive_31_3ph_xml&r=m&hl=en&rpbu=https%3A%2F%2Ftreat-primary-immunodeficiency.today%2F%3Fcaf_results%3D1%26uuid%3D426406a9-bc7e-42bd-9119-fec5f5e4c506%26t1%3D%26t2%3D%26t3%3D%26u%3D%26u2%3D%26sqs%3D%26tpct%3D%26rfpi%3D%26at2%3D31%26at3%3Dseg16%26acid%3D%26avid%3D%26asrc%3D%26atxt%3D%26exp%3D1%26grp%3D%26nterm%3D0%26pcid%3D%26src%3D%26ct%3D113&type=3&uiopt=false&swp=as-drid-2390228348497018&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301383&format=r1&nocache=7571704583126618&num=0&output=afd_ads&domain_name=treat-primary-immunodeficiency.today&v=3&bsl=8&pac=0&u_his=2&u_tz=540&dt=1704583126618&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=1200&frm=0&cl=588056317&uio=-&cont=kwBlock1&drt=0&jsid=caf&jsv=588056317&rurl=https%3A%2F%2Ftreat-primary-immunodeficiency.today%2F%3Fshiny

Requested by

Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80f::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

7d873a4f5eb6eebf40e7563ca805122fccb7fe9c4d8c209aa0385b3d539d9f91

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-XwoaLzJRJgsnaEV4Q-tQNA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Xss-Protection	0

Request headers

Referer: https://treat-primary-immunodeficiency.today/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-disposition: inline
content-encoding: gzip
content-length: 2899
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-XwoaLzJRJgsnaEV4Q-tQNA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-type: text/html; charset=UTF-8
date: Sat, 06 Jan 2024 23:18:46 GMT
expires: Sat, 06 Jan 2024 23:18:46 GMT
server: gws
x-xss-protection: 0

GET
H2 200 caf.js Show response
www.adsensecustomsearchads.com/adsense/domains/ Frame 776B 146 KB
54 KB 48ms
45ms Script
text/javascript 2404:6800:4004:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.adsensecustomsearchads.com/adsense/domains/caf.js

Requested by

Host: www.adsensecustomsearchads.com
URL: https://www.adsensecustomsearchads.com/afs/ads?adsafe=medium&psid=1459540868&pcsa=false&channel=seg16&client=dp-domainactive_31_3ph_xml&r=m&hl=en&rpbu=https%3A%2F%2Ftreat-primary-immunodeficiency.today%2F%3Fcaf_results%3D1%26uuid%3D426406a9-bc7e-42bd-9119-fec5f5e4c506%26t1%3D%26t2%3D%26t3%3D%26u%3D%26u2%3D%26sqs%3D%26tpct%3D%26rfpi%3D%26at2%3D31%26at3%3Dseg16%26acid%3D%26avid%3D%26asrc%3D%26atxt%3D%26exp%3D1%26grp%3D%26nterm%3D0%26pcid%3D%26src%3D%26ct%3D113&type=3&uiopt=false&swp=as-drid-2390228348497018&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301383&format=r1&nocache=7571704583126618&num=0&output=afd_ads&domain_name=treat-primary-immunodeficiency.today&v=3&bsl=8&pac=0&u_his=2&u_tz=540&dt=1704583126618&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=1200&frm=0&cl=588056317&uio=-&cont=kwBlock1&drt=0&jsid=caf&jsv=588056317&rurl=https%3A%2F%2Ftreat-primary-immunodeficiency.today%2F%3Fshiny

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80f::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1ac1d06d35bfdf8b8db5d44948f808101fbb2a428e4308710987615c94fe775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.adsensecustomsearchads.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 06 Jan 2024 23:18:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "11568107927487638084"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
expires: Sat, 06 Jan 2024 23:18:46 GMT

GET
H3 200 px.gif
treat-primary-immunodeficiency.today/abp/ 43 B
526 B 2862ms
2861ms Image
image/gif 2606:4700:3033::ac43:aa6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://treat-primary-immunodeficiency.today/abp/px.gif?ch=1&rn=4.170432747839554
Requested by: Host: treat-primary-immunodeficiency.today
URL: https://treat-primary-immunodeficiency.today/?shiny
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:aa6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://treat-primary-immunodeficiency.today/?shiny
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 06 Jan 2024 23:18:49 GMT
cf-cache-status: MISS
last-modified: Wed, 20 Dec 2023 22:41:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2b-60cf8b072cc00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fZ43xuax1ImdgMPF0Ko2kwAzmF2qcpi3tfp9cEK%2F2vQnpIGdUyDRwWUSlzmYSqwkBQ9f1L7ctc1fU7tDwg9mnZoZ4N21NLkNpkEqzD3ldFPbRogIzDDJOnQsIp3Y79NSXm%2FIdJvIQliKf3zGkjT%2Bhz6ngOMh%2BLucpr4ioNjZ6syIeQo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8417ae9f2f9d25fb-NRT
alt-svc: h3=":443"; ma=86400
content-length: 43

