urlscan.io logo urlscan.io
SecurityTrails logo

fighttinnitusnow.com Open in urlscan Pro
77.235.58.122  Public Scan

Go To Rescan Add Verdict Report
URL: http://fighttinnitusnow.com/
Submission: On December 30 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 26 IPs in 2 countries across 27 domains to perform 46 HTTP transactions. The main IP is 77.235.58.122, located in Cyprus and belongs to LEASEWEB-NL-AMS-01 Netherlands, NL. The main domain is fighttinnitusnow.com.
This is the only time fighttinnitusnow.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 77.235.58.122 60781 (LEASEWEB-...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
6 10 2606:4700:20:... 13335 (CLOUDFLAR...)
2 209.59.155.42 32244 (LIQUIDWEB)
1 2600:9000:23c... 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 151.101.192.65 54113 (FASTLY)
2 2607:f8b0:400... 15169 (GOOGLE)
1 52.217.170.176 16509 (AMAZON-02)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
1 4 35.227.244.1 15169 (GOOGLE)
3 18.164.96.15 16509 (AMAZON-02)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 1 52.1.95.165 14618 (AMAZON-AES)
1 3.230.121.107 14618 (AMAZON-AES)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 2600:1f18:730... 14618 (AMAZON-AES)
1 3.218.4.10 14618 (AMAZON-AES)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 54.231.130.17 16509 (AMAZON-02)
1 35.190.54.17 15169 (GOOGLE)
1 4 75.2.91.175 16509 (AMAZON-02)
3 3 107.178.246.49 15169 (GOOGLE)
2 2 35.71.131.137 16509 (AMAZON-02)
1 1 44.229.119.75 16509 (AMAZON-02)
1 1 3.82.80.127 14618 (AMAZON-AES)
2 2 142.250.81.226 15169 (GOOGLE)
2 2 68.67.179.113 29990 (ASN-APPNEX)
1 2 35.211.178.172 19527 (GOOGLE-2)
1 18.164.96.55 16509 (AMAZON-02)
46 26
5    77.235.58.122 (Cyprus)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
fighttinnitusnow.com
2    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2606:4700:20::681a:37a (United States)

ASN13335 (CLOUDFLARENET, US)
a.remarketstats.com
10    2606:4700:20::681a:932 (United States)

ASN13335 (CLOUDFLARENET, US)
a.clickcertain.com
2    209.59.155.42 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: host3.iad7.com
mgmtrack1.com
1    2600:9000:23cb:dc00:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)
b-code.liadm.com
1    2607:f8b0:4006:81d::200a (Nutley, United States)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2607:f8b0:4006:823::2008 (Nutley, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    151.101.192.65 (United States)

ASN54113 (FASTLY, US)
tag.marinsm.com
2    2607:f8b0:4006:821::200e (Nutley, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    52.217.170.176 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
4    35.227.244.1 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 1.244.227.35.bc.googleusercontent.com
shop.pe
3    18.164.96.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-15.jfk50.r.cloudfront.net
d3rr3d0n31t48m.cloudfront.net
2    2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    52.1.95.165 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-95-165.compute-1.amazonaws.com
pixel-geo.prfct.co
1    3.230.121.107 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-121-107.compute-1.amazonaws.com
pixel-geo.prfct.co
1    2606:4700::6812:1e97 (United States)

ASN13335 (CLOUDFLARENET, US)
signals.aimtell.com
1    2600:1f18:730:b110:ee02:ef72:6352:30c8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rp.liadm.com
1    3.218.4.10 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-4-10.compute-1.amazonaws.com
rp4.liadm.com
1    2607:f8b0:4004:c1b::9b (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2607:f8b0:4006:80b::2004 (Nutley, United States)

ASN15169 (GOOGLE, US)
www.google.com
1    2607:f8b0:4006:81e::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)
www.google.ca
1    54.231.130.17 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
addshoppers.s3.amazonaws.com
1    35.190.54.17 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 17.54.190.35.bc.googleusercontent.com
shopper.shop.pe
4    75.2.91.175 (United States)

ASN16509 (AMAZON-02, US)
PTR: a954c1fc80b8251dc.awsglobalaccelerator.com
nytrng.com
3    107.178.246.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com
pixel.tapad.com
2    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    44.229.119.75 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-229-119-75.us-west-2.compute.amazonaws.com
a.usbrowserspeed.com
1    3.82.80.127 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-82-80-127.compute-1.amazonaws.com
i.liadm.com
2    142.250.81.226 (Glen Cove, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f2.1e100.net
cm.g.doubleclick.net
2    68.67.179.113 (Secaucus, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
2    35.211.178.172 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
1    18.164.96.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-55.jfk50.r.cloudfront.net
cdn.nytrng.com
Apex Domain
Subdomains		 Transfer
10 clickcertain.com
a.clickcertain.com — Cisco Umbrella Rank: 6825
7 KB
5 nytrng.com
nytrng.com — Cisco Umbrella Rank: 9481
cdn.nytrng.com — Cisco Umbrella Rank: 21809
9 KB
5 shop.pe
shop.pe — Cisco Umbrella Rank: 10520
shopper.shop.pe — Cisco Umbrella Rank: 13561
10 KB
5 fighttinnitusnow.com
fighttinnitusnow.com
123 KB
4 liadm.com
b-code.liadm.com — Cisco Umbrella Rank: 3620
rp.liadm.com — Cisco Umbrella Rank: 2262
rp4.liadm.com — Cisco Umbrella Rank: 5996
i.liadm.com — Cisco Umbrella Rank: 881
14 KB
3 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 674
770 B
3 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 179
cm.g.doubleclick.net — Cisco Umbrella Rank: 321
1 KB
3 cloudfront.net
d3rr3d0n31t48m.cloudfront.net
52 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 619
12 KB
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 411
1 KB
2 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 670
2 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 456
1 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
203 B
2 prfct.co
pixel-geo.prfct.co — Cisco Umbrella Rank: 24400
770 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 173
112 KB
2 amazonaws.com
s3.amazonaws.com
addshoppers.s3.amazonaws.com — Cisco Umbrella Rank: 16916
14 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 103
20 KB
2 mgmtrack1.com
mgmtrack1.com
27 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 356
82 KB
1 usbrowserspeed.com
a.usbrowserspeed.com — Cisco Umbrella Rank: 13266
242 B
1 google.ca
www.google.ca — Cisco Umbrella Rank: 7920
501 B
1 google.com
www.google.com — Cisco Umbrella Rank: 16
501 B
1 aimtell.com
signals.aimtell.com — Cisco Umbrella Rank: 4462
360 B
1 marinsm.com
tag.marinsm.com — Cisco Umbrella Rank: 55638
4 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 123
43 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 520
30 KB
1 remarketstats.com
a.remarketstats.com — Cisco Umbrella Rank: 53747
529 B
46 27
Domain Requested by
10 a.clickcertain.com 6 redirects fighttinnitusnow.com
a.remarketstats.com
a.clickcertain.com
5 fighttinnitusnow.com fighttinnitusnow.com
4 nytrng.com 1 redirects d3rr3d0n31t48m.cloudfront.net
cdn.nytrng.com
4 shop.pe 1 redirects d3rr3d0n31t48m.cloudfront.net
shopper.shop.pe
3 pixel.tapad.com 3 redirects
3 d3rr3d0n31t48m.cloudfront.net fighttinnitusnow.com
shop.pe
3 bat.bing.com fighttinnitusnow.com
bat.bing.com
2 x.bidswitch.net 1 redirects a.clickcertain.com
2 secure.adnxs.com 2 redirects
2 cm.g.doubleclick.net 2 redirects
2 match.adsrvr.org 2 redirects
2 www.facebook.com fighttinnitusnow.com
2 pixel-geo.prfct.co 1 redirects fighttinnitusnow.com
2 connect.facebook.net fighttinnitusnow.com
connect.facebook.net
2 www.google-analytics.com fighttinnitusnow.com
www.google-analytics.com
2 mgmtrack1.com fighttinnitusnow.com
2 cdnjs.cloudflare.com fighttinnitusnow.com
cdnjs.cloudflare.com
1 cdn.nytrng.com nytrng.com
1 i.liadm.com 1 redirects
1 a.usbrowserspeed.com 1 redirects
1 shopper.shop.pe shop.pe
1 addshoppers.s3.amazonaws.com d3rr3d0n31t48m.cloudfront.net
1 www.google.ca fighttinnitusnow.com
1 www.google.com fighttinnitusnow.com
1 stats.g.doubleclick.net www.google-analytics.com
1 rp4.liadm.com fighttinnitusnow.com
1 rp.liadm.com 1 redirects
1 signals.aimtell.com s3.amazonaws.com
1 s3.amazonaws.com fighttinnitusnow.com
1 tag.marinsm.com fighttinnitusnow.com
1 www.googletagmanager.com fighttinnitusnow.com
1 ajax.googleapis.com fighttinnitusnow.com
1 b-code.liadm.com fighttinnitusnow.com
1 a.remarketstats.com 1 redirects
46 34

