insurance.funjio.com Open in urlscan Pro
2a00:1450:4001:80f::2013 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://insurance.funjio.com/
Effective URL:
https://insurance.funjio.com/
Submission Tags: demotag1 demotag2 Search All
Submission: On August 08 via api (August 8th 2023, 5:30:27 am UTC) from IN — Scanned from DE

Summary HTTP 112 Redirects Links 28 Behaviour Indicators

Summary

This website contacted 42 IPs in 6 countries across 40 domains to perform 112 HTTP transactions. The main IP is 2a00:1450:4001:80f::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is insurance.funjio.com.
TLS certificate: Issued by GTS CA 1D4 on June 27th 2023. Valid for: 3 months.

This is the only time insurance.funjio.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	2a00:1450:400... 2a00:1450:4001:80f::2013	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2009	15169 (GOOGLE) (GOOGLE)
1	3.19.54.139 3.19.54.139	16509 (AMAZON-02) (AMAZON-02)
1	217.21.94.16 217.21.94.16	47583 (AS-HOSTINGER) (AS-HOSTINGER)
2	205.185.216.10 205.185.216.10	20446 (STACKPATH...) (STACKPATH-CDN)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
3	2600:9000:249... 2600:9000:2490:b600:0:4402:e8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	147.182.222.211 147.182.222.211	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
8	62.122.171.6 62.122.171.6	50245 (SERVEREL-AS) (SERVEREL-AS)
1	87.236.16.176 87.236.16.176	198610 (BEGET-AS) (BEGET-AS)
2 6	185.94.236.253 185.94.236.253	42567 (MOJHOST-EU) (MOJHOST-EU)
1 1	52.116.53.147 52.116.53.147	36351 (SOFTLAYER) (SOFTLAYER)
1	52.117.247.211 52.117.247.211	36351 (SOFTLAYER) (SOFTLAYER)
2	2606:4700:1::... 2606:4700:1::6813:864e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
1	95.101.54.106 95.101.54.106	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
6	143.204.98.88 143.204.98.88	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:813::2016	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
11	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	92.204.136.218 92.204.136.218	398108 (GO-DADDY-...) (GO-DADDY-COM-LLC)
2	2606:4700:303... 2606:4700:3037::6815:233e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	24.199.69.252 24.199.69.252	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	157.230.222.159 157.230.222.159	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::2006	15169 (GOOGLE) (GOOGLE)
1	13.224.189.82 13.224.189.82	16509 (AMAZON-02) (AMAZON-02)
2	205.185.216.42 205.185.216.42	20446 (STACKPATH...) (STACKPATH-CDN)
1	2606:4700:10:... 2606:4700:10::6814:31d8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.22.7.169 104.22.7.169	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2400:52e0:1a0... 2400:52e0:1a01::899:1	200325 (BUNNYCDN) (BUNNYCDN)
2	2606:4700:303... 2606:4700:3035::6815:2c75	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	35.207.221.200 35.207.221.200	19527 (GOOGLE-2) (GOOGLE-2)
4	213.239.209.209 213.239.209.209	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
112	42

3 2a00:1450:4001:80f::2013 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

insurance.funjio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.19.54.139 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-19-54-139.us-east-2.compute.amazonaws.com

ads.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.21.94.16 (Mumbai, India)

ASN47583 (AS-HOSTINGER, CY)

funjio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 205.185.216.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net

cdn.hooliganmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

4.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
2.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2490:b600:0:4402:e8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

tags.worldglobalssp.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 147.182.222.211 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: 736357.cloudwaysapps.com

display.jalewaads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 62.122.171.6 (United States)

ASN50245 (SERVEREL-AS, US)
PTR: 62.122.171.6.serverel.net

meo257na3rch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
berlipurplin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
madriyelowd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.236.16.176 (Russian Federation)

ASN198610 (BEGET-AS, RU)
PTR: ssl.wolf1.beget.com

ad-slot.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.94.236.253 (Netherlands) 2 redirects

ASN42567 (MOJHOST-EU, NL)

poweredby.jads.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.116.53.147 (United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: 93.35.7434.ip4.static.sl-reverse.com

p295571.clksite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.117.247.211 (United States)

ASN36351 (SOFTLAYER, US)
PTR: d3.f7.7534.ip4.static.sl-reverse.com

myckdom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:1::6813:864e (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.54.106 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-54-106.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 143.204.98.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-88.fra50.r.cloudfront.net

services.brid.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.brid.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:813::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

ads-bitcoin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.adsfirm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 92.204.136.218 (Warrenton, United States)

ASN398108 (GO-DADDY-COM-LLC, US)
PTR: ns1007988.ip-92-204-136.us

traffic2bitcoin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3037::6815:233e (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.bncloudfl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 24.199.69.252 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

publishers.hooliganmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.230.222.159 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: 1010700.cloudwaysapps.com

dashboard.jalewaads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-82.fra2.r.cloudfront.net

stats-dev.brid.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 205.185.216.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net

i.jads.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:31d8 (United States)

ASN13335 (CLOUDFLARENET, US)

banners.mellowads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.22.7.169 (None, )

ASN13335 (CLOUDFLARENET, US)

static1.freebitco.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:52e0:1a01::899:1 (Los Angeles, United States)

ASN200325 (BUNNYCDN, SI)

mellowads.b-cdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3035::6815:2c75 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.adsfcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.207.221.200 (Mumbai, India)

ASN19527 (GOOGLE-2, US)
PTR: 200.221.207.35.bc.googleusercontent.com

adgebra.co.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 213.239.209.209 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: 213-239-209-209.clients.your-server.de

ad.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

4e4176ab5ef58c55be391f15f26d58e7.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	ads-bitcoin.com ads-bitcoin.com	98 KB
8	jads.co 2 redirects poweredby.jads.co — Cisco Umbrella Rank: 29043 i.jads.co — Cisco Umbrella Rank: 49880	785 KB
7	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 123	21 KB
7	brid.tv services.brid.tv — Cisco Umbrella Rank: 17975 p.brid.tv — Cisco Umbrella Rank: 27067 stats-dev.brid.tv — Cisco Umbrella Rank: 20360	121 KB
6	jalewaads.com display.jalewaads.com dashboard.jalewaads.com	89 KB
4	a-ads.com ad.a-ads.com — Cisco Umbrella Rank: 33895 static.a-ads.com — Cisco Umbrella Rank: 45936	1 MB
4	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 212	168 KB
4	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 103	20 KB
4	meo257na3rch.com meo257na3rch.com	54 KB
4	blogger.com www.blogger.com — Cisco Umbrella Rank: 10121	65 KB
4	funjio.com 1 redirects insurance.funjio.com funjio.com	51 KB
3	adgebra.co.in adgebra.co.in — Cisco Umbrella Rank: 40624	4 KB
3	gstatic.com fonts.gstatic.com	24 KB
3	berlipurplin.com berlipurplin.com — Cisco Umbrella Rank: 370233	53 KB
3	worldglobalssp.xyz tags.worldglobalssp.xyz — Cisco Umbrella Rank: 792386	3 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 77 ajax.googleapis.com — Cisco Umbrella Rank: 406 imasdk.googleapis.com — Cisco Umbrella Rank: 526	215 KB
3	hooliganmedia.com cdn.hooliganmedia.com — Cisco Umbrella Rank: 838234 publishers.hooliganmedia.com — Cisco Umbrella Rank: 921680	237 KB
2	adsfirm.com cdn.adsfirm.com — Cisco Umbrella Rank: 980864	18 KB
2	adsfcdn.com cdn.adsfcdn.com — Cisco Umbrella Rank: 773279	175 KB
2	bncloudfl.com cdn.bncloudfl.com — Cisco Umbrella Rank: 18613	376 KB
2	traffic2bitcoin.com traffic2bitcoin.com	4 KB
2	mgid.com jsc.mgid.com — Cisco Umbrella Rank: 8108	915 B
2	blogspot.com 4.bp.blogspot.com — Cisco Umbrella Rank: 13766 2.bp.blogspot.com — Cisco Umbrella Rank: 14325	33 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1006	77 KB
1	b-cdn.net mellowads.b-cdn.net	58 KB
1	freebitco.in static1.freebitco.in — Cisco Umbrella Rank: 215446	43 KB
1	mellowads.com banners.mellowads.com	101 KB
1	googlesyndication.com pagead2.googlesyndication.com Failed 4e4176ab5ef58c55be391f15f26d58e7.safeframe.googlesyndication.com	3 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 326	17 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 55	21 KB
1	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1724	9 KB
1	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 579	518 B
1	madriyelowd.com madriyelowd.com	70 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 73	65 KB
1	myckdom.com myckdom.com — Cisco Umbrella Rank: 124837
1	clksite.com 1 redirects p295571.clksite.com	108 B
1	ad-slot.ru ad-slot.ru
1	vidoomy.com ads.vidoomy.com — Cisco Umbrella Rank: 25734 pixel.vidoomy.com Failed	3 KB
0	bittraffic.io Failed www.bittraffic.io Failed
0	mdgzg.com Failed mdgzg.com Failed
112	40

	Domain	Requested by
9	ads-bitcoin.com	insurance.funjio.com ads-bitcoin.com
7	i.ytimg.com	insurance.funjio.com
6	poweredby.jads.co	2 redirects insurance.funjio.com poweredby.jads.co
4	p.brid.tv	services.brid.tv
4	securepubads.g.doubleclick.net	funjio.com securepubads.g.doubleclick.net
4	lh3.googleusercontent.com	insurance.funjio.com
4	meo257na3rch.com	insurance.funjio.com meo257na3rch.com
4	www.blogger.com	insurance.funjio.com
3	adgebra.co.in	insurance.funjio.com adgebra.co.in
3	dashboard.jalewaads.com	display.jalewaads.com
3	fonts.gstatic.com	fonts.googleapis.com
3	berlipurplin.com	insurance.funjio.com berlipurplin.com
3	display.jalewaads.com	insurance.funjio.com display.jalewaads.com
3	tags.worldglobalssp.xyz	insurance.funjio.com
3	insurance.funjio.com	1 redirects insurance.funjio.com
2	cdn.adsfirm.com	cdn.adsfcdn.com cdn.adsfirm.com
2	static.a-ads.com	ad.a-ads.com
2	ad.a-ads.com	display.jalewaads.com traffic2bitcoin.com
2	cdn.adsfcdn.com	traffic2bitcoin.com insurance.funjio.com
2	i.jads.co	poweredby.jads.co
2	cdn.bncloudfl.com	insurance.funjio.com berlipurplin.com
2	traffic2bitcoin.com	insurance.funjio.com traffic2bitcoin.com
2	services.brid.tv	tags.worldglobalssp.xyz services.brid.tv
2	jsc.mgid.com	insurance.funjio.com
2	maxcdn.bootstrapcdn.com	insurance.funjio.com maxcdn.bootstrapcdn.com
2	cdn.hooliganmedia.com	insurance.funjio.com cdn.hooliganmedia.com
1	4e4176ab5ef58c55be391f15f26d58e7.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	mellowads.b-cdn.net	traffic2bitcoin.com
1	static1.freebitco.in	traffic2bitcoin.com
1	banners.mellowads.com	traffic2bitcoin.com
1	stats-dev.brid.tv	insurance.funjio.com
1	s0.2mdn.net	imasdk.googleapis.com
1	www.google-analytics.com	p.brid.tv
1	publishers.hooliganmedia.com	cdn.hooliganmedia.com
1	imasdk.googleapis.com	services.brid.tv imasdk.googleapis.com
1	2.bp.blogspot.com	insurance.funjio.com
1	fundingchoicesmessages.google.com	funjio.com
1	ads.stickyadstv.com	insurance.funjio.com
1	madriyelowd.com	insurance.funjio.com
1	www.googletagmanager.com	insurance.funjio.com
1	myckdom.com	insurance.funjio.com
1	p295571.clksite.com	1 redirects
1	ad-slot.ru	insurance.funjio.com
1	4.bp.blogspot.com	insurance.funjio.com
1	ajax.googleapis.com	insurance.funjio.com
1	fonts.googleapis.com	insurance.funjio.com
1	funjio.com	insurance.funjio.com
1	ads.vidoomy.com	insurance.funjio.com
0	pagead2.googlesyndication.com Failed	imasdk.googleapis.com
0	pixel.vidoomy.com Failed	insurance.funjio.com
0	www.bittraffic.io Failed	insurance.funjio.com
0	mdgzg.com Failed	insurance.funjio.com
112	52

This site contains links to these domains. Also see Links.

Domain
www.funjio.com
flow-soratemplates.blogspot.in
facebook.com
twitter.com
google.com
instagram.com
www.tiktokvideosonline.com
www.naukrijbs.com
jobs.tiktokvideosonline.com
www.mixturepotlam.com
beauty.mixturepotlam.com
fashion.mixturepotlam.com
www.healthtipsgalaxy.com
biggboss.tiktokvideosonline.com
cricket.tiktokvideosonline.com
www.flixteller.com
fun.tiktokvideosonline.com
handwork.tiktokvideosonline.com
kids.tiktokvideosonline.com
music.tiktokvideosonline.com
news.tiktokvideosonline.com
serials.tiktokvideosonline.com
www.contactdunia.com
auto.tiktokvideosonline.com
byhomeproducts.com
rssmix.com
www.profitsence.com

Subject Issuer	Validity	Valid
insurance.funjio.com GTS CA 1D4	`2023-06-27` - `2023-09-25`	3 months	crt.sh
*.blogger.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.vidoomy.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-01` - `2023-10-02`	a year	crt.sh
funjio.com R3	`2023-06-11` - `2023-09-09`	3 months	crt.sh
hooliganmedia.com E1	`2023-07-27` - `2023-10-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
tags.worldglobalssp.xyz Amazon RSA 2048 M01	`2023-02-23` - `2024-03-24`	a year	crt.sh
display.jalewaads.com R3	`2023-07-24` - `2023-10-22`	3 months	crt.sh
Buypass Class 2 CA 5	`2023-05-31` - `2023-11-26`	6 months	crt.sh
beget.com R3	`2023-07-24` - `2023-10-22`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.ads.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-16` - `2024-04-16`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
brid.tv Amazon RSA 2048 M01	`2023-02-23` - `2024-01-18`	a year	crt.sh
edgestatic.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
ads-bitcoin.com GTS CA 1P5	`2023-06-17` - `2023-09-15`	3 months	crt.sh
traffic2bitcoin.com cPanel, Inc. Certification Authority	`2023-06-04` - `2023-09-02`	3 months	crt.sh
*.jads.co Sectigo RSA Domain Validation Secure Server CA	`2022-12-26` - `2024-01-26`	a year	crt.sh
publishers.hooliganmedia.com R3	`2023-07-03` - `2023-10-01`	3 months	crt.sh
dashboard.jalewaads.com R3	`2023-07-24` - `2023-10-22`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
freebitco.in Cloudflare Inc ECC CA-3	`2023-06-05` - `2024-06-04`	a year	crt.sh
*.b-cdn.net Sectigo RSA Domain Validation Secure Server CA	`2022-11-07` - `2023-11-11`	a year	crt.sh
adsfcdn.com GTS CA 1P5	`2023-07-04` - `2023-10-02`	3 months	crt.sh
www.adgebra.co.in Go Daddy Secure Certificate Authority - G2	`2022-12-18` - `2024-01-07`	a year	crt.sh
*.a-ads.com Sectigo ECC Domain Validation Secure Server CA	`2022-12-21` - `2024-01-21`	a year	crt.sh

This page contains 17 frames:

Primary Page: https://insurance.funjio.com/
Frame ID: 8BD82AE11F312AF1CCBCE173D35C133B
Requests: 71 HTTP requests in this frame

Frame: https://ads-bitcoin.com/codes/banner?rcd=MTU1
Frame ID: D863A4C68E870BE21566CFD028F3429B
Requests: 9 HTTP requests in this frame

Frame: https://traffic2bitcoin.com/ptp.php?ref=narahari24&type=as&sitetype=1
Frame ID: EFB99BAC7846F6C6469FDFB355C339D5
Requests: 5 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=953252
Frame ID: C8605BA1A0EDBA8EDB3A6686D6504E61
Requests: 1 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=953252
Frame ID: 19154C08F5A449CE7B8B8DA4A1B5A255
Requests: 2 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=953115
Frame ID: 5B07C71E20399E656B76742E3E55DDFB
Requests: 1 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=953115
Frame ID: 01742C325046DBCE681ECD9C46695B83
Requests: 2 HTTP requests in this frame

Frame: https://cdn.bncloudfl.com/bn/3a7/242/cfc/3a7242cfc6d9619a17a0eef5018e36e302b2bcec.gif
Frame ID: 16E5313C27E371AEA590777F8CB3089B
Requests: 3 HTTP requests in this frame

Frame: https://cdn.bncloudfl.com/bn/3a7/242/cfc/3a7242cfc6d9619a17a0eef5018e36e302b2bcec.gif
Frame ID: 6B31941338E92FA01FB9257BFFF1ECF7
Requests: 2 HTTP requests in this frame

Frame: https://display.jalewaads.com/display/index.php?page=query/items/&aduid=3037&pid=1252&width=300&height=250&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=325&page_data=452b6c89586dbc4656823838b59b5622&time=1691472597&deliver=insurance.funjio.com&search_keywords=YOUR%20KEYWORDS%20HERE&page_referrer=aHR0cHM6Ly9pbnN1cmFuY2UuZnVuamlvLmNvbS8=&page_title=Insurance%20Policy&meta_description=YOUR%20DESCRIPTION%20HERE
Frame ID: 1E59C5087051D3ED104EC5B10C0626D3
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Frame ID: CFD70E3BC6D7842F58149B1E00EF52F5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 3F60A1CE78E95C4D1F9B9E2A54FE7025
Requests: 1 HTTP requests in this frame

Frame: https://traffic2bitcoin.com/qlt.php?ref=narahari24&keycode=7129&type=as&sitetype=1
Frame ID: 843799416E47E02D98FE96896211632A
Requests: 1 HTTP requests in this frame

Frame: https://ad.a-ads.com/1772515?size=300x250
Frame ID: 9C7B3474E83F39EF8F8342557BB9F1BA
Requests: 3 HTTP requests in this frame

Frame: https://4e4176ab5ef58c55be391f15f26d58e7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 09479F29D63232882FC42AA7E56C2678
Requests: 1 HTTP requests in this frame

Frame: https://cdn.adsfirm.com/iframe/
Frame ID: 1337004241E055148209B7F5792A14B1
Requests: 4 HTTP requests in this frame

Frame: https://ad.a-ads.com/741663?size=300x250
Frame ID: 89A38AB62E05CA0D0AA9B82A9BDFF290
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Insurance Policy

Page URL History Show full URLs

http://insurance.funjio.com/ HTTP 301
https://insurance.funjio.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

112
Requests

88 %
HTTPS

55 %
IPv6

40
Domains

52
Subdomains

42
IPs

6
Countries

4314 kB
Transfer

6371 kB
Size

16
Cookies

28 Outgoing links

These are links going to different origins than the main page.