GET
H3 200 px.gif
treat-primary-immunodeficiency.today/abp/ 43 B
566 B 350ms
350ms Image
image/gif 2606:4700:3033::ac43:aa6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://treat-primary-immunodeficiency.today/abp/px.gif?ch=2&rn=4.170432747839554
Requested by: Host: treat-primary-immunodeficiency.today
URL: https://treat-primary-immunodeficiency.today/?shiny
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:aa6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://treat-primary-immunodeficiency.today/?shiny
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 06 Jan 2024 23:18:47 GMT
cf-cache-status: MISS
last-modified: Wed, 20 Dec 2023 22:41:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2b-60cf8b072cc00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SzQ6dvAlVAgHopHkGY0W%2BJXFng%2F0l6qEWHGQyMeF3nbc2wJzuLjPSJ0GwjxowED7rs7ChDd%2FLYMflelDOBC04qrvcC7n5IonKcuPG5bZqUB5y7X%2BpmPOX0wXy3MMA0zBa0vrPf25wZ2Lw7Ms50PdQnWVy%2B067ZCSarSJFVcqLQF2Hv4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8417ae9f2f9e25fb-NRT
alt-svc: h3=":443"; ma=86400
content-length: 43

GET
H2 200 chevron.svg
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/ Frame 776B 200 B
700 B 46ms
3ms Image
image/svg+xml 2404:6800:4004:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg

Requested by

Host: treat-primary-immunodeficiency.today
URL: https://treat-primary-immunodeficiency.today/?shiny

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0f2728b3c46b9817c807714ed006928bf5dc446c3f848d8d7d9c7d9fe81fd1f

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.adsensecustomsearchads.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 06 Jan 2024 21:23:01 GMT
age: 6945
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 175
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 22:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
vary: Accept-Encoding
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-type: image/svg+xml
cache-control: public, max-age=82800
accept-ranges: bytes
expires: Sun, 07 Jan 2024 20:23:01 GMT

GET
H3 204 gen_204
www.adsensecustomsearchads.com/afs/ 0
14 B 59ms
58ms Image
text/html 2404:6800:4004:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.adsensecustomsearchads.com/afs/gen_204?client=dp-domainactive_31_3ph_xml&output=uds_ads_only&zx=s2pap518fnk&aqid=1t-ZZbuSK9ms29gPtq2P8Ag&psid=1459540868&pbt=bs&adbx=0&adby=4&adbh=262&adbw=1600&adbah=80%2C80%2C80&adbn=master-1&eawp=partner-dp-domainactive_31_3ph_xml&errv=588056317&csala=3%7C0%7C180%7C80%7C24&lle=0&ifv=1&hpt=0

Requested by

Host: treat-primary-immunodeficiency.today
URL: https://treat-primary-immunodeficiency.today/?shiny

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-fHvdXv0U4bHyACz3omb-LQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://treat-primary-immunodeficiency.today/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-fHvdXv0U4bHyACz3omb-LQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
date: Sat, 06 Jan 2024 23:18:48 GMT
server: gws
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
www.adsensecustomsearchads.com/afs/ 0
14 B 55ms
54ms Image
text/html 2404:6800:4004:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.adsensecustomsearchads.com/afs/gen_204?client=dp-domainactive_31_3ph_xml&output=uds_ads_only&zx=64rcuz1xi5jq&aqid=1t-ZZbuSK9ms29gPtq2P8Ag&psid=1459540868&pbt=bv&adbx=0&adby=4&adbh=262&adbw=1600&adbah=80%2C80%2C80&adbn=master-1&eawp=partner-dp-domainactive_31_3ph_xml&errv=588056317&csala=3%7C0%7C180%7C80%7C24&lle=0&ifv=1&hpt=0

Requested by

Host: treat-primary-immunodeficiency.today
URL: https://treat-primary-immunodeficiency.today/?shiny