This site contains links to these domains. Also see Links.

Domain
www.fighttinnitusnow.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
mgmtrack1.com
R3		 2022-12-01 -
2023-03-01		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-10-08 -
2023-01-06		 3 months crt.sh
aimtell.com
Cloudflare Inc ECC CA-3		 2022-05-09 -
2023-05-08		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2022-11-25 -
2023-05-25		 6 months crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.ca
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.shop.pe
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-08-10 -
2023-08-10		 a year crt.sh
nytrng.com
Amazon		 2022-04-24 -
2023-05-23		 a year crt.sh
*.nytrng.com
Amazon		 2022-09-16 -
2023-10-13		 a year crt.sh

This page contains 3 frames:

Primary Page: http://fighttinnitusnow.com/
Frame ID: 47A97B29DEABE1A9338687ACF363CED3
Requests: 38 HTTP requests in this frame

Frame: https://a.clickcertain.com/px/cont/?c=2340db90087cdda&ccid=4d355ef2-b007-4dd6-957c-7693d0415b97&cn=CA
Frame ID: 5ABC461AC2575BD46367B56E4F6F17CC
Requests: 4 HTTP requests in this frame

Frame: https://nytrng.com/iframe?vcp=4dd5h0np&as_id=898b5f03e2bc4d47ba25d6b87f92ddf9
Frame ID: AB56C86363E498615D7D0C68377B704D
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Buy New Tinnitus 911 Online