URL: https://www.funjio.com/
Title: Home

Search URL Search Domain Scan URL

URL: http://flow-soratemplates.blogspot.in/p/about.html
Title: About Us

Search URL Search Domain Scan URL

URL: http://flow-soratemplates.blogspot.in/p/contact-us.html
Title: Contact Us

Search URL Search Domain Scan URL

URL: http://facebook.com/

Search URL Search Domain Scan URL

URL: http://twitter.com/

Search URL Search Domain Scan URL

URL: https://google.com/

Search URL Search Domain Scan URL

URL: http://instagram.com/

Search URL Search Domain Scan URL

URL: https://www.tiktokvideosonline.com/
Title: Tik Tok

Search URL Search Domain Scan URL

URL: https://www.naukrijbs.com/
Title: Jobs

Search URL Search Domain Scan URL

URL: https://jobs.tiktokvideosonline.com/
Title: Work

Search URL Search Domain Scan URL

URL: https://www.mixturepotlam.com/
Title: Movies

Search URL Search Domain Scan URL

URL: https://beauty.mixturepotlam.com/
Title: Beauty

Search URL Search Domain Scan URL

URL: https://fashion.mixturepotlam.com/
Title: Fashion

Search URL Search Domain Scan URL

URL: https://www.healthtipsgalaxy.com/
Title: Health

Search URL Search Domain Scan URL

URL: https://biggboss.tiktokvideosonline.com/
Title: Bigg Boss

Search URL Search Domain Scan URL

URL: https://cricket.tiktokvideosonline.com/
Title: Cricket

Search URL Search Domain Scan URL

URL: https://www.flixteller.com/
Title: Flix

Search URL Search Domain Scan URL

URL: https://fun.tiktokvideosonline.com/
Title: Fun

Search URL Search Domain Scan URL

URL: https://handwork.tiktokvideosonline.com/
Title: Work

Search URL Search Domain Scan URL

URL: https://kids.tiktokvideosonline.com/
Title: Kids

Search URL Search Domain Scan URL

URL: https://music.tiktokvideosonline.com/
Title: Music

Search URL Search Domain Scan URL

URL: https://news.tiktokvideosonline.com/
Title: News

Search URL Search Domain Scan URL

URL: https://serials.tiktokvideosonline.com/
Title: Serials

Search URL Search Domain Scan URL

URL: https://www.contactdunia.com/
Title: Contacts

Search URL Search Domain Scan URL

URL: https://auto.tiktokvideosonline.com/
Title: Auto

Search URL Search Domain Scan URL

URL: https://byhomeproducts.com/
Title: Shop

Search URL Search Domain Scan URL

URL: http://rssmix.com/u/13473205/rss.xml
Title: Loading...

Search URL Search Domain Scan URL

URL: https://www.profitsence.com/
Title: ProfitSence

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://insurance.funjio.com/ HTTP 301
https://insurance.funjio.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

https://poweredby.jads.co/js/jads.js HTTP 301
https://poweredby.jads.co/js/jads2.js

Request Chain 16

https://p295571.clksite.com/adServe/banners?tid=295571_828241_1 HTTP 301
https://myckdom.com/adServe/banners?tid=295571_828241_1

Request Chain 53

https://poweredby.jads.co/js/jads.js HTTP 301
https://poweredby.jads.co/js/jads2.js

112 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
insurance.funjio.com/
Redirect Chain

http://insurance.funjio.com/
https://insurance.funjio.com/

222 KB
43 KB

782ms
693ms

Document
text/html

2a00:1450:4001:80f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://insurance.funjio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ec751956f91253b0f2e2797b62b651b022ee3f4a6ffd4b4ad8311f4b4a33913f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=0
content-encoding: gzip
content-length: 43489
content-security-policy: upgrade-insecure-requests
content-security-policy-report-only: default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; report-uri https://www.blogger.com/cspreport
content-type: text/html; charset=UTF-8
date: Tue, 08 Aug 2023 05:29:56 GMT
etag: W/"eee9baf0a7a1dda4e1484c2edeac93ff2d1bae5277c91517cedacd5157da85e3"
expires: Tue, 08 Aug 2023 05:29:56 GMT
last-modified: Tue, 27 Jun 2023 21:50:15 GMT
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

Cache-Control: private, max-age=0
Content-Encoding: gzip
Content-Length: 177
Content-Security-Policy: frame-ancestors 'self'
Content-Type: text/html; charset=UTF-8
Date: Tue, 08 Aug 2023 05:29:55 GMT
Expires: Tue, 08 Aug 2023 05:29:55 GMT
Location: https://insurance.funjio.com/
Server: GSE
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

GET
H2 200 3566091532-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ 35 KB
8 KB 176ms
39ms Stylesheet
text/css 2a00:1450:4001:831::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css

Requested by

Host: insurance.funjio.com
URL: https://insurance.funjio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9ca837900b6ae007386d400f659c233120b8af7d93407fd6475c9180d9e83d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insurance.funjio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 04:47:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2548
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7756
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 10:53:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Wed, 07 Aug 2024 04:47:28 GMT

GET
H/1.1 200
OK funjiocom_16590.js Show response
ads.vidoomy.com/ 3 KB
3 KB 402ms
138ms Script
application/javascript 3.19.54.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.vidoomy.com/funjiocom_16590.js
Requested by: Host: insurance.funjio.com
URL: https://insurance.funjio.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.19.54.139 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-19-54-139.us-east-2.compute.amazonaws.com
Software: Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 / PHP/7.0.33
Resource Hash: d89d280e4bb2f02f3ab54dade300692fde8250230a4d15d02766fd4a2349667f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insurance.funjio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 08 Aug 2023 05:29:56 GMT
Server: Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=300
Content-Length: 3013

GET
H2 200 funjio.com-hm-min.js Show response
funjio.com/ 14 KB
6 KB 847ms
316ms Script
application/x-javascript 217.21.94.16
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://funjio.com/funjio.com-hm-min.js

Requested by

Host: insurance.funjio.com
URL: https://insurance.funjio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

217.21.94.16 Mumbai, India, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

3113d3655807e64fbf34358f15de245ccf5ba1964fa6833a7fef6adb64183e51

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insurance.funjio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 05:29:57 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 29 Jan 2022 01:12:32 GMT
server: LiteSpeed
etag: "39a7-61f49480-3d94b7e61b5b2ed1;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 5391
expires: Tue, 15 Aug 2023 05:29:57 GMT

GET
H2 200 hmads0.js Show response
cdn.hooliganmedia.com/ 23 KB
23 KB 320ms
45ms Script
text/javascript 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.hooliganmedia.com/hmads0.js

Requested by

Host: insurance.funjio.com
URL: https://insurance.funjio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

a116b8b33992caa4b4be881af7c5f6daeef5ec01b334f4b3b4ee37d7f7b199be

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insurance.funjio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 05:29:57 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Mon, 03 Jul 2023 20:48:46 GMT
x-amz-request-id: tx00000000000005fcc8b20-0064d1ccc4-716fb840-nyc3c
etag: "304defa00beafee1b2431ae945bc316b"
x-envoy-upstream-healthchecked-cluster
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1691472597.dop106.fr8.t,1691472597.cds236.fr8.hn,1691472597.cds148.fr8.c
content-type: text/javascript
cache-control: max-age=2047
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 23228

GET
H2 200 css
fonts.googleapis.com/ 5 KB
958 B 137ms
47ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700

Requested by

Host: insurance.funjio.com
URL: https://insurance.funjio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dc2a9ecb9eae34a409e66cbdd46b3562c560f8ffa1c1f80ea84532999d6d408c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insurance.funjio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 08 Aug 2023 05:29:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 08 Aug 2023 04:47:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 08 Aug 2023 05:29:56 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/ 28 KB
7 KB 141ms
52ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/font-awesome.min.css

Requested by

Host: insurance.funjio.com
URL: https://insurance.funjio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5d7707ea8fc00aae40bf500ac7498d7f32f6b1bbff7b4fde976a40345eb5f9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insurance.funjio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 05:29:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 632, 617, 617
age: 25964043
cdn-cachedat: 2021-06-08 21:36:06
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 0da3e6fa0421515cbcf5425517fc7012
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 7f355d50a92f03f4-FRA
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.0/ 94 KB
95 KB 127ms
39ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Requested by

Host: insurance.funjio.com
URL: https://insurance.funjio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insurance.funjio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 12:02:04 GMT
x-content-type-options: nosniff
age: 149272
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 96381
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 05 Aug 2024 12:02:04 GMT

GET
H2 200 funJio.png
4.bp.blogspot.com/-5FfB41tZJIo/YAW3szUR0hI/AAAAAAAAUyo/N2C4a3Tme_ID9xBGnP1vT8-vmQtrotAuQCK4BGAYYCw/s1600/ 2 KB
2 KB 296ms
63ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-5FfB41tZJIo/YAW3szUR0hI/AAAAAAAAUyo/N2C4a3Tme_ID9xBGnP1vT8-vmQtrotAuQCK4BGAYYCw/s1600/funJio.png

Requested by

Host: insurance.funjio.com
URL: https://insurance.funjio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9dcf047d6a147e7eb8cc764ea74cc1e1c04d037effde6d8cc3ffebe98080e6dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insurance.funjio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 05:29:57 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="funJio.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2107
x-xss-protection: 0
server: fife
etag: "v532b"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 09 Aug 2023 05:29:57 GMT

GET
H2 200 26666 Show response
tags.worldglobalssp.xyz/tag/ 991 B
1 KB 185ms
40ms Script
text/javascript 2600:9000:2490:b600:0:4402:e8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.worldglobalssp.xyz/tag/26666

Requested by

Host: insurance.funjio.com
URL: https://insurance.funjio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:b600:0:4402:e8c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

d7f31e5a78056fd6a1c1199b5c571414e9119dc0eb11f9fff32a6ed455788744

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insurance.funjio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
date: Tue, 08 Aug 2023 04:46:39 GMT
x-content-type-options: nosniff
via: 1.1 bb5a1c03f2335d92378a3e68542733da.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 2598
x-dns-prefetch-control: off
x-cache: Hit from cloudfront
content-length: 991
x-xss-protection: 1; mode=block
server: nginx/1.16.1
etag: W/"3df-6Xu4matXnCdxhHt3GL9ZRGRPfEY"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-amz-cf-id: 6BbzHWPsFU91_vF_w8LBJ4LfsV_WSTfQBtLMyE3OuT42VguEXWzgsQ==

GET
H2 200 26667 Show response
tags.worldglobalssp.xyz/tag/ 255 B
752 B 39ms
39ms Script
text/javascript 2600:9000:2490:b600:0:4402:e8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.worldglobalssp.xyz/tag/26667

Requested by

Host: insurance.funjio.com
URL: https://insurance.funjio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:b600:0:4402:e8c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

6c6760f12faa77e3ed71540c19687b4c484c53cf6b7423b13500e91fb4bfdac0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insurance.funjio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
date: Tue, 08 Aug 2023 04:46:39 GMT
x-content-type-options: nosniff
via: 1.1 bb5a1c03f2335d92378a3e68542733da.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 2598
x-dns-prefetch-control: off
x-cache: Hit from cloudfront
content-length: 255
x-xss-protection: 1; mode=block
server: nginx/1.16.1
etag: W/"ff-fhT+qYUdBfwMCXGOrG5jVWVWogY"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-amz-cf-id: G0h11scQQKm0u9Ovuyg-DBJF70eV79GoVvGBYnzjvt1MCwWs8g6ITQ==

GET
H2 200 22768 Show response
tags.worldglobalssp.xyz/tag/ 538 B
1 KB 40ms
40ms Script
text/javascript 2600:9000:2490:b600:0:4402:e8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.worldglobalssp.xyz/tag/22768

Requested by

Host: insurance.funjio.com
URL: https://insurance.funjio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:b600:0:4402:e8c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

71bcf1492d7a80fad9a2a484a4d47ddd7438eba3f9622ba1e8e90d65b96b0226

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insurance.funjio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
date: Tue, 08 Aug 2023 04:46:39 GMT
x-content-type-options: nosniff
via: 1.1 bb5a1c03f2335d92378a3e68542733da.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 2598
x-dns-prefetch-control: off
x-cache: Hit from cloudfront
content-length: 538
x-xss-protection: 1; mode=block
server: nginx/1.16.1
etag: W/"21a-3ql1Vhl0H+SpMwIb4adw4B5G8Dk"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-amz-cf-id: tikjCHXvoAGvN4QFZURisyqody-qS7j6pAB8quWiOJPtkqK8QpfKNA==

GET
H2 200 items.php Show response
display.jalewaads.com/display/ 61 KB
11 KB 542ms
220ms Script
application/javascript 147.182.222.211
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://display.jalewaads.com/display/items.php?3037&1252&300&250&4&0&0
Requested by: Host: insurance.funjio.com
URL: https://insurance.funjio.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 147.182.222.211 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 736357.cloudwaysapps.com
Software: nginx /
Resource Hash: acf76dc1ca3958bef5996b6ff11ddd99c392d6da8b28f56bc876296648809a45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insurance.funjio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Aug 2023 05:29:57 GMT
content-encoding: gzip
last-modified: Tue, 08 Aug 2023 05:29:57 GMT
server: nginx
age: 0
vary: Accept-Encoding
x-cache: MISS
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
accept-ranges: bytes
content-length: 10614
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 code.js Show response
meo257na3rch.com/lv/esnk/1883516/ 124 KB
51 KB 248ms
124ms Script
application/javascript 62.122.171.6
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://meo257na3rch.com/lv/esnk/1883516/code.js
Requested by: Host: insurance.funjio.com
URL: https://insurance.funjio.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 62.122.171.6 , United States, ASN50245 (SERVEREL-AS, US),
Reverse DNS: 62.122.171.6.serverel.net
Software: nginx /
Resource Hash: 7704aea5716dfc98d10be0af50d19b82eb343a67f1bb4070448d60c2e814f66d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insurance.funjio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 05:29:57 GMT
content-encoding: gzip
last-modified: Tue, 25 Jul 2023 07:47:32 GMT
server: nginx
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
etag: W/"64bf7e14-1f1f7"
vary: Accept-Encoding
content-type: application/javascript
x-js-ab2: current
timing-allow-origin: *