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-Kio0gFXOjN4-3kfOMb-5XA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://treat-primary-immunodeficiency.today/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-Kio0gFXOjN4-3kfOMb-5XA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
date: Sat, 06 Jan 2024 23:18:48 GMT
server: gws
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H3 200 abpc.php Show response
treat-primary-immunodeficiency.today/ 0
439 B 177ms
176ms XHR
text/html 2606:4700:3033::ac43:aa6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://treat-primary-immunodeficiency.today/abpc.php
Requested by: Host: treat-primary-immunodeficiency.today
URL: https://treat-primary-immunodeficiency.today/?shiny
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:aa6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://treat-primary-immunodeficiency.today/?shiny
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type: application/json

Response headers

date: Sat, 06 Jan 2024 23:18:50 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tf2mua3p22BjQf0FVxe%2Fvam4%2B3qawUl%2F2DfeYo0tOTxIxogJv00Tt%2FS3Un6lbZ3mhiRvDAQmUH3oz4W2CtdLOH%2FkXsb%2BxDEbIX64gyjFiSOsTzlnIakzLjkt%2B1LO8o5ONkLFP8yhOCGkAdjy1RJTig7vAh2ew4z9DCpmJ0DW6A3Be9E%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 8417aeb50ec325fb-NRT
alt-svc: h3=":443"; ma=86400

GET
H3 200 da.php Show response
treat-primary-immunodeficiency.today/ 835 B
1 KB 393ms
392ms Script
text/javascript 2606:4700:3033::ac43:aa6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://treat-primary-immunodeficiency.today/da.php?act=2&gal=true&giev=0&gtp=%7B%22cafRequestAccepted%22%3Atrue%2C%22cafStatus%22%3A%7B%22client%22%3A%22partner-dp-domainactive_31_3ph_xml%22%2C%22adult%22%3Afalse%7D%7D&uuid=426406a9-bc7e-42bd-9119-fec5f5e4c506&t1=&t2=&t3=&u=&u2=&sqs=&tpct=&rfpi=&at2=31&at3=seg16&acid=&avid=&asrc=&atxt=&exp=1&grp=&nterm=0&pcid=&src=&ct=113&impact=
Requested by: Host: treat-primary-immunodeficiency.today
URL: https://treat-primary-immunodeficiency.today/?shiny
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:aa6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ed279cff3bf4b19816a8cf367de6fb76cc5590f36a892b8dc4279e4907e69a1

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://treat-primary-immunodeficiency.today/?shiny
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 06 Jan 2024 23:18:50 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml",CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
alt-svc: h3=":443"; ma=86400
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST, GET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RCV2pDr0nKVWYT7BvKgYvBnNcWeIovPwEy4X6xPF%2B8vcOqysSqamliAZuU%2BVFUc2Jr335cNFVtW71Ltb2ohOd0hUVyK8%2BnU%2BphDg9yofY%2Fl56j4G7xOL1SRiKKUa34Xl81lWc2kWRkQFeHQu1%2FmxwPVlHSHFfCNQEhZURl52hcB8ow4%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
content-type: text/javascript;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 8417aeb50ec425fb-NRT
expires: 0

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1240519/ 64 KB
20 KB 542ms
521ms Script
application/javascript 151.101.129.44

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1240519/tfa.js
Requested by: Host: treat-primary-immunodeficiency.today
URL: https://treat-primary-immunodeficiency.today/da.php?act=2&gal=true&giev=0&gtp=%7B%22cafRequestAccepted%22%3Atrue%2C%22cafStatus%22%3A%7B%22client%22%3A%22partner-dp-domainactive_31_3ph_xml%22%2C%22adult%22%3Afalse%7D%7D&uuid=426406a9-bc7e-42bd-9119-fec5f5e4c506&t1=&t2=&t3=&u=&u2=&sqs=&tpct=&rfpi=&at2=31&at3=seg16&acid=&avid=&asrc=&atxt=&exp=1&grp=&nterm=0&pcid=&src=&ct=113&impact=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6c72cff336d52c9619f6629e703552cdee63f36eaf60fab3321612517026f151

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://treat-primary-immunodeficiency.today/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id: 2wYxrYx45hlerr3O0esbsgcMce98W6Oc
content-encoding: gzip
via: 1.1 varnish
date: Sat, 06 Jan 2024 23:18:51 GMT
x-amz-request-id: V10V02W7KJ2P9S02
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS
x-amz-replication-status: COMPLETED
content-length: 19958
x-amz-id-2: RdCo3HEAp9nBk0I4Mw9I1cwWEKfgd3LbxxkoAcN38HEs49Pate9KZH4paWUKqk/00a1nTSDTXIY=
x-served-by: cache-nrt-rjtf7700021-NRT
last-modified: Sun, 31 Dec 2023 11:21:35 GMT
server: AmazonS3
x-timer: S1704583131.828639,VS0,VE519
etag: "5da792ae6394722feff5987cb3f22aa8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 60
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 25ms
5ms Script
application/x-javascript 2a03:2880:f00f:104:face:b00c:0:3