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

46
Requests

59 %
HTTPS

43 %
IPv6

27
Domains

34
Subdomains

26
IPs

2
Countries

558 kB
Transfer

1318 kB
Size

33
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://a.remarketstats.com/px/smart/?c=2340db90087cdda&seg=home-page HTTP 302
  • https://a.clickcertain.com/px/smart/a/?seg=home-page&c=2340db90087cdda HTTP 302
  • https://a.clickcertain.com/px/?c=2340db90087cdda
Request Chain 11
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 13
  • http://bat.bing.com/bat.js HTTP 307
  • https://bat.bing.com/bat.js
Request Chain 16
  • https://shop.pe/widget/widget_async.js HTTP 301
  • https://d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js
Request Chain 18
  • http://pixel-geo.prfct.co/tagjs?a_id=90326&source=js_tag HTTP 302
  • https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=90326&source=js_tag
Request Chain 24
  • https://rp.liadm.com/j?dtstmp=1672414031417&aid=a-0817&se=e30&duid=1afbc895fcee--01gnht9ve6yz3mrq0xwr152p9p&tna=v2.5.1&pu=http%3A%2F%2Ffighttinnitusnow.com%2F&wpn=lc-bundle&c=PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IklzIHlvdXIgbGlmZSB0cm91YmxlZCBieSBoaWRkZW4gY29uc3RpcGF0aW9uPyBQcm90ZWN0IHlvdXIgaGVhbHRoIHdpdGggYWxsIG5hdHVyYWwgcHJvdmVuIGluZ3JlZGllbnRzLiBSZWFkIHJldmlld3MgYW5kIGJ1eSBuZXcgVGlubml0dXMgOTExIE9ubGluZSBhdCBQaHl0QWdlIExhYnMuIj48dGl0bGU-QnV5IE5ldyBUaW5uaXR1cyA5MTEgT25saW5lPC90aXRsZT4 HTTP 302
  • https://rp4.liadm.com/j?dtstmp=1672414031417&aid=a-0817&se=e30&duid=1afbc895fcee--01gnht9ve6yz3mrq0xwr152p9p&tna=v2.5.1&pu=http%3A%2F%2Ffighttinnitusnow.com%2F&wpn=lc-bundle&c=PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IklzIHlvdXIgbGlmZSB0cm91YmxlZCBieSBoaWRkZW4gY29uc3RpcGF0aW9uPyBQcm90ZWN0IHlvdXIgaGVhbHRoIHdpdGggYWxsIG5hdHVyYWwgcHJvdmVuIGluZ3JlZGllbnRzLiBSZWFkIHJldmlld3MgYW5kIGJ1eSBuZXcgVGlubml0dXMgOTExIE9ubGluZSBhdCBQaHl0QWdlIExhYnMuIj48dGl0bGU-QnV5IE5ldyBUaW5uaXR1cyA5MTEgT25saW5lPC90aXRsZT4&i6=MjYwNzo1MzAwOjYwOjc4Njc6OjQ%3D&n3pc=true
Request Chain 37
  • https://a.clickcertain.com/px/ta/?ccid=4d355ef2-b007-4dd6-957c-7693d0415b97 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3318&partner_device_id=4d355ef2-b007-4dd6-957c-7693d0415b97&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3318&partner_device_id=4d355ef2-b007-4dd6-957c-7693d0415b97&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=f01f426a-a4bf-4922-970b-b9a5af91dc53%252Chttps%253A%252F%252Fa.clickcertain.com%252Fpx%252Fta%252F%253Fdone%253Dtrue%2526ta_id%253Df01f426a-a4bf-4922-970b-b9a5af91dc53&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=f01f426a-a4bf-4922-970b-b9a5af91dc53%252Chttps%253A%252F%252Fa.clickcertain.com%252Fpx%252Fta%252F%253Fdone%253Dtrue%2526ta_id%253Df01f426a-a4bf-4922-970b-b9a5af91dc53&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=f213f17f-a402-43d7-9ca5-4f11a9989b83&ttd_puid=f01f426a-a4bf-4922-970b-b9a5af91dc53%2Chttps%3A%2F%2Fa.clickcertain.com%2Fpx%2Fta%2F%3Fdone%3Dtrue%26ta_id%3Df01f426a-a4bf-4922-970b-b9a5af91dc53 HTTP 302
  • https://a.clickcertain.com/px/ta/?done=true&ta_id=f01f426a-a4bf-4922-970b-b9a5af91dc53
Request Chain 38
  • https://a.usbrowserspeed.com/cs?puid=76c2f0e7-ca1c-5a1f-8008-d57fd1befbc8&pid=lc&r=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2ft%2f%3fdone%3dtrue%26uid%3d%24%7bDEVICE_ID%7d%26hem%3d%24%7bHEM_SHA256_LOWERCASE%7d HTTP 302
  • https://a.clickcertain.com/px/t/?done=true&uid=d02c430b-e22e-49ba-8481-da5651c2368f&hem=
Request Chain 39
  • https://a.clickcertain.com/px/r/?ccid=4d355ef2-b007-4dd6-957c-7693d0415b97 HTTP 302
  • https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=4d355ef2-b007-4dd6-957c-7693d0415b97&ccid=4d355ef2-b007-4dd6-957c-7693d0415b97&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253d4d355ef2%25252db007%25252d4dd6%25252d957c%25252d7693d0415b97%252526anx_uId%25253d%252524UID HTTP 303
  • https://a.clickcertain.com/px/li/?ccid=4d355ef2-b007-4dd6-957c-7693d0415b97&redir=https%3a%2f%2fcm%2eg%2edoubleclick%2enet%2fpixel%3fgoogle_nid%3dclickcertain%26google_cm%3d1%26google_sc%3d1%26redir%3dhttps%253a%252f%252fsecure%252eadnxs%252ecom%252fgetuidu%253fhttps%253a%252f%252fa%252eclickcertain%252ecom%252fpx%252fimg%252fbidswitch%252f%253fdone%253dtrue%2526ccid%253d4d355ef2%252db007%252d4dd6%252d957c%252d7693d0415b97%2526anx_uId%253d%2524UID HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3a%2f%2fsecure%2eadnxs%2ecom%2fgetuidu%3fhttps%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2f%3fdone%3dtrue%26ccid%3d4d355ef2%2db007%2d4dd6%2d957c%2d7693d0415b97%26anx_uId%3d%24UID HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D4d355ef2%2Db007%2D4dd6%2D957c%2D7693d0415b97%26anx_uId%3D%24UID&google_tc= HTTP 302
  • https://a.clickcertain.com/px/img/g/?redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D4d355ef2%2Db007%2D4dd6%2D957c%2D7693d0415b97%26anx_uId%3D%24UID&google_gid=CAESEDdy0nGA7i0wy_kFJy_uwJ0&google_cver=1 HTTP 302
  • https://secure.adnxs.com/getuidu?https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=4d355ef2-b007-4dd6-957c-7693d0415b97&anx_uId=$UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuidu%3Fhttps%3A%2F%2Fa.clickcertain.com%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D4d355ef2-b007-4dd6-957c-7693d0415b97%26anx_uId%3D%24UID HTTP 302
  • https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=4d355ef2-b007-4dd6-957c-7693d0415b97&anx_uId=68055839952446957 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=179&user_id=4d355ef2-b007-4dd6-957c-7693d0415b97&expires=5&user_group=0 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=179&user_id=4d355ef2-b007-4dd6-957c-7693d0415b97&expires=5&user_group=0
Request Chain 42
  • https://nytrng.com/mper HTTP 301
  • https://nytrng.com/mper/5b5dea3c75cd4f46a42d36e32e8b2ee1

46 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
fighttinnitusnow.com/ 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://fighttinnitusnow.com/
Protocol
HTTP/1.1
Server
77.235.58.122 , Cyprus, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
Apache /
Resource Hash
e50e9d8cd34b963dd55abd21c4564d14214dd910274a073d478ca7fe5334ebda

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=200 no-cache, no-store, must-revalidate
Connection
Keep-Alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Fri, 30 Dec 2022 15:27:10 GMT
Expires
0
Keep-Alive
timeout=5, max=100
Pragma
no-cache
Server
Apache
Transfer-Encoding
chunked
Vary
Accept-Encoding
style.css
fighttinnitusnow.com/css/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fighttinnitusnow.com/css/style.css
Requested by
Host: fighttinnitusnow.com
URL: http://fighttinnitusnow.com/
Protocol
HTTP/1.1
Server
77.235.58.122 , Cyprus, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
Apache /
Resource Hash
94561f9611f17e2b0cea3f2f1945c2458faf464c6fd7bb61bcfd296482fadc4b

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://fighttinnitusnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 30 Dec 2022 15:27:10 GMT
Last-Modified
Fri, 30 Dec 2022 15:18:53 GMT
Server
Apache
Content-Type
text/css
Cache-Control
max-age=345600, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
2913
custom_new.css
fighttinnitusnow.com/assets/ 		11 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fighttinnitusnow.com/assets/custom_new.css
Requested by
Host: fighttinnitusnow.com
URL: http://fighttinnitusnow.com/
Protocol
HTTP/1.1
Server
77.235.58.122 , Cyprus, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
Apache /
Resource Hash
b8535c4b9821846e698c97047b10f9b6448a89f08f84cc896c99dde6ccb29534