GET
H2 404 banner-code.php
ad-slot.ru/ 0
0 446ms
124ms Script
text/html 87.236.16.176
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad-slot.ru/banner-code.php?id=8799
Requested by: Host: insurance.funjio.com
URL: https://insurance.funjio.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.176 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.wolf1.beget.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insurance.funjio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H2 200 code.js Show response
berlipurplin.com/lv/esnk/1861823/ 124 KB
51 KB 247ms
123ms Script
application/javascript 62.122.171.6
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://berlipurplin.com/lv/esnk/1861823/code.js
Requested by: Host: insurance.funjio.com
URL: https://insurance.funjio.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 62.122.171.6 , United States, ASN50245 (SERVEREL-AS, US),
Reverse DNS: 62.122.171.6.serverel.net
Software: nginx /
Resource Hash: a846d008de1afffd65fb3990db6a35e14c40b8970352212a347e58cd61c67e4c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insurance.funjio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 05:29:57 GMT
content-encoding: gzip
last-modified: Tue, 25 Jul 2023 07:47:32 GMT
server: nginx
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
etag: W/"64bf7e14-1f1f7"
vary: Accept-Encoding
content-type: application/javascript
x-js-ab2: current
timing-allow-origin: *

GET
H/1.1

200
OK

jads2.js Show response
poweredby.jads.co/js/
Redirect Chain

https://poweredby.jads.co/js/jads.js
https://poweredby.jads.co/js/jads2.js

4 KB
2 KB

135ms
44ms

Script
application/x-javascript

185.94.236.253
MOJHOST-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://poweredby.jads.co/js/jads2.js
Requested by: Host: insurance.funjio.com
URL: https://insurance.funjio.com/
Protocol: HTTP/1.1
Server: 185.94.236.253 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software: nginx /
Resource Hash: 5ad0b5133e45b32908a388c8c6dcfca2c23d1d9d3e2ed6a839a742bab1ffde51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insurance.funjio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 05:29:57 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Apr 2023 20:12:17 GMT
Server: nginx
ETag: W/"6442ee21-eae"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Connection: close

Redirect headers

Location: jads2.js
Date: Tue, 08 Aug 2023 05:29:57 GMT
Server: nginx
Connection: keep-alive
Content-Length: 178
Content-Type: text/html

GET
H2

403

banners
myckdom.com/adServe/
Redirect Chain

https://p295571.clksite.com/adServe/banners?tid=295571_828241_1
https://myckdom.com/adServe/banners?tid=295571_828241_1

0
0

493ms
169ms

Script
text/html

52.117.247.211
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://myckdom.com/adServe/banners?tid=295571_828241_1
Requested by: Host: insurance.funjio.com
URL: https://insurance.funjio.com/
Protocol: H2
Server: 52.117.247.211 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: d3.f7.7534.ip4.static.sl-reverse.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insurance.funjio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Redirect headers

location: https://myckdom.com/adServe/banners?tid=295571_828241_1
date: Tue, 08 Aug 2023 05:29:57 GMT
server: nginx
content-length: 162
content-type: text/html

GET load.js
mdgzg.com/serve/ 0
0

GET
H2 200 funjio.com.905883.js Show response
jsc.mgid.com/f/u/ 0
593 B 710ms
581ms Script
text/javascript 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/f/u/funjio.com.905883.js
Requested by: Host: insurance.funjio.com
URL: https://insurance.funjio.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insurance.funjio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 05:29:58 GMT
x-amz-version-id: null
cf-cache-status: REVALIDATED
x-amz-request-id: PVBH578HWTBJ80F1
cf-polished: origSize=3
alt-svc: h3=":443"; ma=86400
content-length: 0
x-amz-id-2: O2zFHtcjbVh5qcL/uaGie1VCwzGM5bmo0sDfmXdqGveRZtzIsXkCYXf7N1P1aIHwQ8+3xXzZiYQ=
cf-bgj: minify
last-modified: Tue, 28 Dec 2021 17:08:24 GMT
server: cloudflare
etag: "cf64b89236d83f0076d28cfa07bc8d51"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
accept-ranges: bytes
cf-ray: 7f355d56ca0023b3-LHR
expires: Tue, 08 Aug 2023 08:29:58 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 179 KB
65 KB 240ms
129ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-130927848-1

Requested by

Host: insurance.funjio.com
URL: https://insurance.funjio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8614a8ac4bc2a3ed97bfe6b5b53d876c66aaf87fd84bc79f40baff6412bbdf72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insurance.funjio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 05:29:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66511
x-xss-protection: 0
last-modified: Tue, 08 Aug 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 08 Aug 2023 05:29:57 GMT

GET
H2 200 AAOd8MwCzpg1G339c9MZK4p_Tsk3nxLVkWUTd4gtt9HsKK5_4WMU1i-wqxGmepfuNkmQDsjp39n2eT7Qpm-Ya5NDOggEuesI_ywhyIes8wcrxBrGOA
lh3.googleusercontent.com/blogger_img_proxy/ 5 KB
5 KB 150ms
63ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/blogger_img_proxy/AAOd8MwCzpg1G339c9MZK4p_Tsk3nxLVkWUTd4gtt9HsKK5_4WMU1i-wqxGmepfuNkmQDsjp39n2eT7Qpm-Ya5NDOggEuesI_ywhyIes8wcrxBrGOA

Requested by

Host: insurance.funjio.com
URL: https://insurance.funjio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0ec1294e4961a15d00e49b679605e74b2f093f60e793d79d0414597ccc9f3000

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insurance.funjio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 05:29:57 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5472
x-xss-protection: 0
expires: Wed, 09 Aug 2023 05:29:57 GMT

GET
H2 200 AAOd8Mw0qTDcMRDDaznfMYCLbBtvBINDqD4EmGUCHWzs3ZOcUqk0luwma0kbn6crXDNFyRoF4gbBF6Bwb0tK81Tlej0SLbU0T5BozQEHwIOQmjOk23w
lh3.googleusercontent.com/blogger_img_proxy/ 5 KB
5 KB 134ms
56ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/blogger_img_proxy/AAOd8Mw0qTDcMRDDaznfMYCLbBtvBINDqD4EmGUCHWzs3ZOcUqk0luwma0kbn6crXDNFyRoF4gbBF6Bwb0tK81Tlej0SLbU0T5BozQEHwIOQmjOk23w

Requested by

Host: insurance.funjio.com
URL: https://insurance.funjio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fcc69b6383d73590de75640851e672fbc9d5d37f0ebc5492d1d0062b50c6ae3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insurance.funjio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 05:29:57 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5063
x-xss-protection: 0
expires: Wed, 09 Aug 2023 05:29:57 GMT

GET
H2 200 AAOd8Mz9xDhV5R6Pzh53yWjMFdtNuXawqG5_onp6pF4pm3P-1j_AZmhpaCpp4mA1Vo9YBcwAurMGuvtVy3Vy0kQnSmt4b3Y2aTV8qetRKoIpec-YiA
lh3.googleusercontent.com/blogger_img_proxy/ 6 KB
6 KB 170ms
92ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/blogger_img_proxy/AAOd8Mz9xDhV5R6Pzh53yWjMFdtNuXawqG5_onp6pF4pm3P-1j_AZmhpaCpp4mA1Vo9YBcwAurMGuvtVy3Vy0kQnSmt4b3Y2aTV8qetRKoIpec-YiA

Requested by

Host: insurance.funjio.com
URL: https://insurance.funjio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

672eca19c3be21a9462e51ed0ded052aead248f6fac752353e02a5818f6998cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insurance.funjio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 05:29:57 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5733
x-xss-protection: 0
expires: Wed, 09 Aug 2023 05:29:57 GMT

GET
H2 200 AAOd8Mxt0TB7U6YBtYtRmeSqlYYV0on9AhMEGOyUVBnmZRsbepJ_8F2YFNeJNAu9D166nZ2V-NGdZSDaswj4l00MWBYpRpvYil4mpV0yU_WWlHgP29A
lh3.googleusercontent.com/blogger_img_proxy/ 4 KB
4 KB 130ms
60ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/blogger_img_proxy/AAOd8Mxt0TB7U6YBtYtRmeSqlYYV0on9AhMEGOyUVBnmZRsbepJ_8F2YFNeJNAu9D166nZ2V-NGdZSDaswj4l00MWBYpRpvYil4mpV0yU_WWlHgP29A

Requested by

Host: insurance.funjio.com
URL: https://insurance.funjio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7e87bb44c3eae2f01a61c4c86a081df466e7de1145cc1d858170d678c7caa5f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insurance.funjio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 05:29:57 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3868
x-xss-protection: 0
expires: Wed, 09 Aug 2023 05:29:57 GMT

GET
H2 200 1876415 Show response
madriyelowd.com/bultykh/ipp24/7/bazinga/ 234 KB
70 KB 207ms
87ms Script
application/javascript 62.122.171.6
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://madriyelowd.com/bultykh/ipp24/7/bazinga/1876415
Requested by: Host: insurance.funjio.com
URL: https://insurance.funjio.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 62.122.171.6 , United States, ASN50245 (SERVEREL-AS, US),
Reverse DNS: 62.122.171.6.serverel.net
Software: nginx /
Resource Hash: 8ec439004dea8add88a08d6f665f3a3968ba1d047ee3ec937d7bdebb18459917

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insurance.funjio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 05:29:57 GMT
content-encoding: gzip
last-modified: Tue, 25 Jul 2023 07:47:32 GMT
server: nginx
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
etag: W/"64bf7e14-3a975"
vary: Accept-Encoding
content-type: application/javascript
x-js-ab2: current
timing-allow-origin: *

GET items.php
www.bittraffic.io/display/ 0
0

GET
H2 200 funjio.com.905913.js Show response
jsc.mgid.com/f/u/ 0
322 B 524ms
524ms Script
text/javascript 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/f/u/funjio.com.905913.js
Requested by: Host: insurance.funjio.com
URL: https://insurance.funjio.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insurance.funjio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 05:29:58 GMT
x-amz-version-id: null
cf-cache-status: REVALIDATED
x-amz-request-id: 0NJZH7EY62BXJ9P4
cf-polished: origSize=3
alt-svc: h3=":443"; ma=86400
content-length: 0
x-amz-id-2: YbThgFvPNistTx7VQf4kETKMemCjkj475Txgh6HoA9ZNLFa3DuhHKnoY2wY6eX3Nh9iwjf8oYUQ=
cf-bgj: minify
last-modified: Tue, 28 Dec 2021 17:08:24 GMT
server: cloudflare
etag: "cf64b89236d83f0076d28cfa07bc8d51"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
accept-ranges: bytes
cf-ray: 7f355d57fb0123b3-LHR
expires: Tue, 08 Aug 2023 08:29:58 GMT

GET items.php
www.bittraffic.io/display/ 0
0

GET
H2 200 cookienotice.js Show response
insurance.funjio.com/js/ 6 KB
2 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:80f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://insurance.funjio.com/js/cookienotice.js

Requested by

Host: insurance.funjio.com
URL: https://insurance.funjio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insurance.funjio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 05:29:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 07 Aug 2023 20:56:04 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 2026
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Tue, 15 Aug 2023 05:29:57 GMT

GET
H2 200 2387128957-widgets.js Show response
www.blogger.com/static/v1/widgets/ 156 KB
57 KB 44ms
41ms Script
text/javascript 2a00:1450:4001:831::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/2387128957-widgets.js

Requested by

Host: insurance.funjio.com
URL: https://insurance.funjio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a0cd3db633064217878d16ff6d41d349ca0580d52b5c2cbe2ffa45575029da5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insurance.funjio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 18:33:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39402
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57804
x-xss-protection: 0
last-modified: Fri, 04 Aug 2023 00:52:32 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Tue, 06 Aug 2024 18:33:15 GMT

GET reg.cgi
pixel.vidoomy.com/ 0
0

GET
H/1.1 200
OK auto-user-sync
ads.stickyadstv.com/ 43 B
518 B 172ms
48ms Image
image/gif 95.101.54.106
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/auto-user-sync
Requested by: Host: insurance.funjio.com
URL: https://insurance.funjio.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.54.106 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-54-106.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insurance.funjio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 08 Aug 2023 05:29:57 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1691472597846084-582
Expires: Tue, 08 Aug 2023 05:29:57 GMT

GET
H2 200 AGSKWxWriHHw7Wmvs8hvDTtEKVeEKnSF1CPGlpd0MChKFMPpmlLLolU1UOjjZuZZD1U7KuvmiiTj2h7jrRG_LFaEtWs= Show response
fundingchoicesmessages.google.com/f/ 19 KB
9 KB 184ms
82ms Script
application/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWriHHw7Wmvs8hvDTtEKVeEKnSF1CPGlpd0MChKFMPpmlLLolU1UOjjZuZZD1U7KuvmiiTj2h7jrRG_LFaEtWs=

Requested by

Host: funjio.com
URL: https://funjio.com/funjio.com-hm-min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2cf4896234ab6ea9c09c2ab49798a419c195acf6a96b37964d2a94f3ce1d4071

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vtt8kOyuaEW3_-babdV9MQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insurance.funjio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 05:29:57 GMT
content-security-policy: script-src 'report-sample' 'nonce-vtt8kOyuaEW3_-babdV9MQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 231ms
122ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: funjio.com
URL: https://funjio.com/funjio.com-hm-min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

065aabddb94289300c792352a87532acb7669ba8ff5c85ee7b0361e596c51031

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insurance.funjio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 05:29:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27897
x-xss-protection: 0
server: cafe
etag: 341 / 19577 / m202308020101 / config-hash: 3768369012291546653
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 08 Aug 2023 05:29:58 GMT

GET
H2 200 authorization.css
www.blogger.com/dyn-css/ 1 B
684 B 645ms
645ms Stylesheet
text/css 2a00:1450:4001:831::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=2167522243462099664&zx=3f2ef8b9-5333-4105-8dbd-1ee803bf8ef1

Requested by

Host: insurance.funjio.com
URL: https://insurance.funjio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insurance.funjio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date: Tue, 08 Aug 2023 05:29:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 08 Aug 2023 05:29:57 GMT
server: GSE
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 brid.outstream.min.js Show response
services.brid.tv/player/build/ 201 KB
56 KB 252ms
129ms Script
application/javascript 143.204.98.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://services.brid.tv/player/build/brid.outstream.min.js
Requested by: Host: tags.worldglobalssp.xyz
URL: https://tags.worldglobalssp.xyz/tag/26667
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-88.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 28b1823b5efe3fe74808098ecaf4dbe53d417dd4fea45e2dd39aeec8159e61ee

Request headers

Referer: https://insurance.funjio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 08 Aug 2023 05:25:56 GMT
content-encoding: br
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
last-modified: Thu, 03 Aug 2023 14:04:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 242
x-amz-server-side-encryption: AES256
etag: W/"6637a8742a9e8c12c0349b532ae84802"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1200, public
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: nBaoECdwPauMBipxX3nWAxiMKe0GgCzoOVqR7Rw0omjkcDDoLlB2-Q==

GET
H2 200 skulls.png
2.bp.blogspot.com/-dXJdURBWXV0/WURLCPybzLI/AAAAAAAAAis/LASrAY02NO4VNQ9CMY0Z93nTtRrGOVVgQCLcBGAs/s1600/ 30 KB
31 KB 252ms
39ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-dXJdURBWXV0/WURLCPybzLI/AAAAAAAAAis/LASrAY02NO4VNQ9CMY0Z93nTtRrGOVVgQCLcBGAs/s1600/skulls.png

Requested by

Host: insurance.funjio.com
URL: https://insurance.funjio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3956a454410396f9668b658abd81aa23047276430eb93a4a5017590e481a97c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insurance.funjio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 05:15:22 GMT
x-content-type-options: nosniff
age: 875
content-disposition: inline;filename="skulls.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31136
x-xss-protection: 0
server: fife
etag: "v22c"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 09 Aug 2023 05:15:22 GMT

GET
H2 200 default.jpg
i.ytimg.com/vi/MtACqa1j7mU/ 3 KB
3 KB 292ms
180ms Image
image/jpeg 2a00:1450:4001:813::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/MtACqa1j7mU/default.jpg

Requested by

Host: insurance.funjio.com
URL: https://insurance.funjio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db6c9d0efcdce460b2d1e05256cd3d4255f75da4aff2902a8eaaecbc2b0aa5c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insurance.funjio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 05:29:57 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3436
x-xss-protection: 0
server: sffe
etag: "1638863668"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 08 Aug 2023 07:29:57 GMT

GET
H2 404 default.jpg
i.ytimg.com/vi/SoC0z1l0CYg/ 1 KB
1 KB 237ms
125ms Image
image/jpeg 2a00:1450:4001:813::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/SoC0z1l0CYg/default.jpg

Requested by

Host: insurance.funjio.com
URL: https://insurance.funjio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20e9aab22032d85684d7d916a1013f7c577a132a5b10ea3fd3578e8d0b28a711

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insurance.funjio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 05:29:57 GMT
x-content-type-options: nosniff
server: sffe
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=30
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1097
x-xss-protection: 0
expires: Tue, 08 Aug 2023 05:30:27 GMT