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: treat-primary-immunodeficiency.today
URL: https://treat-primary-immunodeficiency.today/da.php?act=2&gal=true&giev=0&gtp=%7B%22cafRequestAccepted%22%3Atrue%2C%22cafStatus%22%3A%7B%22client%22%3A%22partner-dp-domainactive_31_3ph_xml%22%2C%22adult%22%3Afalse%7D%7D&uuid=426406a9-bc7e-42bd-9119-fec5f5e4c506&t1=&t2=&t3=&u=&u2=&sqs=&tpct=&rfpi=&at2=31&at3=seg16&acid=&avid=&asrc=&atxt=&exp=1&grp=&nterm=0&pcid=&src=&ct=113&impact=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:104:face:b00c:0:3 -, , ASN (),

Reverse DNS

Software

Resource Hash

2aa7779577c8f4ff268d5bbd5b13b7d577930c1824b43b4b5442d4c92a695154

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://treat-primary-immunodeficiency.today/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 06 Jan 2024 23:18:50 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54372
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: rpnAEQ0oXjxLJg5JfWjugV1LEOKK5mqpis8qgAXdeCE+hoUHxwZhnBYVUPbtklAhUjSOzB2NcmHymYbvUmo1zA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 690963681990330 Show response
connect.facebook.net/signals/config/ 164 KB
51 KB 4466ms
4465ms Script
application/x-javascript 2a03:2880:f00f:104:face:b00c:0:3

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/690963681990330?v=2.9.139&r=stable&domain=treat-primary-immunodeficiency.today

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:104:face:b00c:0:3 -, , ASN (),

Reverse DNS

Software

Resource Hash

a9e575236147e55a292aa18c4da7a0d601b384e0ea4f58be0597d5721b634c6b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://treat-primary-immunodeficiency.today/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 06 Jan 2024 23:18:55 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: VgmhGhN7MbAIVZZ2liPTo7g6vVlbAPv/sP+gf3k8z07ldmy7zT2lHKqgHxBVg0vzvW83U+vomxKjiR3Th7iaCQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 json Show response
trc.taboola.com/1240519/trc/3/ 3 KB
2 KB 93ms
86ms Script
application/javascript 151.101.129.44

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1240519/trc/3/json?tim=1704583131383&data=%7B%22id%22%3A732%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1704583131362%2C%22cv%22%3A%2220231231-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Ftreat-primary-immunodeficiency.today%2F%3Fshiny%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Fshiny%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dspigot-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1704583131379%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Ftreat-primary-immunodeficiency.today%2F%3Fshiny%22%2C%22tos%22%3A5%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1240519/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: c49a0844edf868c070507ea0e634462dbbf487933540223550e2e8f751ce3848

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://treat-primary-immunodeficiency.today/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-vcl-time-ms: 83
date: Sat, 06 Jan 2024 23:18:51 GMT
content-encoding: gzip
via: 1.1 varnish
cpu: 0.1555
x-fastly-to-nlb-rtt: 71840
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-nrt-rjtf7700021-NRT
x-log-content-encoding: gzip
server: nginx
x-timer: S1704583131.398348,VS0,VE83
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 3 KB
2 KB 5ms
2ms Script
application/javascript 151.101.129.44

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1240519/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://treat-primary-immunodeficiency.today/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id: uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
content-encoding: gzip
via: 1.1 varnish
date: Sat, 06 Jan 2024 23:18:51 GMT
x-amz-request-id: HR47RPX0QYK52TAR
age: 3351
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1347
x-amz-id-2: euMV7eHbqLBlxS2/4PPumiK9v6bzjDF59kIFrAOyOeF3InK61sFjZi2GKf+K/XCTBWujHXq6gu0=
x-served-by: cache-nrt-rjtf7700021-NRT
last-modified: Sun, 29 Oct 2023 14:06:32 GMT
server: AmazonS3
x-timer: S1704583131.492986,VS0,VE0
etag: "c52aa1ea682aef8ad5ebf7aff9662e35"
vary: Accept-Encoding
content-type: application/javascript
abp: 8
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 25451