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://fighttinnitusnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 30 Dec 2022 15:27:10 GMT
Last-Modified
Fri, 30 Dec 2022 15:18:51 GMT
Server
Apache
Content-Type
text/css
Cache-Control
max-age=345600, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
11197
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: fighttinnitusnow.com
URL: http://fighttinnitusnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://fighttinnitusnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 15:27:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
677243
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5631
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2bbdVzQHbBPDkYqAbWz8bXODMiow7Z9O23ei1jubfJrXLuEzA174Ljbl%2BvwNOQ7tQTNTnXntN2Qn38xc5%2Bd0188iGxrL%2BxeAvnVY3w5UTzrXSpGqR6a8JLNoJpjhmRVUTC%2BKTYiIajbrpwWB57U8UOy8"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
781bcc4c8a594bb8-YUL
expires
Wed, 20 Dec 2023 15:27:10 GMT
/
a.clickcertain.com/px/
Redirect Chain
  • https://a.remarketstats.com/px/smart/?c=2340db90087cdda&seg=home-page
  • https://a.clickcertain.com/px/smart/a/?seg=home-page&c=2340db90087cdda
  • https://a.clickcertain.com/px/?c=2340db90087cdda
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.clickcertain.com/px/?c=2340db90087cdda
Requested by
Host: fighttinnitusnow.com
URL: http://fighttinnitusnow.com/
Protocol
H2
Server
2606:4700:20::681a:932 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5019e13745d7ee4653cdd0dc070f4c9b73031081f8ee011723be3420783292ec

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://fighttinnitusnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 15:27:11 GMT
content-encoding
br
x-frontend
cc-nginx-554675d589-hd2p4:cc-nginx-554675d589-hd2p4
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-requestid
a3ae4837-dec0-4380-8bb7-82ecf00a2a1e
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pn3EldVWCntSQma2HZzmb9fMVgJus21xzfAGKhMl2gim4JplSbisBzdyHXk937WS762ODAcLIvwX6aRpntE4zpDDew1WIrFniL92GNuhxIjMNWmYyY8kIzqrjaFWqtuaVH3gHdGq7H1yDFwABsijww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cf-ray
781bcc4e3bf7a232-YYZ

Redirect headers

date
Fri, 30 Dec 2022 15:27:11 GMT
x-frontend
cc-nginx-554675d589-6w7v6:cc-nginx-554675d589-6w7v6
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-requestid
6e896d7e-27ac-49dc-b4f7-3d8919e47dc1
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RO0%2FxkSiaXKJ9T4280klkVVgWWuuJrdfpl27YCCwFP4gSje9NPLZVyoDikbvD5QAUu4WtNXR9VjTXMG8Int61066SgRquGIpU%2BgOmQmsICd9rhUSGiamQjVLtqzLZ4fTjs7lXtlZz2gQFmmYTl0NBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
location
https://a.clickcertain.com/px/?c=2340db90087cdda
cf-ray
781bcc4d7a7ea232-YYZ
logo.png
fighttinnitusnow.com/images/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://fighttinnitusnow.com/images/logo.png
Requested by
Host: fighttinnitusnow.com
URL: http://fighttinnitusnow.com/
Protocol
HTTP/1.1
Server
77.235.58.122 , Cyprus, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
Apache /
Resource Hash
c7683652510c333965f16602cd875d472340e983fdf19f8b7c5878a65ccd3f4a

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://fighttinnitusnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 30 Dec 2022 15:27:11 GMT
Last-Modified
Fri, 30 Dec 2022 15:18:55 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
19456
bottle.png
fighttinnitusnow.com/images/ 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://fighttinnitusnow.com/images/bottle.png
Requested by
Host: fighttinnitusnow.com
URL: http://fighttinnitusnow.com/
Protocol
HTTP/1.1
Server
77.235.58.122 , Cyprus, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
Apache /
Resource Hash
3f96f62d55f6f5c2f4033666ba5ab2cf7793b227a87ecbc80c4b47347edfdbcf

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://fighttinnitusnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 30 Dec 2022 15:27:11 GMT
Last-Modified
Fri, 30 Dec 2022 15:18:55 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
85643
matomo.js
mgmtrack1.com/app/matomo/ 		81 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mgmtrack1.com/app/matomo/matomo.js
Requested by
Host: fighttinnitusnow.com
URL: http://fighttinnitusnow.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.59.155.42 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host3.iad7.com
Software
Apache /
Resource Hash
f14f4a539de52d9d27f18c7db120a25e2cb56b51b232af3cf5698959a1d17e78

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://fighttinnitusnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 30 Dec 2022 15:27:10 GMT
Content-Encoding
gzip
Last-Modified
Sat, 28 Mar 2020 14:50:43 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=200
Content-Length
27468
a-0817.min.js
b-code.liadm.com/ 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://b-code.liadm.com/a-0817.min.js
Requested by
Host: fighttinnitusnow.com
URL: http://fighttinnitusnow.com/
Protocol
HTTP/1.1
Server
2600:9000:23cb:dc00:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
77eab3bf3f1836d792ba122c097683870f4e9ea3fad87fe9c88a7a6da2001d86

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://fighttinnitusnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 30 Dec 2022 08:24:40 GMT
Content-Encoding
gzip
Via
1.1 b9fa5c33e059fb3ed603bd8fcb9d4aea.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
JFK50-P1
Age
25351
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Vary
Accept-Encoding
Cache-Control
"public, max-age=86400"
Connection
keep-alive
X-Amz-Cf-Id
YlHerTdcn3d7OLNP0hrwuoq43hITjEnpC4udhBYa4Zw3G5LWam6faw==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: fighttinnitusnow.com
URL: http://fighttinnitusnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://fighttinnitusnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 14:26:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3646
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30399
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Dec 2023 14:26:25 GMT
js
www.googletagmanager.com/gtag/ 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-71193211-3
Requested by
Host: fighttinnitusnow.com
URL: http://fighttinnitusnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2008 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f95b7c5a8e481da32ccaee4712dfb56ba7b1c535b25aa923dc2b12efcab50e94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://fighttinnitusnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 15:27:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43655
x-xss-protection
0
last-modified
Fri, 30 Dec 2022 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 30 Dec 2022 15:27:11 GMT
5c6c3e8e01e1b5d929000151.js
tag.marinsm.com/serve/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tag.marinsm.com/serve/5c6c3e8e01e1b5d929000151.js
Requested by
Host: fighttinnitusnow.com
URL: http://fighttinnitusnow.com/
Protocol
HTTP/1.1
Server
151.101.192.65 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cowboy /
Resource Hash
eeefd71ad3e1b0dd01673934a841bbc0ebeed9ec3d003d5e6f528adb6d240f82
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://fighttinnitusnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 30 Dec 2022 15:27:11 GMT
Via
1.1 vegur, 1.1 varnish
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Age
0
X-Cache
MISS
Connection
keep-alive
Content-Length
4101
X-Served-By
cache-yyz4571-YYZ
Server
Cowboy
X-Timer
S1672414031.196453,VS0,VE28
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=1800
Accept-Ranges
bytes
X-Cache-Hits
0
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: fighttinnitusnow.com
URL: http://fighttinnitusnow.com/
Protocol
H2
Server
2607:f8b0:4006:821::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://fighttinnitusnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 30 Dec 2022 14:44:06 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
2585
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Fri, 30 Dec 2022 16:44:06 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
trackpush.min.js
s3.amazonaws.com/trackpush/ 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://s3.amazonaws.com/trackpush/trackpush.min.js
Requested by
Host: fighttinnitusnow.com
URL: http://fighttinnitusnow.com/
Protocol
HTTP/1.1
Server
52.217.170.176 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
5ea9947b55246bd7e281b10027a5ed301039077b0589afff470b73c561a93054