GET
H2 200 default.jpg
i.ytimg.com/vi/3uQz11g8b-c/ 3 KB
3 KB 286ms
173ms Image
image/jpeg 2a00:1450:4001:813::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/3uQz11g8b-c/default.jpg

Requested by

Host: insurance.funjio.com
URL: https://insurance.funjio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3362fe5ad591e63a73ab79cdd0763fa56318c38f519afdfcbd7b6ef951789477

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insurance.funjio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 05:29:57 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3008
x-xss-protection: 0
server: sffe
etag: "1638794348"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 08 Aug 2023 07:29:57 GMT

GET
H2 200 default.jpg
i.ytimg.com/vi/tNxTLSnYgTI/ 4 KB
4 KB 279ms
167ms Image
image/jpeg 2a00:1450:4001:813::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/tNxTLSnYgTI/default.jpg

Requested by

Host: insurance.funjio.com
URL: https://insurance.funjio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4ac9dd242e7beba9b1d9dd191c8e71fac7afb634c88c39f074bba62f570fc40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insurance.funjio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 05:29:57 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3780
x-xss-protection: 0
server: sffe
etag: "1638849096"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 08 Aug 2023 07:29:57 GMT

GET
H2 404 default.jpg
i.ytimg.com/vi/Ys4MO-5poqs/ 1 KB
1 KB 50ms
49ms Image
image/jpeg 2a00:1450:4001:813::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/Ys4MO-5poqs/default.jpg

Requested by

Host: insurance.funjio.com
URL: https://insurance.funjio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20e9aab22032d85684d7d916a1013f7c577a132a5b10ea3fd3578e8d0b28a711

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insurance.funjio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 05:29:57 GMT
x-content-type-options: nosniff
server: sffe
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=30
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1097
x-xss-protection: 0
expires: Tue, 08 Aug 2023 05:30:27 GMT

GET
H2 200 default.jpg
i.ytimg.com/vi/32M6os2rFP4/ 5 KB
5 KB 90ms
90ms Image
image/jpeg 2a00:1450:4001:813::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/32M6os2rFP4/default.jpg

Requested by

Host: insurance.funjio.com
URL: https://insurance.funjio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29f03d6eff59d3bcb1378e7cc22d5e336f8a66d049173b77da846033be532e36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insurance.funjio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 05:29:57 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5069
x-xss-protection: 0
server: sffe
etag: "1638837971"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 08 Aug 2023 07:29:57 GMT

GET
H2 200 default.jpg
i.ytimg.com/vi/gSXhfJVDNbo/ 3 KB
4 KB 106ms
106ms Image
image/jpeg 2a00:1450:4001:813::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/gSXhfJVDNbo/default.jpg

Requested by

Host: insurance.funjio.com
URL: https://insurance.funjio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ce583e2c226b57b30e9936ad548be91a6d71b411c4703dbc9f65eb006471110

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insurance.funjio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 05:29:57 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3558
x-xss-protection: 0
server: sffe
etag: "1638836469"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 08 Aug 2023 07:29:57 GMT

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 243ms
119ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://insurance.funjio.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 05:30:43 GMT
x-content-type-options: nosniff
age: 259154
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7748
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 04 Aug 2024 05:30:43 GMT

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.6.1/fonts/ 69 KB
70 KB 123ms
76ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.6.1/fonts/fontawesome-webfont.woff2?v=4.6.1

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3ebb498192527b985939ae62cc4e5eb5c108efc1896184126b45d866868e73d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/font-awesome.min.css
Origin: https://insurance.funjio.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 05:29:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 860
age: 62553
cdn-cachedat: 07/06/2023 22:32:01
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 70728
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: "926c93d201fe51c8f351e858468980c3"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 985caf4caf7736fac5c2aef94f3cce68
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 7f355d55fde6bb80-FRA
cdn-requestpullsuccess: True

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 251ms
127ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://insurance.funjio.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 17:52:03 GMT
x-content-type-options: nosniff
age: 214674
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 04 Aug 2024 17:52:03 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 264ms
141ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://insurance.funjio.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 19:33:17 GMT
x-content-type-options: nosniff
age: 295000
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Aug 2024 19:33:17 GMT

GET
BLOB 206
Partial Content 75b864fb-d33b-4d37-9e52-c48e2f50b8ee
https://insurance.funjio.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://insurance.funjio.com/75b864fb-d33b-4d37-9e52-c48e2f50b8ee
Requested by: Host: insurance.funjio.com
URL: https://insurance.funjio.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 345 KB
120 KB 153ms
50ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: services.brid.tv
URL: https://services.brid.tv/player/build/brid.outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9cc8c89436c57b5812f3d1ad26420a90f2102682d5e262dc289a1214c9010204

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insurance.funjio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 05:29:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121802
x-xss-protection: 0
expires: Tue, 08 Aug 2023 05:29:57 GMT

GET
H3 200 26777.json Show response
services.brid.tv/services/unit/ 4 KB
2 KB 255ms
210ms XHR
application/json 143.204.98.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://services.brid.tv/services/unit/26777.json
Requested by: Host: services.brid.tv
URL: https://services.brid.tv/player/build/brid.outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 143.204.98.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-88.fra50.r.cloudfront.net
Software: Apache /
Resource Hash: 7b83ce067b6ea6c3b6885aa3b319dac766c3feacae2bc785933f1c609365a758

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insurance.funjio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 05:29:57 GMT
content-encoding: br
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: FRA50-C1
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=86400
access-control-allow-headers: origin, x-requested-with, content-type, accept
x-amz-cf-id: Kixb5T2v4seY1dOGFTI-HW_5vg9EnwhyG_wuNYJPDN7wnB6qNzFUPg==
x-served-by: i-02aae70f008fa047c

GET
H2 404 banner Show response
ads-bitcoin.com/codes/ Frame D863 2 KB
1 KB 486ms
376ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ads-bitcoin.com/codes/banner?rcd=MTU1
Requested by: Host: insurance.funjio.com
URL: https://insurance.funjio.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a73f42ab9a1e99996383c601c1c82c8d1a105d64383e6a38f55277c8cd758502

Request headers

Referer: https://insurance.funjio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7f355d5839263733-FRA
content-encoding: br
content-type: text/html
date: Tue, 08 Aug 2023 05:29:58 GMT
last-modified: Thu, 29 Sep 2022 13:31:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eRcjsv19hUHcNs0LX39CsiaI%2Fo7qoyek3CTMWJE%2FOqj3q5jCv%2BY6KbgTDRfhTO6reJWedFEOIP7KByHLljvpvOo5llpf9fNUW%2F3EpsytrVjZWPPoV%2FW5dr4B2IATgGCscBdmGzMhOKvQYH25EN0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK ptp.php Show response
traffic2bitcoin.com/ Frame EFB9 3 KB
3 KB 519ms
176ms Document
text/html 92.204.136.218
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://traffic2bitcoin.com/ptp.php?ref=narahari24&type=as&sitetype=1
Requested by: Host: insurance.funjio.com
URL: https://insurance.funjio.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 92.204.136.218 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),
Reverse DNS: ns1007988.ip-92-204-136.us
Software: Apache /
Resource Hash: c4831ee6a21e6b1243cefa0dede23f24d47e234532fcd3194a4915e778b68051

Request headers

Referer: https://insurance.funjio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Tue, 08 Aug 2023 05:29:58 GMT
Keep-Alive: timeout=3, max=200
Server: Apache
Transfer-Encoding: chunked

GET
H/1.1

200
OK

jads2.js Show response
poweredby.jads.co/js/
Redirect Chain

https://poweredby.jads.co/js/jads.js
https://poweredby.jads.co/js/jads2.js

4 KB
2 KB

45ms
45ms

Script
application/x-javascript

185.94.236.253
MOJHOST-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://poweredby.jads.co/js/jads2.js
Requested by: Host: insurance.funjio.com
URL: https://insurance.funjio.com/
Protocol: HTTP/1.1
Server: 185.94.236.253 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software: nginx /
Resource Hash: 5ad0b5133e45b32908a388c8c6dcfca2c23d1d9d3e2ed6a839a742bab1ffde51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insurance.funjio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 05:29:57 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Apr 2023 20:12:17 GMT
Server: nginx
ETag: W/"6442ee21-eae"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Connection: close

Redirect headers

Location: jads2.js
Date: Tue, 08 Aug 2023 05:29:57 GMT
Server: nginx
Connection: keep-alive
Content-Length: 178
Content-Type: text/html

GET
H2 200 1883516 Show response
meo257na3rch.com/get/ 6 KB
2 KB 43ms
43ms Script
text/javascript 62.122.171.6
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://meo257na3rch.com/get/1883516?zoneid=1883516&jp=_clcuk1c6umey8oqm1tj4sj&nojs=0&ix=0&abvar=0&febuild=1.0.127&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&ss=1&ls=1&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&freq=0&cid=4614451975531627&sp=1
Requested by: Host: meo257na3rch.com
URL: https://meo257na3rch.com/lv/esnk/1883516/code.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 62.122.171.6 , United States, ASN50245 (SERVEREL-AS, US),
Reverse DNS: 62.122.171.6.serverel.net
Software: nginx /
Resource Hash: 635a83c473e5248a4fc3d660fc27f09ce8649fda60039ccf92b0f2c044045ddf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insurance.funjio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 05:29:57 GMT
content-encoding: gzip
server: nginx
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
x-route-id: config
timing-allow-origin: *

GET
H2 200 1861823 Show response
berlipurplin.com/get/ 6 KB
2 KB 42ms
41ms Script
text/javascript 62.122.171.6
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://berlipurplin.com/get/1861823?zoneid=1861823&jp=_clayk3pk9c73sq0m5w0n8o&nojs=0&ix=0&abvar=0&febuild=1.0.127&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&ss=1&ls=1&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&freq=0&cid=1236752254992539&sp=1
Requested by: Host: berlipurplin.com
URL: https://berlipurplin.com/lv/esnk/1861823/code.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 62.122.171.6 , United States, ASN50245 (SERVEREL-AS, US),
Reverse DNS: 62.122.171.6.serverel.net
Software: nginx /
Resource Hash: 9142409cc08053f74ad52905dbdd8fd5c42e0fe6fd0cdfcd708953b1da98b74c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insurance.funjio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 05:29:57 GMT
content-encoding: gzip
server: nginx
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
x-route-id: config
timing-allow-origin: *

GET
H2 200 prebid.js Show response
cdn.hooliganmedia.com/prebid/ 213 KB
213 KB 43ms
42ms Script
text/javascript 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.hooliganmedia.com/prebid/prebid.js

Requested by

Host: cdn.hooliganmedia.com
URL: https://cdn.hooliganmedia.com/hmads0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

7bf1c238f5fbd29b9e0bfcea7f89e98d9a96f8696dd832401d22545237864a0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insurance.funjio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 05:29:57 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Sun, 23 Apr 2023 09:05:42 GMT
x-amz-request-id: tx00000000000005fbebbc0-0064d1c7c3-71719aaa-nyc3c
etag: "fd2873dbf561cb503a5722bd6a392011"
x-envoy-upstream-healthchecked-cluster
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1691472597.dop106.fr8.t,1691472597.cds236.fr8.hn,1691472597.cds320.fr8.c
content-type: text/javascript
cache-control: max-age=766
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 218108

GET adshow.php
poweredby.jads.co/ Frame C860 0
0

GET
H/1.1 200
OK adshow.php Show response
poweredby.jads.co/ Frame 1915 4 KB
2 KB 403ms
315ms Document
text/html 185.94.236.253
MOJHOST-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://poweredby.jads.co/adshow.php?adzone=953252
Requested by: Host: poweredby.jads.co
URL: https://poweredby.jads.co/js/jads.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.94.236.253 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software: nginx / PHP/5.6.40
Resource Hash: 63f3299bacfc8a15fbac6b6a8badaa92f6e08c16a4ad8bff45dc5983b81588ce

Request headers

Referer: https://insurance.funjio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: close
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Tue, 08 Aug 2023 05:29:58 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Server: nginx
Transfer-Encoding: chunked
X-Powered-By: PHP/5.6.40

GET adshow.php
poweredby.jads.co/ Frame 5B07 0
0

GET
H/1.1 200
OK adshow.php Show response
poweredby.jads.co/ Frame 0174 4 KB
2 KB 891ms
805ms Document
text/html 185.94.236.253
MOJHOST-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://poweredby.jads.co/adshow.php?adzone=953115
Requested by: Host: poweredby.jads.co
URL: https://poweredby.jads.co/js/jads.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.94.236.253 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software: nginx / PHP/5.6.40
Resource Hash: 9c37d492620e96f3a6200f24fda883760344af15e9a36ba95fbf34f076301a8c

Request headers

Referer: https://insurance.funjio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: close
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Tue, 08 Aug 2023 05:29:58 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Server: nginx
Transfer-Encoding: chunked
X-Powered-By: PHP/5.6.40

GET
H2 200 3a7242cfc6d9619a17a0eef5018e36e302b2bcec.gif
cdn.bncloudfl.com/bn/3a7/242/cfc/ Frame 16E5 187 KB
188 KB 187ms
87ms Image
image/gif 2606:4700:3037::6815:233e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bncloudfl.com/bn/3a7/242/cfc/3a7242cfc6d9619a17a0eef5018e36e302b2bcec.gif
Requested by: Host: insurance.funjio.com
URL: https://insurance.funjio.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:233e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da0ffa63079627cbe72ed3420fff6a9b1f3085ad689b309f0e16ca5ed10f5a0d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Tue, 08 Aug 2023 05:29:57 GMT
x-openstack-request-id: txd608a08a05c6465eb4f49-0064410832
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 36442
alt-svc: h3=":443"; ma=86400
content-length: 191939
x-trans-id: txd608a08a05c6465eb4f49-0064410832
last-modified: Thu, 20 Apr 2023 09:37:28 GMT
server: cloudflare
etag: 59a0cb8af1b4102e25215b603dd81b00
vary: Accept-Encoding
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type: image/gif
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QW70n1nKV6vyrl2XhLbtmKqoRc3tukBZTtz1nAkoUv%2FiE%2BIU9xoa3%2F%2FflMOj67aTJyXVcO%2BOUsxXikBSN1HtRLLuVnB%2FPjl8U09rDrRCpOL23rqu%2FFM15xFTYQbmXKjlNqQuVpi7WteoeRD5qnXcsw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-timestamp: 1681983447.59451
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 7f355d5928031983-FRA
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
expires: Wed, 09 Aug 2023 19:22:35 GMT

GET
H2 200 3a7242cfc6d9619a17a0eef5018e36e302b2bcec.gif
cdn.bncloudfl.com/bn/3a7/242/cfc/ Frame 6B31 187 KB
189 KB 116ms
47ms Image
image/gif 2606:4700:3037::6815:233e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bncloudfl.com/bn/3a7/242/cfc/3a7242cfc6d9619a17a0eef5018e36e302b2bcec.gif
Requested by: Host: berlipurplin.com
URL: https://berlipurplin.com/lv/esnk/1861823/code.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:233e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da0ffa63079627cbe72ed3420fff6a9b1f3085ad689b309f0e16ca5ed10f5a0d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Tue, 08 Aug 2023 05:29:57 GMT
x-openstack-request-id: txd608a08a05c6465eb4f49-0064410832
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 36442
alt-svc: h3=":443"; ma=86400
content-length: 191939
x-trans-id: txd608a08a05c6465eb4f49-0064410832
last-modified: Thu, 20 Apr 2023 09:37:28 GMT
server: cloudflare
etag: 59a0cb8af1b4102e25215b603dd81b00
vary: Accept-Encoding
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type: image/gif
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TWwPs9CVtIV%2F%2FFwnv7b%2FNwrYVe%2BJaINl%2Fn7fMq%2Fy5vuKq4pJDRvVo1%2Ff4Q4h0PwJde55TykbDsOITkZfs%2FHQd6oqBvgWrvUBNCbSpxOLsRFkdlKYq%2Bn5cKVgPL%2BD60W4uYXVg%2F9RZ22oPo4mu4rXhg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-timestamp: 1681983447.59451
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 7f355d5928041983-FRA
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
expires: Wed, 09 Aug 2023 19:22:35 GMT

POST
H/1.1 200
OK get_domain_status Show response
publishers.hooliganmedia.com/users/ 32 B
577 B 661ms
247ms Fetch
text/html 24.199.69.252
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://publishers.hooliganmedia.com/users/get_domain_status
Requested by: Host: cdn.hooliganmedia.com
URL: https://cdn.hooliganmedia.com/hmads0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 24.199.69.252 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 27ee0dbc552e93ec94a7c0e2ad33e05827f44dd23dae5673b4f840c79dcc02ba