GET
H2 200 eid.es5.js Show response
cdn.taboola.com/scripts/ 17 KB
7 KB 6ms
4ms Script
application/javascript 151.101.129.44

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/eid.es5.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1240519/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://treat-primary-immunodeficiency.today/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id: Bqo64Ai0BniIkPPSnUb8_cZLJGu.sClo
content-encoding: gzip
via: 1.1 varnish
date: Sat, 06 Jan 2024 23:18:51 GMT
x-amz-request-id: T7B4VGYXJKMMSAHB
age: 21258
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 6467
x-amz-id-2: RSVIPFyJ9H7S6Z5A5hB8c++m9bqF27zUzZhNynGlJL4vqJ/U+644QL/BsOjQQZqKm0V3r3L5fFc=
x-served-by: cache-nrt-rjtf7700021-NRT
last-modified: Sun, 02 Apr 2023 13:09:57 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1704583131.493152,VS0,VE0
etag: "2fdf3e79d5e851201a0d52a886453d8b"
vary: Accept-Encoding
content-type: application/javascript
abp: 76
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 151187

GET
H2 200 intentiq5_4.js Show response
cdn.taboola.com/scripts/ 3 KB
2 KB 7ms
6ms Script
application/javascript 151.101.129.44

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/intentiq5_4.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1240519/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 153ab94ab3b3484af801674718f94b4fd6594516b89fc3d5e67b010bae645696

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://treat-primary-immunodeficiency.today/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id: 7AOhMY7gGmt8wgztx6iaHRcTKDhQ0hEk
content-encoding: gzip
via: 1.1 varnish
date: Sat, 06 Jan 2024 23:18:51 GMT
x-amz-request-id: YFE02V4X32CHM0W4
age: 19833
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1346
x-amz-id-2: zANQaM6IpfsxnWwYdu8ZAYyhJAxhk6FuFeq5huPlAxk2yiNEw3dgpjP3Pk3YRRFxBcfP/UT9luo=
x-served-by: cache-nrt-rjtf7700021-NRT
last-modified: Wed, 02 Aug 2023 14:26:32 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1704583131.493146,VS0,VE0
etag: "79216a80463d8df91d795f57434f1b27"
vary: Accept-Encoding
content-type: application/javascript
abp: 51
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 62907

GET
H2 200 / Show response
pips.taboola.com/ 64 B
260 B 20ms
2ms XHR
text/plain 2a04:4e42:200::300

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::300 -, , ASN (),
Reverse DNS
Software: Varnish /
Resource Hash: aa8eedc5aa5b88115249e5e561a4a0e8d949639f3a7efc6c5472869b2987e161

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://treat-primary-immunodeficiency.today/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-served-by: cache-nrt-rjtf7700078-NRT
date: Sat, 06 Jan 2024 23:18:51 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://treat-primary-immunodeficiency.today
cache-control: no-store
accept-ranges: bytes
content-length: 64
retry-after: 0
x-cache-hits: 0

GET
H2 200 IIQUniversalID5_4.js Show response
cdn.taboola.com/scripts/ 55 KB
13 KB 5ms
3ms Script
application/javascript 151.101.129.44

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/IIQUniversalID5_4.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/intentiq5_4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: db7b65df8750bb51c57b5ed15f1eb6cbc826d805943ffac2a10f494c7a2b702b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://treat-primary-immunodeficiency.today/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id: oTj19nrEzuqup7UnkBZ_U7ilXf3ZSJv9
content-encoding: gzip
via: 1.1 varnish
date: Sat, 06 Jan 2024 23:18:51 GMT
x-amz-request-id: 1DCZ58622TMCZS4M
age: 11910
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 13130
x-amz-id-2: 9rfxkOsy+fOZGCWINlMZHIMVqVFLoXGZc1H5F8o+UEb8Fk1rVYUAadiJJvzf+yGzYbUp//h3Y5M=
x-served-by: cache-nrt-rjtf7700021-NRT
last-modified: Wed, 19 Apr 2023 12:09:35 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1704583132.506494,VS0,VE0
etag: "a483bdb2fa74476427b16deeaf3613ec"
vary: Accept-Encoding
content-type: application/javascript
abp: 80
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 42315

GET
H2

200

ProfilesEngineServlet Show response
ucgfk6g6s7.execute-api.us-east-1.amazonaws.com/profiles_engine/
Redirect Chain

https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=359446293&pt=17&dpn=1&jsver=5.4&iiqidtype=2&iiqpcid=cc578d9a-c6dd-4b2a-9909-03d8fee71a8f&iiqpciddate=1704583131522&jae...
https://ucgfk6g6s7.execute-api.us-east-1.amazonaws.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=359446293&pt=17&dpn=1&jsver=5.4&iiqidtype=2&iiqpcid=cc578d9a-c6dd-4b2a-9909-03d8fee71a8f...