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://fighttinnitusnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 30 Dec 2022 15:27:12 GMT
Content-Encoding
gzip
Last-Modified
Thu, 03 Nov 2022 18:51:50 GMT
Server
AmazonS3
x-amz-request-id
DKDK8YMN7AR9JBZ3
ETag
"cbd14612441d2cca730df2e3c9f185c1"
Content-Type
text/javascript
Cache-Control
max-age=86400
Accept-Ranges
bytes
Content-Length
13264
x-amz-id-2
NwcuciBErPWNCh8C6RRK9B3xydlmW3EEwF1HQj2ccuHTCjMjB0ljwS8vIlJOfwYtTQlXFdLbUlk=
bat.js
bat.bing.com/
Redirect Chain
  • http://bat.bing.com/bat.js
  • https://bat.bing.com/bat.js
38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: fighttinnitusnow.com
URL: http://fighttinnitusnow.com/
Protocol
H2
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f2c4b7d20ff42a433d0c76631c460cd75128f8f0436d052ce2cf79dc4fa6a244
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://fighttinnitusnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Fri, 30 Dec 2022 15:27:11 GMT
last-modified
Mon, 05 Dec 2022 17:15:50 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 7F0F45FA30FE4753AA13BA13D50B3E02 Ref B: YTO01EDGE0518 Ref C: 2022-12-30T15:27:11Z
etag
"027e538cd8d91:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
11460

Redirect headers

Location
https://bat.bing.com/bat.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin
http://fighttinnitusnow.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 15:27:11 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1975400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77160
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-12d68"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qTTfXdg9XuMeIWkioongSIOTFcUn6SgHUZsvaKTdaL4B1hlSoW3vDpDoFqdvdINTVsgxZbFHkGO%2BsDFestBT%2Fz3ds1ThSwqh9hvHBXK%2BmoVyradlPXVCuY9EYU%2FADA548d%2BP7HWAM4L9xRbnbIsK9l%2FS"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
781bcc4f2a14713f-YUL
expires
Wed, 20 Dec 2023 15:27:11 GMT
matomo.php
mgmtrack1.com/app/matomo/ 		43 B
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mgmtrack1.com/app/matomo/matomo.php?action_name=Buy%20New%20Tinnitus%20911%20Online&idsite=11&rec=1&r=334178&h=15&m=27&s=11&url=http%3A%2F%2Ffighttinnitusnow.com%2F&_id=b67b96d2fcbe35e2&_idts=1672414031&_idvc=1&_idn=0&_refts=0&_viewts=1672414031&send_image=1&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=100&pv_id=HY5QY6
Requested by
Host: fighttinnitusnow.com
URL: http://fighttinnitusnow.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.59.155.42 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host3.iad7.com
Software
Apache /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://fighttinnitusnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 30 Dec 2022 15:27:11 GMT
Server
Apache
Vary
User-Agent
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-Control
no-store
Connection
Keep-Alive
Keep-Alive
timeout=5, max=199
widget_async.js
d3rr3d0n31t48m.cloudfront.net/widget/
Redirect Chain
  • https://shop.pe/widget/widget_async.js
  • https://d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js
2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js
Requested by
Host: fighttinnitusnow.com
URL: http://fighttinnitusnow.com/
Protocol
H2
Server
18.164.96.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-15.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ac96cb4ac3f542c607b2e5886afc6187a8c5233df8f9ca9d3032af0590026503

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://fighttinnitusnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 14:27:39 GMT
content-encoding
gzip
via
1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront)
last-modified
Thu, 22 Dec 2022 16:42:10 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P5
age
3573
etag
"e769199ebfec55cfdf6a224e96ac9ddb"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=3600, public
accept-ranges
bytes
content-length
905
x-amz-cf-id
jnW2haSR10TongV1KeFqvKHZ_-4dFEN-SewqlARol19YuycQkx6oWA==
x-amz-meta-mtime
1671727328.06

Redirect headers

date
Fri, 30 Dec 2022 15:27:11 GMT
content-security-policy
frame-ancestors none;
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
server
nginx
x-frame-options
deny
content-type
text/html
location
https://d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
178
fbevents.js
connect.facebook.net/en_US/ 		103 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: fighttinnitusnow.com
URL: http://fighttinnitusnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://fighttinnitusnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 30 Dec 2022 15:27:11 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27298
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
qXFhUXK226QrRmPZfjAlgsZbmd0q5Wuz7chc1FiX29F4cI7ff+tAvPzEF4eiodsyKRq2SSB315gmgVCQ4Qv+XQ==
x-fb-trip-id
1512268381
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
tagjs
pixel-geo.prfct.co/
Redirect Chain
  • http://pixel-geo.prfct.co/tagjs?a_id=90326&source=js_tag
  • https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=90326&source=js_tag
59 B
387 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=90326&source=js_tag
Requested by
Host: fighttinnitusnow.com
URL: http://fighttinnitusnow.com/
Protocol
HTTP/1.1
Server
3.230.121.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-121-107.compute-1.amazonaws.com
Software
/
Resource Hash
c1a5691de9a2df57911e1c7a921d17afe3a488f2f56935d55e04b22798820faf

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://fighttinnitusnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

P3P
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
59
Content-Type
text/javascript