Request headers

Referer: https://insurance.funjio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Tue, 08 Aug 2023 05:29:58 GMT
Server: Apache/2.4.29 (Ubuntu)
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://insurance.funjio.com
Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Access-Control-Allow-Headers: Content-Type
Content-Length: 32
Keep-Alive: timeout=5, max=100
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 index.php Show response
display.jalewaads.com/display/ Frame 1E59 7 KB
3 KB 135ms
135ms Document
text/html 147.182.222.211
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://display.jalewaads.com/display/index.php?page=query/items/&aduid=3037&pid=1252&width=300&height=250&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=325&page_data=452b6c89586dbc4656823838b59b5622&time=1691472597&deliver=insurance.funjio.com&search_keywords=YOUR%20KEYWORDS%20HERE&page_referrer=aHR0cHM6Ly9pbnN1cmFuY2UuZnVuamlvLmNvbS8=&page_title=Insurance%20Policy&meta_description=YOUR%20DESCRIPTION%20HERE
Requested by: Host: display.jalewaads.com
URL: https://display.jalewaads.com/display/items.php?3037&1252&300&250&4&0&0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 147.182.222.211 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 736357.cloudwaysapps.com
Software: nginx /
Resource Hash: 676792b65db36c91bee7ce25be7603cf200c95c5038e3cffdee1990255bcaf0b

Request headers

Referer: https://insurance.funjio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
content-encoding: gzip
content-length: 2433
content-type: text/html; charset=UTF-8
date: Tue, 08 Aug 2023 05:29:57 GMT
server: nginx
vary: Accept-Encoding
x-cache: MISS

GET
H2 200 brid.oscontrols.min.js Show response
p.brid.tv/player/build/plugins/oscontrols/1.0.8/ 27 KB
7 KB 73ms
52ms Script
application/javascript 143.204.98.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.brid.tv/player/build/plugins/oscontrols/1.0.8/brid.oscontrols.min.js
Requested by: Host: services.brid.tv
URL: https://services.brid.tv/player/build/brid.outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-88.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c2b583f12f7ce19dd87d2cabe47632faf5220a0bb2554483470334b209472a98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insurance.funjio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 14:05:27 GMT
content-encoding: br
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
last-modified: Wed, 02 Aug 2023 12:10:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 55472
x-amz-server-side-encryption: AES256
etag: W/"a34177b23d9bba45809ead370df78027"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000, public, immutable
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: t8FvgZb4UHpjdGkwLsCRPplXQdRAg3TlM5XynoKC2NrKJStxGZIF4A==

GET
H2 200 brid.gima.min.js Show response
p.brid.tv/player/build/plugins/gima/1.1.120/ 117 KB
30 KB 65ms
45ms Script
application/javascript 143.204.98.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.brid.tv/player/build/plugins/gima/1.1.120/brid.gima.min.js
Requested by: Host: services.brid.tv
URL: https://services.brid.tv/player/build/brid.outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-88.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b6b497673eb829e46c2980a5a2d1902ea526dc53b2869775f01e53d13f877184

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insurance.funjio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 14:05:19 GMT
content-encoding: gzip
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
last-modified: Thu, 03 Aug 2023 14:05:05 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 55480
x-amz-server-side-encryption: AES256
etag: W/"9289489780983260dedd103411b62d10"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000, public, immutable
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: VfO_kGUiAagvjpC8PNA3dR3kroznOV7BZI0X6CWQx_2xCswIuFKx-w==

GET
H2 200 brid.googleanalytics.min.js Show response
p.brid.tv/player/build/plugins/googleanalytics/2.0.2/ 18 KB
3 KB 58ms
40ms Script
application/javascript 143.204.98.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.brid.tv/player/build/plugins/googleanalytics/2.0.2/brid.googleanalytics.min.js
Requested by: Host: services.brid.tv
URL: https://services.brid.tv/player/build/brid.outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-88.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2c13379cb86fcf8bd8d913c0be2c98a7fd5ea7a6c110ca1a44f4595876112830

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insurance.funjio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 14:26:14 GMT
content-encoding: br
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
last-modified: Mon, 17 Jul 2023 09:10:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 54225
x-amz-server-side-encryption: AES256
etag: W/"6d297a8ed446d5968a9403f27cf70995"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000, public, immutable
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 4c9ElgKWy77jNpyI4yu7wIMZ3zyc3PDRXEdeDQ_RN0KvyU6OZW1R_w==

GET
H3 200 authorization.css
www.blogger.com/dyn-css/ 1 B
43 B 145ms
144ms Stylesheet
text/css 2a00:1450:4001:831::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=2167522243462099664&zx=3f2ef8b9-5333-4105-8dbd-1ee803bf8ef1

Requested by

Host: insurance.funjio.com
URL: https://insurance.funjio.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insurance.funjio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date: Tue, 08 Aug 2023 05:29:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 08 Aug 2023 05:29:58 GMT
server: GSE
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jquery.min.js Show response
display.jalewaads.com/display/js/ Frame 1E59 243 KB
71 KB 117ms
116ms Script
application/javascript 147.182.222.211
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://display.jalewaads.com/display/js/jquery.min.js
Requested by: Host: display.jalewaads.com
URL: https://display.jalewaads.com/display/index.php?page=query/items/&aduid=3037&pid=1252&width=300&height=250&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=325&page_data=452b6c89586dbc4656823838b59b5622&time=1691472597&deliver=insurance.funjio.com&search_keywords=YOUR%20KEYWORDS%20HERE&page_referrer=aHR0cHM6Ly9pbnN1cmFuY2UuZnVuamlvLmNvbS8=&page_title=Insurance%20Policy&meta_description=YOUR%20DESCRIPTION%20HERE
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 147.182.222.211 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 736357.cloudwaysapps.com
Software: nginx /
Resource Hash: 0047f2b4e58d50cd286045db5a9a694d843c551e96e92f7bcd10bf2e111149f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://display.jalewaads.com/display/index.php?page=query/items/&aduid=3037&pid=1252&width=300&height=250&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=325&page_data=452b6c89586dbc4656823838b59b5622&time=1691472597&deliver=insurance.funjio.com&search_keywords=YOUR%20KEYWORDS%20HERE&page_referrer=aHR0cHM6Ly9pbnN1cmFuY2UuZnVuamlvLmNvbS8=&page_title=Insurance%20Policy&meta_description=YOUR%20DESCRIPTION%20HERE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 05:29:58 GMT
content-encoding: gzip
last-modified: Fri, 24 Feb 2023 12:25:24 GMT
server: nginx
etag: W/"63f8acb4-3cd47"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 data.png
dashboard.jalewaads.com/images/ Frame 1E59 931 B
1 KB 352ms
111ms Image
image/png 157.230.222.159
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dashboard.jalewaads.com/images/data.png
Requested by: Host: display.jalewaads.com
URL: https://display.jalewaads.com/display/index.php?page=query/items/&aduid=3037&pid=1252&width=300&height=250&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=325&page_data=452b6c89586dbc4656823838b59b5622&time=1691472597&deliver=insurance.funjio.com&search_keywords=YOUR%20KEYWORDS%20HERE&page_referrer=aHR0cHM6Ly9pbnN1cmFuY2UuZnVuamlvLmNvbS8=&page_title=Insurance%20Policy&meta_description=YOUR%20DESCRIPTION%20HERE
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.230.222.159 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 1010700.cloudwaysapps.com
Software: nginx /
Resource Hash: f65dd0ed5ab0097e2cb276b346ccfaddb2a9134c9278af39c6a24cd821fce06f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://display.jalewaads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 05:29:58 GMT
last-modified: Thu, 01 Jun 2023 01:51:17 GMT
server: nginx
etag: "6477f995-3a3"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 931

GET
H2 200 11-icon-1677767512.png
dashboard.jalewaads.com/upload/credit/ Frame 1E59 4 KB
4 KB 120ms
111ms Image
image/png 157.230.222.159
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dashboard.jalewaads.com/upload/credit/11-icon-1677767512.png
Requested by: Host: display.jalewaads.com
URL: https://display.jalewaads.com/display/index.php?page=query/items/&aduid=3037&pid=1252&width=300&height=250&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=325&page_data=452b6c89586dbc4656823838b59b5622&time=1691472597&deliver=insurance.funjio.com&search_keywords=YOUR%20KEYWORDS%20HERE&page_referrer=aHR0cHM6Ly9pbnN1cmFuY2UuZnVuamlvLmNvbS8=&page_title=Insurance%20Policy&meta_description=YOUR%20DESCRIPTION%20HERE
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.230.222.159 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 1010700.cloudwaysapps.com
Software: nginx /
Resource Hash: 5113ba7ee14208ef778664254a85eb1110a228827001b437bef863079f19add3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://display.jalewaads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 05:29:58 GMT
last-modified: Thu, 01 Jun 2023 01:51:19 GMT
server: nginx
etag: "6477f997-e3a"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 3642

GET
H2 200 chicken.gif
berlipurplin.com/ Frame 6B31 43 B
617 B 43ms
41ms Image
image/gif 62.122.171.6
SERVEREL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://berlipurplin.com/chicken.gif?z=1861823&pb=d9ae5a6bd8faf41270904dbadb4a29ce1691479797&psp=VwjYzK7M07EkTy72TWZUE3N8EGwjCA4wNGmPj1O7Vg9I7V6O1u6B8g3SaEr9hGE1L7cf5Yn9udiVCZC3dB-ognBOOWhC6M8tjUhciUlyzbmzTKqjqA-qIbEjOnDL7lVi8n3mgi3OWwYgqHgGjZdHrDxI6Tq2pchAg27kNvVdPtJLhI6_l90RLbhBk9eN9xxPEEg9czw7nIcFYhMAooVPyA8ci5V6mtHSUSyLrrJv_OcYWNZu8gxtziyWEaQmZAwzoB9ZWMuxQ3QSkMGjsvyDLVf5vCJqX8MwBKlyDJIfEZLHUaV6AdWxwMg9TIE0KIrV_baMTElevoLHuu4KbUomqoOwonUZGzaCSkKRVKAiOE3eHl9m8DgEdVS4voEo_WzBx7FqiiBYMqftEj_Rhu_qR8l8Ep8JubcBYvfO8FhlzKz7zeqU0-m08hHqKc2xzYJBavJAtoJKjPiJsraap0E8F0468tZbh1jnLMF6H1gWvGnDFbZctF1xqJkWhK_Qi40vxW146p_CdDYgXpOKJbzc7U9RzrDDQgPawH2Z11CpbWExYolJ0DoWOXL-lcSiUDPbg5G2WQN6vPwBnwxzVtaieV1O9oEUaMj9JlMVcvkM28YIqSaSGH-cMK8jexjgkoDlvZ1jyOJJpUztza7oiq8CggqI189mKp3H9LGApHLoXA1h33J1-F3_oJq-0cQG2vf0xdrPcZiggyL4JNQHS4X32sexfNbP-U9n7XyopZ4YozBZ7Vkkn4sZCp9iIC3rVkfsOjMCKeyZPXKfNN4cKWv_yx3M79k_LtAu-6HCQOChb6mgTaYjNZzDFWwcdqQL-ObjG0AodxgBF1juwWVvIFcUVlR0Z--b_8hFOILVnIbAMXom01xN7bVfLDnJWyP8z0HwllAuBL1dFmdcobIIIwLiuMXSYMVCuAPj6wjeal008Dbz7Yukgsna8SJAN6eLZ7CcV1FjF3V7fkjDEr567g5i1NPI0sjaOnM9l5DV9O7gcLCtSTG8KxbypNR2tAdx1SghkocaF6WEeyKQhvQiWNYBjcbOLJpAmOzK1M0m5d9YwotbpdZldJWIruT7k_tUpEplrfYXLxfRTEb9q-IH5LhHLueZgTCS4zC4Qk_wDlOH-8QU3xNDR8AsB2iznWDc_7XI4vFxZUl9OdLkgWIjr6-PGNu3JWIumhmo1c6d9MGpIcRRApgx7-eQBhpHcDQ3g9f9SBHC1O0dTiUMJ-2kM5rOXyjroi68Vviwkr7mrOxFyE3mI3qpPZuRAg==&im=1&abvar=0&febuild=1.0.127&os=0&pload=266
Requested by: Host: insurance.funjio.com
URL: https://insurance.funjio.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 62.122.171.6 , United States, ASN50245 (SERVEREL-AS, US),
Reverse DNS: 62.122.171.6.serverel.net
Software: nginx /
Resource Hash: 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 05:29:58 GMT
x-route-id: stats.impression
server: nginx
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
timing-allow-origin: *
content-length: 43
content-type: image/gif

GET
H2 200 chicken.gif
meo257na3rch.com/ Frame 16E5 43 B
617 B 51ms
49ms Image
image/gif 62.122.171.6
SERVEREL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://meo257na3rch.com/chicken.gif?z=1883516&pb=d9ae5a6bd8faf41270904dbadb4a29ce1691479797&psp=x2wkyp8bD6SPoXUQw--uOA3FbyjPH1ysBGGvil_kcmjNLn7hpTC6TNwyrmemXfqwhQ7ZvmClgS_KwtyD6vdtLXrKjFDgVrsbmAu74f4hee3GOCnXjKZZtXGQN34TQmaaSLtA9DV9pp1nqB2xPsPYmUcLx5zM_U0maAzfuRLVvRaxsgtk2v700wACiEYJ8r24AHI_KWLXIn7CTPJu4tK_vyhvZfdZN3-tVFR6HBSFJgCwLjKdWCLEpdaakr8r1u4mIheuWkauxDw6JitRpaL1wYoKb_O8rkAVetgAOXpCzcDJ7Wr6RLe-NCAxpjGb7RYADR7EQdgq3v-YkhiKax65lUJ6Ea7OI3nYQ9OIqHlZDTPYqEYSHeyTL-5mXaYKTh7Vo66Bi-4oBvHZW34GDx0hdW-A0aoJge61CxfBka1r4DlC5v7RtVcycJ9FZznl1-3L2R4rrWYUq-U70Cn7UPzx6RbOgPtgnuww0ksTX2XJfq1pdbcx3VLBdZHx-AGHJUHBs5P2SxcjZjgsrh0L6Kf8bt6N8FlTAOQpRtdxD8wFmPAAYUhaGxy1Q8A6rjRsBe_CTS5PuHbSSY_RNX5HdU7ihZk1465GkdtK-IqGwEGkU4FwoPNbRuFSvCITMdAYLiPD_yjUX_XhxakBBKP7HZZ3pZq985K_Q3lsZTwQuuxo8WHMExcveyYUq5umQERoYFehxHrTaTUsOeFqkyiawuQAvELJBMoxvvFgZoHrDhsiaQfkqH47IL1HthJDNueEDtDhu4WCRwldW2IQIyLRs-DM7TiPT_8-4Srf260rVcma4V5hfpKU-eG-K9TWVpceAgGpYSOPgQqRuP8DblXUFX04tvKA0fh2dXv20hXXHKogMuA-YXtZ2kuodiAiEEfwPl3_Nd750Y7yPIc0hhzdlkYCLjWgEJ4Ogbk-okONV_nazMzRAe6_JLVCB775otwJ7ltVOFNH7SYoC5VqavC5jw8rq-BMFrwMsGJAFWBH78IAyOtUO7PSGW-ncTmraW4O3GUv_TLXffZsg7pRdxHT1kr48t-lcQ8lxwbp17j_THkgp8A5u7oQPykcSeg2ih8Z3iagAGXN6xFobbQCrOAp7e9oDtxAcrOu81r9U983Zx5sqXBVo4U2Cp-V_PvTDOUZvZ7yBNvPCd1QqxsfYDOYz67sJ2gBW3adfmT4koA2JEW1CAgrMLRbjv_KSJ3cEIH-v22-FDLJC_VJgxqTh78G6HmKBAI6wLPA---80YAqhdt7nGFCXMMqzLCh0w==&im=1&abvar=0&febuild=1.0.127&os=0&pload=285
Requested by: Host: insurance.funjio.com
URL: https://insurance.funjio.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 62.122.171.6 , United States, ASN50245 (SERVEREL-AS, US),
Reverse DNS: 62.122.171.6.serverel.net
Software: nginx /
Resource Hash: 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 05:29:58 GMT
x-route-id: stats.impression
server: nginx
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
timing-allow-origin: *
content-length: 43
content-type: image/gif

GET
H2 200 brid.parser.min.js Show response
p.brid.tv/player/build/plugins/parser/1.1.64/ 83 KB
23 KB 47ms
45ms Script
application/javascript 143.204.98.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.brid.tv/player/build/plugins/parser/1.1.64/brid.parser.min.js
Requested by: Host: services.brid.tv
URL: https://services.brid.tv/player/build/brid.outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-88.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1cb27401b4d6a2d21f3bd3304f9855c43e3467887d2d8e89aacf5e9aeb386f7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insurance.funjio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 20:40:08 GMT
content-encoding: br
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
last-modified: Thu, 03 Aug 2023 14:05:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 31791
x-amz-server-side-encryption: AES256
etag: W/"24c1e97967fbbadcf4830114d05be120"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000, public, immutable
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: Oe60jMgAlf_RWw0L1UYMZZd56sbFHT3cFrUmd8i2TXilVZbvTyistg==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 132ms
40ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: p.brid.tv
URL: https://p.brid.tv/player/build/plugins/googleanalytics/2.0.2/brid.googleanalytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insurance.funjio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 08 Aug 2023 03:49:45 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6013
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 08 Aug 2023 05:49:45 GMT