91 B
917 B

437ms
176ms

XHR
text/html

54.84.89.69

General

Check archive.org

Show headers Download Go to

Full URL: https://ucgfk6g6s7.execute-api.us-east-1.amazonaws.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=359446293&pt=17&dpn=1&jsver=5.4&iiqidtype=2&iiqpcid=cc578d9a-c6dd-4b2a-9909-03d8fee71a8f&iiqpciddate=1704583131522&jaesc=0&jafc=0&jaensc=0&iiqlocalstorageenabled=true&tsrnd=318_1704583131523&cttl=43200000&rrtt=0&dud=0&abtg=A&vrref=treat-primary-immunodeficiency.today&japbjs=false&japs=false&arid=true&ckls=true&ci=eG4HQbXqVs&nc=false&gtw=true&gwpe=true
Protocol: H2
Server: 54.84.89.69 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 91c79e557df0371673697866e8fe7690cd725d6b379f9826d7002dbe574344eb

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://treat-primary-immunodeficiency.today/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 06 Jan 2024 23:18:52 GMT
via: 1.1 7eeed291abf48890d3f36565208941a8.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P1
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
patent: https://www.almondnet.com/ip
alt-svc: h3=":443"; ma=86400
content-length: 91
apigw-requestid: RI_qdj73oAMESIA=
pragma: no-cache
vary: Origin
access-control-allow-methods: POST, GET
content-type: text/html
access-control-allow-origin: null
access-control-max-age: 3600
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Accept, X-Requested-With, remember-me
x-amz-cf-id: jwD0nfdoow0UQz15CI8PwTpfrbCHoXiLSlCZeB7k-6V-RKqMiVK8VQ==
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Sat, 06 Jan 2024 23:18:51 GMT
via: 1.1 97e057a257781f873c1f154a8fdc521a.cloudfront.net (CloudFront)
x-amz-cf-pop: NRT20-P2
vary: Origin
access-control-allow-methods: POST, GET
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location: https://ucgfk6g6s7.execute-api.us-east-1.amazonaws.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=359446293&pt=17&dpn=1&jsver=5.4&iiqidtype=2&iiqpcid=cc578d9a-c6dd-4b2a-9909-03d8fee71a8f&iiqpciddate=1704583131522&jaesc=0&jafc=0&jaensc=0&iiqlocalstorageenabled=true&tsrnd=318_1704583131523&cttl=43200000&rrtt=0&dud=0&abtg=A&vrref=treat-primary-immunodeficiency.today&japbjs=false&japs=false&arid=true&ckls=true&ci=eG4HQbXqVs&nc=false&gtw=true&gwpe=true
access-control-allow-origin: https://treat-primary-immunodeficiency.today
access-control-max-age: 3600
access-control-allow-credentials: true
x-cache: Miss from cloudfront
access-control-allow-headers: Content-Type, Accept, X-Requested-With, remember-me
content-length: 0
x-amz-cf-id: -Mr_VRlY44ZCvNkhzaWWcyQn2n07baJcdgqcxQOCTENYOzw9QymDRw==
alt-svc: h3=":443"; ma=86400

GET
H2

200

ProfilesEngineServlet
ucgfk6g6s7.execute-api.us-east-1.amazonaws.com/profiles_engine/
Redirect Chain

https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=359446293&rnd=225925&iiqidtype=2&iiqpcid=cc578d9a-c6dd-4b2a-9909-03d8fee71a8f&iiqpciddate=1704583131522&tsrn...
https://ucgfk6g6s7.execute-api.us-east-1.amazonaws.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=359446293&rnd=225925&iiqidtype=2&iiqpcid=cc578d9a-c6dd-4b2a-9909-03d8fee71a8f&i...