Redirect headers

Location
https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=90326&source=js_tag
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pageview
signals.aimtell.com/ 		43 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://signals.aimtell.com/pageview?id_site=11678&v=3.974&support=0&state=default&wl=1
Requested by
Host: s3.amazonaws.com
URL: http://s3.amazonaws.com/trackpush/trackpush.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1e97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://fighttinnitusnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 15:27:11 GMT
aimtell-hash-exists
0
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
image/gif
access-control-allow-origin
http://fighttinnitusnow.com
aimtell-traverse
0
access-control-expose-headers
Aimtell-Hash-Exists, Aimtell-Traverse
access-control-allow-credentials
true
cf-ray
781bcc506e1e4bb9-YUL
access-control-allow-headers
Content-Type, *
content-length
43
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1235694402&t=pageview&_s=1&dl=http%3A%2F%2Ffighttinnitusnow.com%2F&ul=en-us&de=UTF-8&dt=Buy%20New%20Tinnitus%20911%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=155855806&gjid=1659123011&cid=1943989372.1672414031&tid=UA-71193211-1&_gid=459575824.1672414031&_r=1&_slc=1&z=89261558
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://fighttinnitusnow.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 15:27:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://fighttinnitusnow.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
25033631.js
bat.bing.com/p/action/ 		0
136 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/25033631.js
Requested by
Host: bat.bing.com
URL: http://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://fighttinnitusnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 30 Dec 2022 15:27:11 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 8CB95310F310471E95269395722435E5 Ref B: YTO01EDGE0518 Ref C: 2022-12-30T15:27:11Z
x-powered-by
ARR/3.0
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
private,max-age=1800
0
bat.bing.com/action/ 		0
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=25033631&Ver=2&mid=20e56c92-a114-489c-83a2-482ac6b4965d&sid=6e190aa0885611ed84a195286f9cbb71&vid=6e1925f0885611ed9f04e9bacb52c86b&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Buy%20New%20Tinnitus%20911%20Online&p=http%3A%2F%2Ffighttinnitusnow.com%2F&r=&lt=776&evt=pageLoad&sv=1&rn=294965
Requested by
Host: fighttinnitusnow.com
URL: http://fighttinnitusnow.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://fighttinnitusnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 30 Dec 2022 15:27:11 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: ED60A0B348454D6299A7C7113FE58D80 Ref B: YTO01EDGE0518 Ref C: 2022-12-30T15:27:11Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
1633176130275463
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1633176130275463?v=2.9.90&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fefaac34161c734602d398217c66b09109e0a9682bd53c190f838e3903d451fc
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://fighttinnitusnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 30 Dec 2022 15:27:11 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
E3dY+oOKRGV6o8m/eb4Xj2HBnscAJiH9WTGbX5hZ4B7lawTwzA4HRlqb3yaxw4a+qaFug2F2j1kxksZq+E7pBw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
j
rp4.liadm.com/
Redirect Chain
  • https://rp.liadm.com/j?dtstmp=1672414031417&aid=a-0817&se=e30&duid=1afbc895fcee--01gnht9ve6yz3mrq0xwr152p9p&tna=v2.5.1&pu=http%3A%2F%2Ffighttinnitusnow.com%2F&wpn=lc-bundle&c=PG1ldGEgbmFtZT0iZGVzY3...
  • https://rp4.liadm.com/j?dtstmp=1672414031417&aid=a-0817&se=e30&duid=1afbc895fcee--01gnht9ve6yz3mrq0xwr152p9p&tna=v2.5.1&pu=http%3A%2F%2Ffighttinnitusnow.com%2F&wpn=lc-bundle&c=PG1ldGEgbmFtZT0iZGVzY...
13 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rp4.liadm.com/j?dtstmp=1672414031417&aid=a-0817&se=e30&duid=1afbc895fcee--01gnht9ve6yz3mrq0xwr152p9p&tna=v2.5.1&pu=http%3A%2F%2Ffighttinnitusnow.com%2F&wpn=lc-bundle&c=PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IklzIHlvdXIgbGlmZSB0cm91YmxlZCBieSBoaWRkZW4gY29uc3RpcGF0aW9uPyBQcm90ZWN0IHlvdXIgaGVhbHRoIHdpdGggYWxsIG5hdHVyYWwgcHJvdmVuIGluZ3JlZGllbnRzLiBSZWFkIHJldmlld3MgYW5kIGJ1eSBuZXcgVGlubml0dXMgOTExIE9ubGluZSBhdCBQaHl0QWdlIExhYnMuIj48dGl0bGU-QnV5IE5ldyBUaW5uaXR1cyA5MTEgT25saW5lPC90aXRsZT4&i6=MjYwNzo1MzAwOjYwOjc4Njc6OjQ%3D&n3pc=true
Requested by
Host: fighttinnitusnow.com
URL: http://fighttinnitusnow.com/
Protocol
H2
Server
3.218.4.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-218-4-10.compute-1.amazonaws.com
Software
/
Resource Hash
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://fighttinnitusnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 15:27:11 GMT
x-pixel-event-id
17c15225-33cf-44ca-a9b2-4a7b63186b80
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
strict-transport-security
max-age=31536000; includeSubDomains
x-frame-options
DENY
vary
Origin
content-type
application/json
request-time
0
access-control-allow-origin
null
access-control-allow-credentials
true
trace-id
b22c9585c173c633
content-length
13
x-xss-protection
1; mode=block

Redirect headers

date
Fri, 30 Dec 2022 15:27:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
vary
Origin
location
https://rp4.liadm.com/j?dtstmp=1672414031417&aid=a-0817&se=e30&duid=1afbc895fcee--01gnht9ve6yz3mrq0xwr152p9p&tna=v2.5.1&pu=http%3A%2F%2Ffighttinnitusnow.com%2F&wpn=lc-bundle&c=PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IklzIHlvdXIgbGlmZSB0cm91YmxlZCBieSBoaWRkZW4gY29uc3RpcGF0aW9uPyBQcm90ZWN0IHlvdXIgaGVhbHRoIHdpdGggYWxsIG5hdHVyYWwgcHJvdmVuIGluZ3JlZGllbnRzLiBSZWFkIHJldmlld3MgYW5kIGJ1eSBuZXcgVGlubml0dXMgOTExIE9ubGluZSBhdCBQaHl0QWdlIExhYnMuIj48dGl0bGU-QnV5IE5ldyBUaW5uaXR1cyA5MTEgT25saW5lPC90aXRsZT4&i6=MjYwNzo1MzAwOjYwOjc4Njc6OjQ%3D&n3pc=true
access-control-allow-origin
http://fighttinnitusnow.com
request-time
0
access-control-allow-credentials
true
trace-id
247defafe1fb3e7d
content-length
0
x-xss-protection
1; mode=block
triggerRunner.js
d3rr3d0n31t48m.cloudfront.net/widget/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3rr3d0n31t48m.cloudfront.net/widget/triggerRunner.js?v=c317b78
Requested by
Host: shop.pe
URL: https://shop.pe/widget/widget_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-15.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e124bd334341346ad05a5b3a92f27a1b5b7c7fda0d7a78f8f9d1101b24d115ae