GET bridge3.584.2_en.html
imasdk.googleapis.com/js/core/ Frame CFD7 0
0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 160ms
49ms Script
text/javascript 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insurance.funjio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 05:29:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 08 Aug 2023 05:29:58 GMT

GET
H2 200 ping.gif
stats-dev.brid.tv/ 0
361 B 133ms
40ms Image
image/gif 13.224.189.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats-dev.brid.tv/ping.gif?p=17595&pr=o&dp=d&b=c&pid=26777&s=480|320&apa=1&df=0&os=w&m=0&ow=18643&e=l&v=o.1.0
Requested by: Host: insurance.funjio.com
URL: https://insurance.funjio.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-82.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insurance.funjio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 01:38:55 GMT
via: 1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront)
last-modified: Tue, 04 Dec 2018 09:25:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 13864
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 0
x-amz-cf-id: qvIY8Qd_m2xT-QITcX3DPS6WW8Vua64moWp5vR9h2vKLJWsFMk26MQ==

GET omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 3F60 0
0

GET
H2 200 1x1.gif
i.jads.co/ Frame 1915 27 KB
27 KB 152ms
43ms Image
image/jpeg 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.jads.co/1x1.gif
Requested by: Host: poweredby.jads.co
URL: https://poweredby.jads.co/adshow.php?adzone=953252
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 3d4610a2ab69d08e54685d0d3cfcf03ec663bacff8cc89a1e0a2904a7769e641

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poweredby.jads.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 05:29:58 GMT
last-modified: Thu, 03 Nov 2016 21:36:07 GMT
etag: "1478208967"
x-hw: 1691472598.dop160.fr8.t,1691472598.cds338.fr8.hn,1691472598.cds257.fr8.c
content-type: image/jpeg
cache-control: max-age=28805098
accept-ranges: bytes
content-length: 27460

GET
H2 200 bootstrap.min.css
ads-bitcoin.com/cgi-sys/css/ Frame D863 13 KB
3 KB 48ms
47ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ads-bitcoin.com/cgi-sys/css/bootstrap.min.css
Requested by: Host: ads-bitcoin.com
URL: https://ads-bitcoin.com/codes/banner?rcd=MTU1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b08a2fa2b897efa1b9d4ea531eb28b1f9f216eadd299cb115a1121e266a4480b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads-bitcoin.com/codes/banner?rcd=MTU1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 05:29:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 08 Oct 2022 19:06:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3575
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oh7D55hP1vsSgh9l5IbaVaWw37ZUcWz82lEbcnV%2BEZXQRrALpAZCMlN6V%2BLCqbf8t2OlFaX2cSF2biuMLCKaVEQ5w0E5TmPK7P%2Fp6DcJGd7d9FZyg%2F8uSTwNyAB0N6x4oMaa3OinpT9WNns9OB0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7f355d5acbcc3733-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 fonts.css
ads-bitcoin.com/cgi-sys/css/ Frame D863 2 KB
661 B 49ms
48ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ads-bitcoin.com/cgi-sys/css/fonts.css
Requested by: Host: ads-bitcoin.com
URL: https://ads-bitcoin.com/codes/banner?rcd=MTU1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6679c97affbc96b5471593bfc580138ce4c09bd274145d6d4e8c55a53939573

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads-bitcoin.com/codes/banner?rcd=MTU1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 05:29:58 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 29 Sep 2022 13:31:41 GMT
server: cloudflare
age: 3575
cf-polished: origSize=2674
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=waB7Ny4UmGyyvTHDxITOgvq1awRYYCI0Rw0vPg%2F4N2h9ilYUspfIX9Vg7IHNfwxwVmWn3V6NXv5RcitkrPyyN%2BBk701YHMjDqFtVH5FfqKou%2FKgu7RWGsJfxmdj1Ca6qjD0QJsHv8hFZrdsPo8g%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7f355d5adbce3733-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 custom_404.css
ads-bitcoin.com/cgi-sys/css/ Frame D863 565 B
570 B 50ms
49ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ads-bitcoin.com/cgi-sys/css/custom_404.css
Requested by: Host: ads-bitcoin.com
URL: https://ads-bitcoin.com/codes/banner?rcd=MTU1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 524e2cb7e390002a9877923512182655a7a4b512a475b5d4146761f77fd241ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads-bitcoin.com/codes/banner?rcd=MTU1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 05:29:58 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 29 Sep 2022 13:31:40 GMT
server: cloudflare
age: 3575
cf-polished: origSize=807
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Js4IUGj4mB8iEQrxtnt2vnXwenXCvg%2Bg%2FouvpAKypTrYcablMkne5P9004l5pRMqzig6PMBTcBIjvG2WGOOtb2onKsC1yOZVREfbR17hJsva3vnmVP4ibrKFKqicTtzds9u9LgeFS2OjAa4HAYY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7f355d5adbd13733-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 logo-hostgator.svg
ads-bitcoin.com/cgi-sys/images/ Frame D863 14 KB
5 KB 379ms
379ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads-bitcoin.com/cgi-sys/images/logo-hostgator.svg
Requested by: Host: ads-bitcoin.com
URL: https://ads-bitcoin.com/codes/banner?rcd=MTU1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75b33be75a492ae62981cc7b7a36803c1ef4ea5dcdc6db43c11071b200c7f78e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads-bitcoin.com/codes/banner?rcd=MTU1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 05:29:58 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 29 Sep 2022 13:31:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C5jg%2BAmeYS2KYGQCjTvadGTLg6VEJnCkYDOkzwqWWTXOd5dV9aZ3bNXZFxNEEbu8xiZ02f3fXxlS5Lbm3yNSHCqSCK%2FSdyNYgzuqGZe076j2izjjk0izsVqSS1yjlIaD8OFtuW3UB21ushSE230%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7f355d5afc033733-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 illustration-404.svg
ads-bitcoin.com/cgi-sys/images/ Frame D863 6 KB
2 KB 378ms
378ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads-bitcoin.com/cgi-sys/images/illustration-404.svg
Requested by: Host: ads-bitcoin.com
URL: https://ads-bitcoin.com/codes/banner?rcd=MTU1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49452f0e40a878f7b9a0ed87721f95843fbd953a2d373ccac53c911f51c929b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads-bitcoin.com/codes/banner?rcd=MTU1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 05:29:58 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sat, 08 Oct 2022 19:06:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iOBaeZSjfOTlzAgTEuXS0bC4tDHHMzwYznqCk0xU40vivYqrdpFNDQxg727z7qJD59xv4DG%2Bs%2FzQSULVMkRwqzGwZ7GSqDzw0HHArzbvHvrtzSdrGJb5d2i3DV39t%2FQTszoLfjz9WeoJgfUGsE4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7f355d5afc043733-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308020101/ 400 KB
127 KB 40ms
38ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308020101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b5eeeb211f2b120bf3f918a06f149d8e975a17a691b59e2108aefcc3d730686

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insurance.funjio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 03:42:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6452
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129448
x-xss-protection: 0
server: cafe
etag: 2615405546215963376
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 07 Aug 2024 03:42:26 GMT

GET
H/1.1 200
OK 41B608301F53.png
banners.mellowads.com/ads/ Frame EFB9 101 KB
101 KB 147ms
46ms Image
image/png 2606:4700:10::6814:31d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banners.mellowads.com/ads/41B608301F53.png
Requested by: Host: traffic2bitcoin.com
URL: https://traffic2bitcoin.com/ptp.php?ref=narahari24&type=as&sitetype=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::6814:31d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b72e22efe9ad74a7907aac3b060922e187e94c2ec34a400c52d4c9c59d828fdf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://traffic2bitcoin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 05:29:58 GMT
CF-Cache-Status: HIT
Cf-Bgj: imgq:100,h2pri
Last-Modified: Wed, 17 Mar 2021 14:39:51 GMT
Server: cloudflare
Age: 1686743
Cf-Polished: origSize=142034
ETag: "68e789633b1bd71:0"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=2678400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7f355d5b9ef61e66-FRA
Content-Length: 103374

GET
H2 200 728x90-3.png
static1.freebitco.in/banners/ Frame EFB9 43 KB
43 KB 139ms
46ms Image
image/webp 104.22.7.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.freebitco.in/banners/728x90-3.png
Requested by: Host: traffic2bitcoin.com
URL: https://traffic2bitcoin.com/ptp.php?ref=narahari24&type=as&sitetype=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.7.169 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ab5eb8e9350691a15053498f7cc3e0da4a76f6b2a0b90d6bf42301035dd8c27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://traffic2bitcoin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 05:29:58 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Mon, 07 Aug 2023 16:14:34 GMT
server: cloudflare
age: 47724
cf-polished: origFmt=png, origSize=60358
vary: Accept
content-type: image/webp
cache-control: max-age=315360000
content-disposition: inline; filename="728x90-3.webp"
accept-ranges: bytes
cf-ray: 7f355d5b895418d9-FRA
content-length: 43640
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 F4832D752BB9.png
mellowads.b-cdn.net/ads/ Frame EFB9 58 KB
58 KB 706ms
347ms Image
image/png 2400:52e0:1a01::899:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mellowads.b-cdn.net/ads/F4832D752BB9.png
Requested by: Host: traffic2bitcoin.com
URL: https://traffic2bitcoin.com/ptp.php?ref=narahari24&type=as&sitetype=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a01::899:1 Los Angeles, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-LA1-899 /
Resource Hash: 624918ed3a5cbb2b9a1fc9fe5f95f296f5269379806cda25f38ba5a521ef3287

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://traffic2bitcoin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 05:29:58 GMT
cf-cache-status: MISS
cdn-edgestorageid: 992
cdn-cachedat: 09/25/2022 19:52:34
cdn-pullzone: 419676
content-length: 59065
last-modified: Tue, 21 Sep 2021 12:35:19 GMT
server: BunnyCDN-LA1-899
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: "93ba9c23e5aed71:0"
content-type: image/png
cdn-cache: HIT
cdn-uid: 5aae3959-a123-4877-a9c8-a7b3eb94fb05
cache-control: max-age=2678400
cdn-requestid: 598040ddbf67950358701359712f4543
accept-ranges: bytes
cf-ray: 75064d0d0aae7c98-LAX
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 UVJBOUhZdmJhSjQ9.js Show response
cdn.adsfcdn.com/js/ Frame EFB9 3 KB
2 KB 148ms
52ms Script
application/javascript 2606:4700:3035::6815:2c75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adsfcdn.com/js/UVJBOUhZdmJhSjQ9.js
Requested by: Host: traffic2bitcoin.com
URL: https://traffic2bitcoin.com/ptp.php?ref=narahari24&type=as&sitetype=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2c75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36d52f89527bab3391154917c16fc40468087f6af7a016b7cf4ab2b4cb00b117

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://traffic2bitcoin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 05:29:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 26 Jul 2022 19:09:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 41743
etag: W/"62e03c03-d7b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yEcqrmx4IlFzg9Cbk2sP9hAQki3cBNwEJXxgSlHcRLdlVRjx%2BaABHnyKzN8xsnm8lDFXh4FF23cEv7pe1qib0W2pEywKcVXNwd6uD84GVTFzoAhu0r0X6Wk7dkrPxwxGiLwCXCaBNaSe2L88%2FeE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 7f355d5b9fe35c1a-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 08 Aug 2023 05:54:15 GMT

GET
H/1.1 200
OK qlt.php Show response
traffic2bitcoin.com/ Frame 8437 0
201 B 186ms
186ms Document
text/html 92.204.136.218
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://traffic2bitcoin.com/qlt.php?ref=narahari24&keycode=7129&type=as&sitetype=1
Requested by: Host: traffic2bitcoin.com
URL: https://traffic2bitcoin.com/ptp.php?ref=narahari24&type=as&sitetype=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 92.204.136.218 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),
Reverse DNS: ns1007988.ip-92-204-136.us
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://traffic2bitcoin.com/ptp.php?ref=narahari24&type=as&sitetype=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Tue, 08 Aug 2023 05:29:58 GMT
Keep-Alive: timeout=3, max=199
Server: Apache
Transfer-Encoding: chunked

GET
H2 200 GetAfpftpJs Show response
adgebra.co.in/afpf/ 6 KB
2 KB 666ms
215ms Script
text/plain 35.207.221.200
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://adgebra.co.in/afpf/GetAfpftpJs?parentAttribute=afpftpPixel_348_1691472598231
Requested by: Host: insurance.funjio.com
URL: https://insurance.funjio.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.207.221.200 Mumbai, India, ASN19527 (GOOGLE-2, US),
Reverse DNS: 200.221.207.35.bc.googleusercontent.com
Software: /
Resource Hash: d8b48b79613daaaf67f86c1e0a530d9a7bfb103b84cfb450ccff83a7c71723d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insurance.funjio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 08 Aug 2023 05:29:57 GMT
content-encoding: gzip
access-control-allow-credentials: true
via: 1.1 google
vary: accept-encoding
content-type: text/plain;charset=UTF-8

GET
H2 200 GalanoGrotesqueAlt-Bold.woff2
ads-bitcoin.com/cgi-sys/fonts/ Frame D863 27 KB
27 KB 420ms
419ms Font
font/woff2 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ads-bitcoin.com/cgi-sys/fonts/GalanoGrotesqueAlt-Bold.woff2
Requested by: Host: ads-bitcoin.com
URL: https://ads-bitcoin.com/cgi-sys/css/fonts.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 895d3b706f2544a11b0b10a78bd36909ed1dddf5099ef83dc91c32b106162a79

Request headers

Referer: https://ads-bitcoin.com/cgi-sys/css/fonts.css
Origin: https://ads-bitcoin.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 05:29:58 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 29 Sep 2022 13:31:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fxICe0nBquz%2F%2FB1gJkhF2s%2FZwtvu6hBlQgTXMdCO8SucADG55ivI4vjThFJGOC3M8pg3tTsRnGPXR7NJBGc1I6SHCfQuYk1dOi5dfSmCwS1yXig2YfSCwhSid4YNWOBWk4X2e8YLsQDkLUdN5GQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7f355d5b2c243733-FRA
alt-svc: h3=":443"; ma=86400
content-length: 27612

GET
H2 200 GalanoGrotesqueAlt-Medium.woff2
ads-bitcoin.com/cgi-sys/fonts/ Frame D863 27 KB
27 KB 378ms
377ms Font
font/woff2 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ads-bitcoin.com/cgi-sys/fonts/GalanoGrotesqueAlt-Medium.woff2
Requested by: Host: ads-bitcoin.com
URL: https://ads-bitcoin.com/cgi-sys/css/fonts.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e8bea61f443e6e81c3d7226a42d5c7f3d1dce19910ab5de3d5b9eebd040b7cd

Request headers

Referer: https://ads-bitcoin.com/cgi-sys/css/fonts.css
Origin: https://ads-bitcoin.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 05:29:58 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 29 Sep 2022 13:31:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kL37YuW5on9PEC2bnVa2Tgpvn7ssMdRdBcz%2B2eRN4XfrZThp1omoMoIWfOrnPJ9dJsheEY%2FgnKlvtqf4VsAw23SmQ2opJAAiPK4XB%2BRwzkB67%2BBRYLBkZLo1Cu%2FU5H1Qs7%2FaGt%2BbnHBnt7tG4D0%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7f355d5b2c263733-FRA
alt-svc: h3=":443"; ma=86400
content-length: 27368

GET
H2 200 GalanoGrotesqueAlt-Light.woff2
ads-bitcoin.com/cgi-sys/fonts/ Frame D863 30 KB
31 KB 388ms
387ms Font
font/woff2 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ads-bitcoin.com/cgi-sys/fonts/GalanoGrotesqueAlt-Light.woff2
Requested by: Host: ads-bitcoin.com
URL: https://ads-bitcoin.com/cgi-sys/css/fonts.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86e810bb90886562664f37698ab2b243e5ccba698711bf51305e13d81ac4575f

Request headers

Referer: https://ads-bitcoin.com/cgi-sys/css/fonts.css
Origin: https://ads-bitcoin.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 05:29:58 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 29 Sep 2022 13:31:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zp6WHZJrhvYnThDldSWRsFNJbFhXW%2FUtByUzfT98mbjcsZOSeKlhyaCgsjYFkJNoix%2B6RDsT5rpAManhlhmUd3fxvO7RjCgyKkHfdCNPyROtMQChm0ULDL%2F3bCnlgv%2BQK92NjEK67lRbySsA%2ByI%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7f355d5b2c273733-FRA
alt-svc: h3=":443"; ma=86400
content-length: 30888