43 B
664 B

586ms
172ms

Image
image/gif

54.84.89.69

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ucgfk6g6s7.execute-api.us-east-1.amazonaws.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=359446293&rnd=225925&iiqidtype=2&iiqpcid=cc578d9a-c6dd-4b2a-9909-03d8fee71a8f&iiqpciddate=1704583131522&tsrnd=779_1704583131525&vrref=treat-primary-immunodeficiency.today&jsver=5.4&abtp=100&abtg=A&gtw=true&gwpe=true&arid=true&ckls=true&ci=RTxeLwSrSl&nc=false
Protocol: H2
Server: 54.84.89.69 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://treat-primary-immunodeficiency.today/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 23:18:52 GMT
via: 1.1 a01680a1fee7e35f1738191420d98822.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P1
x-cache: Miss from cloudfront
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=86400
content-length: 43
x-amz-cf-id: o8ZrLD3u8CVqtAOTSOe_rgM0vJPO2bzX79q3wcw6ARXPzO4-nJ3vXw==
apigw-requestid: RI_qdiYVoAMEapA=
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Sat, 06 Jan 2024 23:18:51 GMT
via: 1.1 2402083883f8d7e887ab58fb56e109ac.cloudfront.net (CloudFront)
x-amz-cf-pop: NRT12-C3
vary: Origin
access-control-allow-methods: POST, GET
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location: https://ucgfk6g6s7.execute-api.us-east-1.amazonaws.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=359446293&rnd=225925&iiqidtype=2&iiqpcid=cc578d9a-c6dd-4b2a-9909-03d8fee71a8f&iiqpciddate=1704583131522&tsrnd=779_1704583131525&vrref=treat-primary-immunodeficiency.today&jsver=5.4&abtp=100&abtg=A&gtw=true&gwpe=true&arid=true&ckls=true&ci=RTxeLwSrSl&nc=false
access-control-allow-origin: https://treat-primary-immunodeficiency.today/
access-control-max-age: 3600
access-control-allow-credentials: true
x-cache: Miss from cloudfront
access-control-allow-headers: Content-Type, Accept, X-Requested-With, remember-me
content-length: 0
x-amz-cf-id: f-WRxjoks0fQrj7iGJLOCalbtG7iBOo7rKjwuOrOO77WFz_rbVu2Qg==
alt-svc: h3=":443"; ma=86400

GET
H2 204 / Show response
cds.taboola.com/ 0
82 B 668ms
193ms XHR
text/plain 141.226.224.32

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=4255c2c9-3309-45b7-966f-976405f5fbf5-tuctc93655b&uad=91b59260fce6978d246c799a6d23d4a0db295e32f70bd0156ccff6d169998dd9&mbl=ZmFsc2U=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://treat-primary-immunodeficiency.today/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-origin: *
date: Sat, 06 Jan 2024 23:18:52 GMT
cache-control: no-store
server: nginx

GET
H2 204 unip Show response
trc-events.taboola.com/1240519/log/3/ 0
539 B 173ms
51ms XHR
text/plain 141.226.231.48

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1240519/log/3/unip?en=pre_d_eng_tb&tos=1556&scd=0&ssd=1&est=1704583131372&ver=36&isls=true&src=i&invt=1500&msa=4&rv=1&tim=1704583132930&vi=1704583131362&ri=ed66ed5d7d18c3161a78d8b299f4b799&sd=v2_6ab4f7d20794f1693a4fa06014cdf3ef_4255c2c9-3309-45b7-966f-976405f5fbf5-tuctc93655b_1704583131_1704583131_CNawjgYQx9tLGOLhyYjOMSABKAEwbziWrQtArrMLSJb61gNQ____________AVgAYABojojBw6S05rQUcAE&ui=4255c2c9-3309-45b7-966f-976405f5fbf5-tuctc93655b&ref=null&cv=20231231-4-RELEASE&item-url=https%3A%2F%2Ftreat-primary-immunodeficiency.today%2F%3Fshiny
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1240519/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.231.48 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://treat-primary-immunodeficiency.today/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-origin: https://treat-primary-immunodeficiency.today
pragma: no-cache
date: Sat, 06 Jan 2024 23:18:53 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 128ms
4ms Image
text/plain 2a03:2880:f10f:83:face:b00c:0:25de

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=690963681990330&ev=Visit&dl=https%3A%2F%2Ftreat-primary-immunodeficiency.today%2F%3Fshiny&rl=&if=false&ts=1704583135414&sw=1600&sh=1200&v=2.9.139&r=stable&ec=0&o=4126&fbp=fb.1.1704583135412.294433676&ler=empty&it=1704583130879&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de -, , ASN (),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://treat-primary-immunodeficiency.today/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 06 Jan 2024 23:18:55 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 204 unip Show response
trc-events.taboola.com/1240519/log/3/ 0
538 B 52ms
51ms XHR
text/plain 141.226.231.48