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://fighttinnitusnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 16:43:54 GMT
content-encoding
gzip
via
1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront)
last-modified
Thu, 22 Dec 2022 16:42:13 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P5
age
686598
etag
"9539603c93b04acc0c37b1e9bcd08894"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
3772
x-amz-cf-id
2YHBWQgJRrMBNtLG1tfp3BrnB1XpVHVhKey6pY3XMqvp7YoqFAQ9Kw==
x-amz-meta-mtime
1671727328.05
widget.js
d3rr3d0n31t48m.cloudfront.net/widget/ 		183 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=5bce395
Requested by
Host: shop.pe
URL: https://shop.pe/widget/widget_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-15.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4b460f003c9a402d1a8427e296b14ab97bf3f9191718d3ab9c2e42ebfce5a6ce

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://fighttinnitusnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 16:43:54 GMT
content-encoding
gzip
via
1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront)
last-modified
Thu, 22 Dec 2022 16:42:11 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P5
age
686598
etag
"a4a7fb87c9ff3676c36c820866377efe"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
47803
x-amz-cf-id
BESSMPjq5tazjU_cDhBndOYUuISQO5HnrDoq0QtKdOm5yxpJ0rwf1Q==
x-amz-meta-mtime
1671727326.27
collect
stats.g.doubleclick.net/j/ 		4 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-71193211-1&cid=1943989372.1672414031&jid=155855806&gjid=1659123011&_gid=459575824.1672414031&_u=IEBAAEAAAAAAACAAI~&z=234454733
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://fighttinnitusnow.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 30 Dec 2022 15:27:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://fighttinnitusnow.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1633176130275463&ev=PageView&dl=http%3A%2F%2Ffighttinnitusnow.com%2F&rl=&if=false&ts=1672414031571&sw=1600&sh=1200&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.1.1672414031569.1593481255&it=1672414031415&coo=false&rqm=GET
Requested by
Host: fighttinnitusnow.com
URL: http://fighttinnitusnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://fighttinnitusnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 30 Dec 2022 15:27:11 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-71193211-1&cid=1943989372.1672414031&jid=155855806&_u=IEBAAEAAAAAAACAAI~&z=873417398
Requested by
Host: fighttinnitusnow.com
URL: http://fighttinnitusnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2004 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://fighttinnitusnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 15:27:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-71193211-1&cid=1943989372.1672414031&jid=155855806&_u=IEBAAEAAAAAAACAAI~&z=873417398
Requested by
Host: fighttinnitusnow.com
URL: http://fighttinnitusnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://fighttinnitusnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 15:27:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
a.clickcertain.com/px/cont/ Frame 5ABC 		1 KB
1011 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.clickcertain.com/px/cont/?c=2340db90087cdda&ccid=4d355ef2-b007-4dd6-957c-7693d0415b97&cn=CA
Requested by
Host: a.remarketstats.com
URL: https://a.remarketstats.com/px/smart/?c=2340db90087cdda&seg=home-page
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:932 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2db98cdc73812f9b8bd7abbeeb40a1aa32bbbc2b48160d662ef8a54f8e93418

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
781bcc54af1fa232-YYZ
content-encoding
br
content-type
text/html
date
Fri, 30 Dec 2022 15:27:12 GMT
etag
W/"NGQzNTVlZjJnYjAwN2c0ZGQ2Zzk1N2NnNzY5M2QwNDE1Yjk3LXow"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nM421VLDX%2FfJXvw7Z9YtcF3t0MrAILgIer4BWytmuSKNCaebUbMU04fGGc8gaZvkwM4AKLVQ9t6iLk8AtC9e5j7CsfTN4e4cI17EZ7oaKnrCgDGO1e9MrSoxoZafU%2FS3A3jLncpQ6e3pxxDGFpItgg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-frontend
cc-nginx-554675d589-kzd26:cc-nginx-554675d589-kzd26
x-requestid
e7b4a679-438e-474e-9444-275436a606f7
params
shop.pe/widget/main/init/ 		260 B
247 B 		Script
General
Check archive.org
Download Go to
Full URL
https://shop.pe/widget/main/init/params?siteid=62fe5281eaf45204d3e94240&product=Buy%20New%20Tinnitus%20911%20Online&product_url=http%3A%2F%2Ffighttinnitusnow.com%2F&image=&price=&currency=undefined&rating=0&rating_count=0&review_count=0&stock_status=&description=&update_product=true&subcategory=&url=http%3A%2F%2Ffighttinnitusnow.com%2F&callback=AddShoppersWidget.load_widget&no_cookie_callback=AddShoppersWidget.load_no_cookie&rand=98899&cookie=&referer=
Requested by
Host: d3rr3d0n31t48m.cloudfront.net
URL: https://d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=5bce395
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.244.1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
1.244.227.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
46fe878f8bf02e18ddf250d5d98876821d4702b6b8c82caa7b72b0f83c35ae0f
Security Headers
Name Value
Content-Security-Policy frame-ancestors none;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options deny

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://fighttinnitusnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 15:27:12 GMT
content-security-policy
frame-ancestors none;
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
p3p
policyref="/w3c/p3p.xml", CP="CAO PSA OUR"
backend-version
47
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
data-regulation-gdpr-enforced
false
referrer-policy
no-referrer-when-downgrade
server
nginx
etag
W/"39233f0966ec13c6739540434cc503346cd43471"
x-frame-options
deny
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PATCH
content-type
text/javascript
access-control-allow-origin
https://my.addshoppers.com
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type, X-XSRFToken
params
shop.pe/widget/main/init/ 		1014 B
619 B 		Script
General
Check archive.org
Download Go to
Full URL
https://shop.pe/widget/main/init/params?siteid=62fe5281eaf45204d3e94240&product=Buy%20New%20Tinnitus%20911%20Online&product_url=http%3A%2F%2Ffighttinnitusnow.com%2F&image=&price=&currency=undefined&rating=0&rating_count=0&review_count=0&stock_status=&description=&update_product=true&subcategory=&url=http%3A%2F%2Ffighttinnitusnow.com%2F&callback=AddShoppersWidget.load_widget&rand=33347&cookie=2%7C1%3A0%7C10%3A1672414032%7C15%3Aaddshoppers.com%7C44%3AODk4YjVmMDNlMmJjNGQ0N2JhMjVkNmI4N2Y5MmRkZjk%3D%7C7b28a73b154a766f9e1b22e9c78d0bdf72bb4bdbd9bf9eea42a0c5fc10f741da&referer=
Requested by
Host: d3rr3d0n31t48m.cloudfront.net
URL: https://d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=5bce395
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.244.1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
1.244.227.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
970b61f11e519cc468fc1808e7e94fc50c51c6d6b801f144c5fbcfdacce4aa03
Security Headers
Name Value
Content-Security-Policy frame-ancestors none;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options deny