GET
H2 200 1772515 Show response
ad.a-ads.com/ Frame 9C7B 12 KB
5 KB 158ms
58ms Document
text/html 213.239.209.209
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1772515?size=300x250

Requested by

Host: display.jalewaads.com
URL: https://display.jalewaads.com/display/index.php?page=query/items/&aduid=3037&pid=1252&width=300&height=250&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=325&page_data=452b6c89586dbc4656823838b59b5622&time=1691472597&deliver=insurance.funjio.com&search_keywords=YOUR%20KEYWORDS%20HERE&page_referrer=aHR0cHM6Ly9pbnN1cmFuY2UuZnVuamlvLmNvbS8=&page_title=Insurance%20Policy&meta_description=YOUR%20DESCRIPTION%20HERE

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

213-239-209-209.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

d79c10f2287acb67ede5043f959cbf4ef7d62d95ded9d3c824a9010da0c4f67a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://display.jalewaads.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Tue, 08 Aug 2023 05:29:58 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-original-referer: https://display.jalewaads.com/
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
681 B 69ms
69ms XHR
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2414052518190411&correlator=3892919477187948&eid=31068366&output=ldjh&gdfp_req=1&vrg=202308020101&ptt=17&impl=fif&iu_parts=22660461727%2Chm-interstitial&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=547000581&sfv=1-0-40&ists=1&fas=8&sc=1&cookie_enabled=1&abxe=1&dt=1691472598353&lmt=1687902615&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Finsurance.funjio.com%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1244038801.1691472598&ga_sid=1691472598&ga_hid=1714413487&ga_fc=false&dlt=1691472596473&idt=1850&prev_scp=site%3Dfunjio.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3768f48a1d9efacc172a7b02f700e566007e7dfcfda57d6afdaa2d6f54936c40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insurance.funjio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 05:29:58 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 651
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://insurance.funjio.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
4e4176ab5ef58c55be391f15f26d58e7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0947 6 KB
3 KB 196ms
47ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4e4176ab5ef58c55be391f15f26d58e7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://insurance.funjio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 08 Aug 2023 05:29:58 GMT
expires: Wed, 07 Aug 2024 05:29:58 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308020101/ 37 KB
13 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308020101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3096bea163dbf60801bd5377d3aea1b0507281c417aac65911575e5363a5b459

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insurance.funjio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 19:37:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35541
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13149
x-xss-protection: 0
server: cafe
etag: 13367886980652571070
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 06 Aug 2024 19:37:37 GMT

GET
H2 200 whob.gif
meo257na3rch.com/ Frame 16E5 43 B
618 B 44ms
43ms Image
image/gif 62.122.171.6
SERVEREL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://meo257na3rch.com/whob.gif?z=1883516&pb=d9ae5a6bd8faf41270904dbadb4a29ce1691479797&psp=x2wkyp8bD6SPoXUQw--uOA3FbyjPH1ysBGGvil_kcmjNLn7hpTC6TNwyrmemXfqwhQ7ZvmClgS_KwtyD6vdtLXrKjFDgVrsbmAu74f4hee3GOCnXjKZZtXGQN34TQmaaSLtA9DV9pp1nqB2xPsPYmUcLx5zM_U0maAzfuRLVvRaxsgtk2v700wACiEYJ8r24AHI_KWLXIn7CTPJu4tK_vyhvZfdZN3-tVFR6HBSFJgCwLjKdWCLEpdaakr8r1u4mIheuWkauxDw6JitRpaL1wYoKb_O8rkAVetgAOXpCzcDJ7Wr6RLe-NCAxpjGb7RYADR7EQdgq3v-YkhiKax65lUJ6Ea7OI3nYQ9OIqHlZDTPYqEYSHeyTL-5mXaYKTh7Vo66Bi-4oBvHZW34GDx0hdW-A0aoJge61CxfBka1r4DlC5v7RtVcycJ9FZznl1-3L2R4rrWYUq-U70Cn7UPzx6RbOgPtgnuww0ksTX2XJfq1pdbcx3VLBdZHx-AGHJUHBs5P2SxcjZjgsrh0L6Kf8bt6N8FlTAOQpRtdxD8wFmPAAYUhaGxy1Q8A6rjRsBe_CTS5PuHbSSY_RNX5HdU7ihZk1465GkdtK-IqGwEGkU4FwoPNbRuFSvCITMdAYLiPD_yjUX_XhxakBBKP7HZZ3pZq985K_Q3lsZTwQuuxo8WHMExcveyYUq5umQERoYFehxHrTaTUsOeFqkyiawuQAvELJBMoxvvFgZoHrDhsiaQfkqH47IL1HthJDNueEDtDhu4WCRwldW2IQIyLRs-DM7TiPT_8-4Srf260rVcma4V5hfpKU-eG-K9TWVpceAgGpYSOPgQqRuP8DblXUFX04tvKA0fh2dXv20hXXHKogMuA-YXtZ2kuodiAiEEfwPl3_Nd750Y7yPIc0hhzdlkYCLjWgEJ4Ogbk-okONV_nazMzRAe6_JLVCB775otwJ7ltVOFNH7SYoC5VqavC5jw8rq-BMFrwMsGJAFWBH78IAyOtUO7PSGW-ncTmraW4O3GUv_TLXffZsg7pRdxHT1kr48t-lcQ8lxwbp17j_THkgp8A5u7oQPykcSeg2ih8Z3iagAGXN6xFobbQCrOAp7e9oDtxAcrOu81r9U983Zx5sqXBVo4U2Cp-V_PvTDOUZvZ7yBNvPCd1QqxsfYDOYz67sJ2gBW3adfmT4koA2JEW1CAgrMLRbjv_KSJ3cEIH-v22-FDLJC_VJgxqTh78G6HmKBAI6wLPA---80YAqhdt7nGFCXMMqzLCh0w==&im=1&abvar=0&febuild=1.0.127&os=0&pload=285
Requested by: Host: insurance.funjio.com
URL: https://insurance.funjio.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 62.122.171.6 , United States, ASN50245 (SERVEREL-AS, US),
Reverse DNS: 62.122.171.6.serverel.net
Software: nginx /
Resource Hash: 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 05:29:58 GMT
x-route-id: stats.banner.view
server: nginx
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
timing-allow-origin: *
content-length: 43
content-type: image/gif

GET
H2 200 300x250
static.a-ads.com/a-ads-banners/393780/ Frame 9C7B 609 KB
610 KB 50ms
37ms Image
image/gif 213.239.209.209
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/393780/300x250?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/1772515?size=300x250
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 213-239-209-209.clients.your-server.de
Software: nginx /
Resource Hash: 69bce7f8cb253945351434612e6adfe03a1ee23be5c85b391b2792f9a8a4bb14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 05:29:58 GMT
x-amz-version-id: jOXVc8Dekisiq0g3Btd0O0TTMs07O0J4
last-modified: Tue, 31 May 2022 13:36:40 GMT
server: nginx
x-amz-request-id: GFF02Q1YSYD51QPE
etag: "022f5a2fb43fb40ba25ebafe6b68c6b2"
content-type: image/gif
cache-control: max-age=315360000
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 623504
x-amz-id-2: sLrjDFvZL25cRhs2oftvMHOJ9RheSRAVeG7q86TRsw4mXDY3u63dO9ENTjlAqULFpx0u9crfOmQ=
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ Frame 9C7B 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 45-1681857568-0266429001681857568.gif
i.jads.co/network/user1037/ Frame 0174 749 KB
749 KB 41ms
41ms Image
image/gif 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.jads.co/network/user1037/45-1681857568-0266429001681857568.gif
Requested by: Host: poweredby.jads.co
URL: https://poweredby.jads.co/adshow.php?adzone=953115
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 6007836d0e3f2722f34518d33d527ba281754fd0987886b5eb3ba2fb667441af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poweredby.jads.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 05:29:58 GMT
last-modified: Tue, 18 Apr 2023 22:39:28 GMT
etag: "1681857568"
x-hw: 1691472598.dop160.fr8.t,1691472598.cds338.fr8.hn,1691472598.cds136.fr8.c
content-type: image/gif
cache-control: max-age=21925605
accept-ranges: bytes
content-length: 766723

GET
H2 200 / Show response
cdn.adsfirm.com/iframe/ Frame 1337 42 KB
17 KB 146ms
54ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adsfirm.com/iframe/
Requested by: Host: cdn.adsfcdn.com
URL: https://cdn.adsfcdn.com/js/UVJBOUhZdmJhSjQ9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 246e8b0bbc5119f4d67faf2c6d2f9624a7be89d555e05281e1709a98097f03a5

Request headers

Referer: https://traffic2bitcoin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7f355d5fcec63637-FRA
content-encoding: br
content-type: text/html
date: Tue, 08 Aug 2023 05:29:59 GMT
last-modified: Mon, 13 Jun 2022 08:58:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CM%2BsdDh%2BTAnzmi1XeYVc3bUBF%2FCnbifs2k8KnSUPCAirFel3hf4fvQguRmNOQ2Br1JKbrdIo1aiwL%2FjgXwv2cEqlNH%2BhlSVqgVm%2BhOnjjub3waOfEHmE5PYCUi4IysIXWjWYLwQOb5lvlRBpj%2FI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 afphChild.js Show response
adgebra.co.in/afph/ 4 KB
2 KB 215ms
215ms Script
application/javascript 35.207.221.200
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://adgebra.co.in/afph/afphChild.js?p1=3298&p2=0&p3=0&rnd=23080805
Requested by: Host: adgebra.co.in
URL: https://adgebra.co.in/afpf/GetAfpftpJs?parentAttribute=afpftpPixel_348_1691472598231
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.207.221.200 Mumbai, India, ASN19527 (GOOGLE-2, US),
Reverse DNS: 200.221.207.35.bc.googleusercontent.com
Software: /
Resource Hash: 42cdcdb769ea227cf6f8f431e83bf096848f20d824d57e3e0c1435a04f8a8943

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insurance.funjio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 05:29:58 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 09 Jan 2023 16:39:10 GMT
accept-ranges: bytes
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type: application/javascript

GET
DATA 200
OK truncated
/ Frame 1337 505 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6c42dd792f7ea62abcb52e60fe3627394cc5c27d5dfbea9a99dbb5ca815638d8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 imp Show response
cdn.adsfirm.com/ad/ Frame 1337 869 B
966 B 53ms
52ms Fetch
application/json 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adsfirm.com/ad/imp?c=eyJzaWQiOiJjWGM1U0ZJeE5YVlJXRlU5IiwiYmlkIjoiVVZKQk9VaFpkbUpoU2pROSIsInNpemUiOiI3Mjh4OTAiLCJmIjoiMSIsIm4iOiIwIiwiZmlkIjoiMjc5OTA0MWEzNTE1ZmI0OGIxNzJjMTQxZjgwYzBmZGMiLCJ1dWlkIjoiODBlNzBmMWQtMjVkYS00ODU5LWJmMmEtYTliYmMwMTE0MzIwIiwic291cmNlIjoiaHR0cHM6Ly90cmFmZmljMmJpdGNvaW4uY29tL3B0cC5waHA/cmVmPW5hcmFoYXJpMjQmdHlwZT1hcyZzaXRldHlwZT0xIiwicmVmIjoiaHR0cHM6Ly9pbnN1cmFuY2UuZnVuamlvLmNvbSIsInRpbWV6b25lIjowLCJsYW5nIjoiZW4tVVMiLCJwbGF0Zm9ybSI6IldpbjMyIiwic2NyZWVuIjoiMTYwMHgxMjAwIn0=
Requested by: Host: cdn.adsfirm.com
URL: https://cdn.adsfirm.com/iframe/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7795341aaeb51bfe16e294c648df281d7e7e3242c609c84883ecda122441cfd4

Request headers

Referer: https://cdn.adsfirm.com/iframe/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type: application/json

Response headers

date: Tue, 08 Aug 2023 05:29:59 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MlKt2MmGSmhwKb%2BwyKn3Hziv8jsoMcxsegBQ%2FgbCLMDj3k%2B12cek%2B7V8aa2IxH0ydbX3sKFOtwPsIJhKIgeEuRBWfF9KjUq4WGgYNxnugcP7esZ9EmnOyEvPHvfGOTYFcCarOh3i94oemgc1myo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cf-ray: 7f355d609f9c3637-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 5f0be59f6843eaa28b540e8795753ea0.gif
cdn.adsfcdn.com/banner/ Frame 1337 173 KB
174 KB 47ms
46ms Image
image/gif 2606:4700:3035::6815:2c75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.adsfcdn.com/banner/5f0be59f6843eaa28b540e8795753ea0.gif
Requested by: Host: insurance.funjio.com
URL: https://insurance.funjio.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2c75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ebe2460f2d9a505b5b2bbc1ac1226c9b6e7c0e56239a1a62e9228a7cd4dce06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.adsfirm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 05:29:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2225476
alt-svc: h3=":443"; ma=86400
content-length: 177164
last-modified: Thu, 14 Apr 2022 06:55:32 GMT
server: cloudflare
etag: "6257c564-2b40c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KFpDDvgCJauTuxEcNHr%2FWGnln2Ak7TMYikniCQ3aQ2wb2%2BvNVkLHPl6Qfyp5%2Bg8YKViwazK7ILRrKv%2B6IbLMEzfOAjqBh9M0kDEefPo93jbtbqO0vrmQI5hgSFkqr6M%2FxQytkFmgmaG18C8MBYM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7f355d60fcd05c1a-FRA
expires: Sat, 12 Aug 2023 11:18:43 GMT

GET
H2 200 TPHtmlTemplate Show response
adgebra.co.in/afpf/ 0
120 B 644ms
214ms XHR
text/plain 35.207.221.200
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://adgebra.co.in/afpf/TPHtmlTemplate?p1=3298&p2=null&p3=1&p6=4862&p7=1&p8=0&refUrl=https://insurance.funjio.com/&p4=https://insurance.funjio.com/
Requested by: Host: adgebra.co.in
URL: https://adgebra.co.in/afpf/GetAfpftpJs?parentAttribute=afpftpPixel_348_1691472598231
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.207.221.200 Mumbai, India, ASN19527 (GOOGLE-2, US),
Reverse DNS: 200.221.207.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insurance.funjio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin: https://insurance.funjio.com
date: Tue, 08 Aug 2023 05:29:59 GMT
via: 1.1 google
access-control-allow-credentials: true
content-length: 0
content-type: text/plain;charset=UTF-8

GET
H2 200 741663 Show response
ad.a-ads.com/ Frame 89A3 12 KB
5 KB 51ms
50ms Document
text/html 213.239.209.209
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/741663?size=300x250

Requested by

Host: traffic2bitcoin.com
URL: https://traffic2bitcoin.com/ptp.php?ref=narahari24&type=as&sitetype=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

213-239-209-209.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

d9744afe8f6ca066df7cde97fad2f7d7e9f257facc33937e0ce9c612dd3eedba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://traffic2bitcoin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Tue, 08 Aug 2023 05:30:00 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-original-referer: https://traffic2bitcoin.com/
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
H2 200 300x250
static.a-ads.com/a-ads-banners/393780/ Frame 89A3 609 KB
610 KB 73ms
73ms Image
image/gif 213.239.209.209
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/393780/300x250?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/741663?size=300x250
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 213-239-209-209.clients.your-server.de
Software: nginx /
Resource Hash: 69bce7f8cb253945351434612e6adfe03a1ee23be5c85b391b2792f9a8a4bb14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 05:30:00 GMT
x-amz-version-id: jOXVc8Dekisiq0g3Btd0O0TTMs07O0J4
last-modified: Tue, 31 May 2022 13:36:40 GMT
server: nginx
x-amz-request-id: GFF02Q1YSYD51QPE
etag: "022f5a2fb43fb40ba25ebafe6b68c6b2"
content-type: image/gif
cache-control: max-age=315360000
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 623504
x-amz-id-2: sLrjDFvZL25cRhs2oftvMHOJ9RheSRAVeG7q86TRsw4mXDY3u63dO9ENTjlAqULFpx0u9crfOmQ=
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ Frame 89A3 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 index.php Show response
dashboard.jalewaads.com/track/ Frame 1E59 0
96 B 337ms
114ms Script
application/javascript 157.230.222.159
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://dashboard.jalewaads.com/track/index.php?page=action/impression/0|1042|0|1252|3037|1|1213|2|0|1042|1.0E-5|1.0E-5|0|0/6b6db6d10f724439acfb995bdc4c3e9a/1691472617/CH/
Requested by: Host: display.jalewaads.com
URL: https://display.jalewaads.com/display/index.php?page=query/items/&aduid=3037&pid=1252&width=300&height=250&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=325&page_data=452b6c89586dbc4656823838b59b5622&time=1691472597&deliver=insurance.funjio.com&search_keywords=YOUR%20KEYWORDS%20HERE&page_referrer=aHR0cHM6Ly9pbnN1cmFuY2UuZnVuamlvLmNvbS8=&page_title=Insurance%20Policy&meta_description=YOUR%20DESCRIPTION%20HERE
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.230.222.159 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 1010700.cloudwaysapps.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://display.jalewaads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 05:30:08 GMT
server: nginx
age: 0
accept-ranges: bytes
content-length: 0
x-cache: MISS
content-type: application/javascript