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1240519/log/3/unip?en=pre_d_eng_tb&tos=4560&scd=0&ssd=1&est=1704583131372&ver=36&isls=true&src=i&invt=3000&msa=4&rv=1&tim=1704583135934&vi=1704583131362&ri=ed66ed5d7d18c3161a78d8b299f4b799&sd=v2_6ab4f7d20794f1693a4fa06014cdf3ef_4255c2c9-3309-45b7-966f-976405f5fbf5-tuctc93655b_1704583131_1704583131_CNawjgYQx9tLGOLhyYjOMSABKAEwbziWrQtArrMLSJb61gNQ____________AVgAYABojojBw6S05rQUcAE&ui=4255c2c9-3309-45b7-966f-976405f5fbf5-tuctc93655b&ref=null&cv=20231231-4-RELEASE&item-url=https%3A%2F%2Ftreat-primary-immunodeficiency.today%2F%3Fshiny
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1240519/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.231.48 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://treat-primary-immunodeficiency.today/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-origin: https://treat-primary-immunodeficiency.today
pragma: no-cache
date: Sat, 06 Jan 2024 23:18:55 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.treat-primary-immunodeficiency.today/	1970-01-21 02:51:19	Name: __gsas Value: ID=d873049d11e09be8:T=1704583126:RT=1704583126:S=ALNI_Maxj23FbbM718Pzfb5-pmdRf93swQ

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://connect.facebook.net/signals/config/690963681990330?v=2.9.139&r=stable&domain=treat-primary-immunodeficiency.today(Line 127) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

afs.googleusercontent.com
api.intentiq.com
cdn.taboola.com
cds.taboola.com
connect.facebook.net
partner.googleadservices.com
pips.taboola.com
sync.intentiq.com
trc-events.taboola.com
trc.taboola.com
treat-primary-immunodeficiency.today
ucgfk6g6s7.execute-api.us-east-1.amazonaws.com
www.adsensecustomsearchads.com
www.facebook.com
www.google.com
13.249.160.101
141.226.224.32
141.226.231.48
151.101.129.44
18.172.52.88
2404:6800:4004:80f::200e
2404:6800:4004:820::2004
2404:6800:4004:821::2001
2404:6800:4004:827::2002
2606:4700:3033::6815:1c56
2606:4700:3033::ac43:aa6f
2a03:2880:f00f:104:face:b00c:0:3
2a03:2880:f10f:83:face:b00c:0:25de
2a04:4e42:200::300
54.84.89.69
09457711aa0092ddd4f659bf81e98fea80525fb62727b95b06a05b63c0480611
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4
153ab94ab3b3484af801674718f94b4fd6594516b89fc3d5e67b010bae645696
1ed279cff3bf4b19816a8cf367de6fb76cc5590f36a892b8dc4279e4907e69a1
2aa7779577c8f4ff268d5bbd5b13b7d577930c1824b43b4b5442d4c92a695154
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
6c72cff336d52c9619f6629e703552cdee63f36eaf60fab3321612517026f151
7b836fd38aedd6f8841b0a3ca266cf9945405e44da48aa6eaea175d84e55cd44
7d873a4f5eb6eebf40e7563ca805122fccb7fe9c4d8c209aa0385b3d539d9f91
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
91c79e557df0371673697866e8fe7690cd725d6b379f9826d7002dbe574344eb
a0f2728b3c46b9817c807714ed006928bf5dc446c3f848d8d7d9c7d9fe81fd1f
a9e575236147e55a292aa18c4da7a0d601b384e0ea4f58be0597d5721b634c6b
aa8eedc5aa5b88115249e5e561a4a0e8d949639f3a7efc6c5472869b2987e161
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa
c1ac1d06d35bfdf8b8db5d44948f808101fbb2a428e4308710987615c94fe775
c49a0844edf868c070507ea0e634462dbbf487933540223550e2e8f751ce3848
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
db7b65df8750bb51c57b5ed15f1eb6cbc826d805943ffac2a10f494c7a2b702b
dba14e89fd4e3f93c81704e1dba22cb195387a59c91392a36e47a4dbbe75d798
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

treat-primary-immunodeficiency.today Open in urlscan Pro 2606:4700:3033::ac43:aa6f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

28 Requests

93 %HTTPS

60 %IPv6

10 Domains

15 Subdomains

12 IPs

2 Countries

304 kBTransfer

918 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

treat-primary-immunodeficiency.today Open in urlscan Pro
2606:4700:3033::ac43:aa6f Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

93 %
HTTPS

60 %
IPv6

10
Domains

15
Subdomains

12
IPs

2
Countries

304 kB
Transfer

918 kB
Size

1
Cookies

28 HTTP transactions
0 data transactions