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: mdgzg.com
URL: https://mdgzg.com/serve/load.js

Domain: www.bittraffic.io
URL: https://www.bittraffic.io/display/items.php?4034&956&300&250&1&0&0

Domain: www.bittraffic.io
URL: https://www.bittraffic.io/display/items.php?4035&956&300&250&1&0&0

Domain: pixel.vidoomy.com
URL: https://pixel.vidoomy.com/reg.cgi?id=16590

Domain: poweredby.jads.co
URL: https://poweredby.jads.co/adshow.php?adzone=953252

Domain: poweredby.jads.co
URL: https://poweredby.jads.co/adshow.php?adzone=953115

Domain: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Verdicts & Comments Add Verdict or Comment

212 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
meo257na3rch.com/	1970-01-20 23:25:46	Name: CHCK Value: 1
meo257na3rch.com/	1970-01-20 23:25:46	Name: UID Value: 23080800299aed11e364384b80a7a3e54f69
berlipurplin.com/	1970-01-20 23:25:46	Name: CHCK Value: 1
berlipurplin.com/	1970-01-20 23:25:46	Name: UID Value: 2308080029a6d16b0858a645baa7b84cce3a
insurance.funjio.com/	1969-12-31 23:59:59	Name: bnState_1883516 Value: {"impressions":1,"delayStarted":0}
insurance.funjio.com/	1969-12-31 23:59:59	Name: bnState_1861823 Value: {"impressions":2,"delayStarted":0}
insurance.funjio.com/	1969-12-31 23:59:59	Name: bnState Value: {"impressions":2,"delayStarted":0}
.jads.co/	1970-01-20 22:36:48	Name: surferid Value: 855c08aaf55746b8e0a22632b95c3e45
.jads.co/	1970-01-20 13:55:31	Name: juicy_data_1 Value: YTowOnt9
.jads.co/	1970-01-20 13:55:31	Name: juicy_data Value: YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D
.mgid.com/	1970-01-20 13:51:14	Name: __cf_bm Value: 5Durm5MwaONEy9fONeZfEJRPm_JySshobCUFwtkY7_A-1691472598-0-AfNb1+KrOi2eYpiyP5YPm7Q4908y/K/KOZJ/iyo9auYE7JWzN1QHRFQGov9nG5++2U/DPEcjQfAS5tzZhqCTLw0=
.funjio.com/	1970-01-20 23:27:12	Name: _ga Value: GA1.2.1244038801.1691472598
.funjio.com/	1970-01-20 13:52:38	Name: _gid Value: GA1.2.66723059.1691472598
.doubleclick.net/	1970-01-20 13:51:13	Name: test_cookie Value: CheckForPermission
.funjio.com/	1970-01-20 23:12:48	Name: __gads Value: ID=5dcfe97bdb19978a:T=1691472598:RT=1691472598:S=ALNI_MY-6EfBh5HvWU0SUkWU45jsP95Vjg
.funjio.com/	1970-01-20 23:12:48	Name: __gpi Value: UID=00000c503f4ed9d0:T=1691472598:RT=1691472598:S=ALNI_MZ3dCCTkHsCeCB7g93NTVLqIuLRoA

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://tags.worldglobalssp.xyz/tag/26667 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://services.brid.tv/player/build/brid.outstream.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://tags.worldglobalssp.xyz/tag/26667 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://services.brid.tv/player/build/brid.outstream.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://i.ytimg.com/vi/SoC0z1l0CYg/default.jpg Message: Failed to load resource: the server responded with a status of 404 ()
security	warning	URL: https://meo257na3rch.com/lv/esnk/1883516/code.js(Line 22) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network	error	URL: https://ad-slot.ru/banner-code.php?id=8799 Message: Failed to load resource: the server responded with a status of 404 ()
security	warning	URL: https://berlipurplin.com/lv/esnk/1861823/code.js(Line 22) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network	error	URL: https://pixel.vidoomy.com/reg.cgi?id=16590 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://i.ytimg.com/vi/Ys4MO-5poqs/default.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.bittraffic.io/display/items.php?4034&956&300&250&1&0&0 Message: Failed to load resource: net::ERR_HTTP2_PROTOCOL_ERROR
network	error	URL: https://www.bittraffic.io/display/items.php?4035&956&300&250&1&0&0 Message: Failed to load resource: net::ERR_HTTP2_PROTOCOL_ERROR
security	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 472) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network	error	URL: https://ads-bitcoin.com/codes/banner?rcd=MTU1 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://myckdom.com/adServe/banners?tid=295571_828241_1 Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2.bp.blogspot.com
4.bp.blogspot.com
4e4176ab5ef58c55be391f15f26d58e7.safeframe.googlesyndication.com
ad-slot.ru
ad.a-ads.com
adgebra.co.in
ads-bitcoin.com
ads.stickyadstv.com
ads.vidoomy.com
ajax.googleapis.com
banners.mellowads.com
berlipurplin.com
cdn.adsfcdn.com
cdn.adsfirm.com
cdn.bncloudfl.com
cdn.hooliganmedia.com
dashboard.jalewaads.com
display.jalewaads.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
funjio.com
i.jads.co
i.ytimg.com
imasdk.googleapis.com
insurance.funjio.com
jsc.mgid.com
lh3.googleusercontent.com
madriyelowd.com
maxcdn.bootstrapcdn.com
mdgzg.com
mellowads.b-cdn.net
meo257na3rch.com
myckdom.com
p.brid.tv
p295571.clksite.com
pagead2.googlesyndication.com
pixel.vidoomy.com
poweredby.jads.co
publishers.hooliganmedia.com
s0.2mdn.net
securepubads.g.doubleclick.net
services.brid.tv
static.a-ads.com
static1.freebitco.in
stats-dev.brid.tv
tags.worldglobalssp.xyz
traffic2bitcoin.com
www.bittraffic.io
www.blogger.com
www.google-analytics.com
www.googletagmanager.com
imasdk.googleapis.com
mdgzg.com
pagead2.googlesyndication.com
pixel.vidoomy.com
poweredby.jads.co
www.bittraffic.io
104.22.7.169
13.224.189.82
143.204.98.88
147.182.222.211
157.230.222.159
185.94.236.253
205.185.216.10
205.185.216.42
213.239.209.209
217.21.94.16
24.199.69.252
2400:52e0:1a01::899:1
2600:9000:2490:b600:0:4402:e8c0:93a1
2606:4700:10::6814:31d8
2606:4700:1::6813:864e
2606:4700:3035::6815:2c75
2606:4700:3037::6815:233e
2606:4700::6812:acf
2a00:1450:4001:800::200e
2a00:1450:4001:80b::2001
2a00:1450:4001:80f::2013
2a00:1450:4001:810::2001
2a00:1450:4001:810::2002
2a00:1450:4001:811::2001
2a00:1450:4001:813::200a
2a00:1450:4001:813::2016
2a00:1450:4001:81c::2003
2a00:1450:4001:81c::2006
2a00:1450:4001:829::200a
2a00:1450:4001:82a::200a
2a00:1450:4001:830::200e
2a00:1450:4001:831::2008
2a00:1450:4001:831::2009
2a06:98c1:3120::3
3.19.54.139
35.207.221.200
52.116.53.147
52.117.247.211
62.122.171.6
87.236.16.176
92.204.136.218
95.101.54.106
0047f2b4e58d50cd286045db5a9a694d843c551e96e92f7bcd10bf2e111149f2
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
065aabddb94289300c792352a87532acb7669ba8ff5c85ee7b0361e596c51031
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
0ec1294e4961a15d00e49b679605e74b2f093f60e793d79d0414597ccc9f3000
1cb27401b4d6a2d21f3bd3304f9855c43e3467887d2d8e89aacf5e9aeb386f7c
20e9aab22032d85684d7d916a1013f7c577a132a5b10ea3fd3578e8d0b28a711
246e8b0bbc5119f4d67faf2c6d2f9624a7be89d555e05281e1709a98097f03a5
27ee0dbc552e93ec94a7c0e2ad33e05827f44dd23dae5673b4f840c79dcc02ba
28b1823b5efe3fe74808098ecaf4dbe53d417dd4fea45e2dd39aeec8159e61ee
29f03d6eff59d3bcb1378e7cc22d5e336f8a66d049173b77da846033be532e36
2b5eeeb211f2b120bf3f918a06f149d8e975a17a691b59e2108aefcc3d730686
2c13379cb86fcf8bd8d913c0be2c98a7fd5ea7a6c110ca1a44f4595876112830
2cf4896234ab6ea9c09c2ab49798a419c195acf6a96b37964d2a94f3ce1d4071
3096bea163dbf60801bd5377d3aea1b0507281c417aac65911575e5363a5b459
3113d3655807e64fbf34358f15de245ccf5ba1964fa6833a7fef6adb64183e51
3362fe5ad591e63a73ab79cdd0763fa56318c38f519afdfcbd7b6ef951789477
36d52f89527bab3391154917c16fc40468087f6af7a016b7cf4ab2b4cb00b117
3768f48a1d9efacc172a7b02f700e566007e7dfcfda57d6afdaa2d6f54936c40
3956a454410396f9668b658abd81aa23047276430eb93a4a5017590e481a97c3
3d4610a2ab69d08e54685d0d3cfcf03ec663bacff8cc89a1e0a2904a7769e641
42cdcdb769ea227cf6f8f431e83bf096848f20d824d57e3e0c1435a04f8a8943
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
49452f0e40a878f7b9a0ed87721f95843fbd953a2d373ccac53c911f51c929b3
4ce583e2c226b57b30e9936ad548be91a6d71b411c4703dbc9f65eb006471110
5113ba7ee14208ef778664254a85eb1110a228827001b437bef863079f19add3
524e2cb7e390002a9877923512182655a7a4b512a475b5d4146761f77fd241ee
5ab5eb8e9350691a15053498f7cc3e0da4a76f6b2a0b90d6bf42301035dd8c27
5ad0b5133e45b32908a388c8c6dcfca2c23d1d9d3e2ed6a839a742bab1ffde51
6007836d0e3f2722f34518d33d527ba281754fd0987886b5eb3ba2fb667441af
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
624918ed3a5cbb2b9a1fc9fe5f95f296f5269379806cda25f38ba5a521ef3287
635a83c473e5248a4fc3d660fc27f09ce8649fda60039ccf92b0f2c044045ddf
63f3299bacfc8a15fbac6b6a8badaa92f6e08c16a4ad8bff45dc5983b81588ce
672eca19c3be21a9462e51ed0ded052aead248f6fac752353e02a5818f6998cb
676792b65db36c91bee7ce25be7603cf200c95c5038e3cffdee1990255bcaf0b
69bce7f8cb253945351434612e6adfe03a1ee23be5c85b391b2792f9a8a4bb14
6c42dd792f7ea62abcb52e60fe3627394cc5c27d5dfbea9a99dbb5ca815638d8
6c6760f12faa77e3ed71540c19687b4c484c53cf6b7423b13500e91fb4bfdac0
6e8bea61f443e6e81c3d7226a42d5c7f3d1dce19910ab5de3d5b9eebd040b7cd
71bcf1492d7a80fad9a2a484a4d47ddd7438eba3f9622ba1e8e90d65b96b0226
75b33be75a492ae62981cc7b7a36803c1ef4ea5dcdc6db43c11071b200c7f78e
7704aea5716dfc98d10be0af50d19b82eb343a67f1bb4070448d60c2e814f66d
7795341aaeb51bfe16e294c648df281d7e7e3242c609c84883ecda122441cfd4
7a0cd3db633064217878d16ff6d41d349ca0580d52b5c2cbe2ffa45575029da5
7b83ce067b6ea6c3b6885aa3b319dac766c3feacae2bc785933f1c609365a758
7bf1c238f5fbd29b9e0bfcea7f89e98d9a96f8696dd832401d22545237864a0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7e87bb44c3eae2f01a61c4c86a081df466e7de1145cc1d858170d678c7caa5f6
8614a8ac4bc2a3ed97bfe6b5b53d876c66aaf87fd84bc79f40baff6412bbdf72
86e810bb90886562664f37698ab2b243e5ccba698711bf51305e13d81ac4575f
895d3b706f2544a11b0b10a78bd36909ed1dddf5099ef83dc91c32b106162a79
8ec439004dea8add88a08d6f665f3a3968ba1d047ee3ec937d7bdebb18459917
9142409cc08053f74ad52905dbdd8fd5c42e0fe6fd0cdfcd708953b1da98b74c
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9c37d492620e96f3a6200f24fda883760344af15e9a36ba95fbf34f076301a8c
9cc8c89436c57b5812f3d1ad26420a90f2102682d5e262dc289a1214c9010204
9dcf047d6a147e7eb8cc764ea74cc1e1c04d037effde6d8cc3ffebe98080e6dc
9ebe2460f2d9a505b5b2bbc1ac1226c9b6e7c0e56239a1a62e9228a7cd4dce06
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a116b8b33992caa4b4be881af7c5f6daeef5ec01b334f4b3b4ee37d7f7b199be
a4ac9dd242e7beba9b1d9dd191c8e71fac7afb634c88c39f074bba62f570fc40
a6679c97affbc96b5471593bfc580138ce4c09bd274145d6d4e8c55a53939573
a73f42ab9a1e99996383c601c1c82c8d1a105d64383e6a38f55277c8cd758502
a846d008de1afffd65fb3990db6a35e14c40b8970352212a347e58cd61c67e4c
a9ca837900b6ae007386d400f659c233120b8af7d93407fd6475c9180d9e83d2
acf76dc1ca3958bef5996b6ff11ddd99c392d6da8b28f56bc876296648809a45
b08a2fa2b897efa1b9d4ea531eb28b1f9f216eadd299cb115a1121e266a4480b
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b5d7707ea8fc00aae40bf500ac7498d7f32f6b1bbff7b4fde976a40345eb5f9d
b6b497673eb829e46c2980a5a2d1902ea526dc53b2869775f01e53d13f877184
b72e22efe9ad74a7907aac3b060922e187e94c2ec34a400c52d4c9c59d828fdf
c2b583f12f7ce19dd87d2cabe47632faf5220a0bb2554483470334b209472a98
c4831ee6a21e6b1243cefa0dede23f24d47e234532fcd3194a4915e778b68051
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d3ebb498192527b985939ae62cc4e5eb5c108efc1896184126b45d866868e73d
d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da
d79c10f2287acb67ede5043f959cbf4ef7d62d95ded9d3c824a9010da0c4f67a
d7f31e5a78056fd6a1c1199b5c571414e9119dc0eb11f9fff32a6ed455788744
d89d280e4bb2f02f3ab54dade300692fde8250230a4d15d02766fd4a2349667f
d8b48b79613daaaf67f86c1e0a530d9a7bfb103b84cfb450ccff83a7c71723d3
d9744afe8f6ca066df7cde97fad2f7d7e9f257facc33937e0ce9c612dd3eedba
da0ffa63079627cbe72ed3420fff6a9b1f3085ad689b309f0e16ca5ed10f5a0d
db6c9d0efcdce460b2d1e05256cd3d4255f75da4aff2902a8eaaecbc2b0aa5c6
dc2a9ecb9eae34a409e66cbdd46b3562c560f8ffa1c1f80ea84532999d6d408c
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec751956f91253b0f2e2797b62b651b022ee3f4a6ffd4b4ad8311f4b4a33913f
f65dd0ed5ab0097e2cb276b346ccfaddb2a9134c9278af39c6a24cd821fce06f
fcc69b6383d73590de75640851e672fbc9d5d37f0ebc5492d1d0062b50c6ae3a

insurance.funjio.com Open in urlscan Pro 2a00:1450:4001:80f::2013 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

112 Requests

88 %HTTPS

55 %IPv6

40 Domains

52 Subdomains

42 IPs

6 Countries

4314 kBTransfer

6371 kBSize

16 Cookies

28 Outgoing links

Page URL History

Redirected requests

112 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

insurance.funjio.com Open in urlscan Pro
2a00:1450:4001:80f::2013 Public Scan

Screenshot
Live screenshot

Full Image

112
Requests

88 %
HTTPS

55 %
IPv6

40
Domains

52
Subdomains

42
IPs

6
Countries

4314 kB
Transfer

6371 kB
Size

16
Cookies

112 HTTP transactions
3 data transactions