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://fighttinnitusnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 15:27:12 GMT
content-security-policy
frame-ancestors none;
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
p3p
policyref="/w3c/p3p.xml", CP="CAO PSA OUR"
backend-version
47
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
data-regulation-gdpr-enforced
false
referrer-policy
no-referrer-when-downgrade
server
nginx
etag
W/"76c973588f7042283baa1099ab71590b5b2fb8a6"
x-frame-options
deny
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PATCH
content-type
text/javascript
access-control-allow-origin
https://my.addshoppers.com
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type, X-XSRFToken
6ff721a381644a81a3e4d5240ac68c35.js
addshoppers.s3.amazonaws.com/customize/62fe5281eaf45204d3e94240/ 		865 B
975 B 		Script
General
Check archive.org
Download Go to
Full URL
http://addshoppers.s3.amazonaws.com/customize/62fe5281eaf45204d3e94240/6ff721a381644a81a3e4d5240ac68c35.js?_t=1666205761
Requested by
Host: d3rr3d0n31t48m.cloudfront.net
URL: https://d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=5bce395
Protocol
HTTP/1.1
Server
54.231.130.17 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
e0da7b14d3fd8ff7cc5b2c005ef3992e2b6e1067236a2caf5c237be9ba680e5b

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://fighttinnitusnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 30 Dec 2022 15:27:13 GMT
Content-Encoding
gzip
x-amz-version-id
hLkLbfb_CQZyGofhYYgGC29O_zDeZzn8
Last-Modified
Wed, 19 Oct 2022 18:56:03 GMT
Server
AmazonS3
x-amz-request-id
WGP1Q5RW5K5PTKVQ
ETag
"39c90c4ce3d08fa9d2d5a76d4bb11000"
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=2592000, public
Accept-Ranges
bytes
Content-Length
475
x-amz-id-2
WJcs780P69OJ/+HKpS/aujqNaYbAwXIvZk1HyXJsSpCcb+R2WjuWCD/TUWeL80TAgV5xnepGVc4=
input.js
shopper.shop.pe/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shopper.shop.pe/input.js
Requested by
Host: shop.pe
URL: https://shop.pe/widget/widget_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.54.17 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
17.54.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
bc1f719ad8a9fb36c5f164463ae53ad79a27e84143b027da42c6ee08021ff399

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://fighttinnitusnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 14:45:51 GMT
content-encoding
gzip
age
2481
x-guploader-uploadid
ADPycdtLkvzvyLEMRCJTr8LUggjqa0fLO7ajyB9Sug4o8kgfCQKwYu_bMX1PhEcQlKi5U9vxThXsXeAlqRlssb5nc_Ml0sGs69DR
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8877
last-modified
Tue, 01 Nov 2022 11:18:27 GMT
server
UploadServer
etag
"277671bdc75ca43b2c48464d6ab4278f"
vary
Accept-Encoding
x-goog-generation
1667301507739079
x-goog-hash
crc32c=d2ag2w==, md5=J3ZxvcdcpDssSEZNarQnjw==
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public, max-age=14400
x-goog-stored-content-length
8877
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
expires
Fri, 30 Dec 2022 18:45:51 GMT
iframe
nytrng.com/ Frame AB56 		418 B
510 B 		Document
General
Check archive.org
Download Go to
Full URL
https://nytrng.com/iframe?vcp=4dd5h0np&as_id=898b5f03e2bc4d47ba25d6b87f92ddf9
Requested by
Host: d3rr3d0n31t48m.cloudfront.net
URL: https://d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=5bce395
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.91.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a954c1fc80b8251dc.awsglobalaccelerator.com
Software
gunicorn /
Resource Hash
cb7e17b24793f769cc01fea57988e1858001544d7512d58a40051afb5dba4bed

Request headers

Referer
http://fighttinnitusnow.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
418
content-type
text/html; charset=utf-8
date
Fri, 30 Dec 2022 15:27:12 GMT
server
gunicorn
/
a.clickcertain.com/px/ta/ Frame 5ABC
Redirect Chain
  • https://a.clickcertain.com/px/ta/?ccid=4d355ef2-b007-4dd6-957c-7693d0415b97
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3318&partner_device_id=4d355ef2-b007-4dd6-957c-7693d0415b97&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3318&partner_device_id=4d355ef2-b007-4dd6-957c-7693d0415b97&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=f01f426a-a4bf-4922-970b-b9a5af91dc53%252Chttps%253A%252F%252Fa.clickcertain.com%252Fpx%252Fta%252F%253Fdone%253Dtrue%2526...
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=f01f426a-a4bf-4922-970b-b9a5af91dc53%252Chttps%253A%252F%252Fa.clickcertain.com%252Fpx%252Fta%252F%253Fdone%253Dtrue%2526...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=f213f17f-a402-43d7-9ca5-4f11a9989b83&ttd_puid=f01f426a-a4bf-4922-970b-b9a5af91dc53%2Chttps%3A%2F%2Fa.clickcertain.com%2Fp...
  • https://a.clickcertain.com/px/ta/?done=true&ta_id=f01f426a-a4bf-4922-970b-b9a5af91dc53
0
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.clickcertain.com/px/ta/?done=true&ta_id=f01f426a-a4bf-4922-970b-b9a5af91dc53
Requested by
Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=2340db90087cdda&ccid=4d355ef2-b007-4dd6-957c-7693d0415b97&cn=CA
Protocol
H2
Server
2606:4700:20::681a:932 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://a.clickcertain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 15:27:12 GMT
x-frontend
cc-nginx-554675d589-6w7v6:cc-nginx-554675d589-6w7v6
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-requestid
c27481ae-3b1d-46a9-828e-8698877ac3ae
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZsQgdiCe9xLftKwBi2vvlamx3W4XhEqMfdpH8eIODfvVWMnJGUOGkFJXv65BCvthtluzrVDX3TgRYVlHwygRSyXJcO1hYx0fjAjLGs1BTJFMzLp9GZ2VzPizy8g4xrIrbRTIeb8eHAkaA1j60bFkXw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
781bcc57cdf4a232-YYZ

Redirect headers

date
Fri, 30 Dec 2022 15:27:12 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://a.clickcertain.com/px/ta/?done=true&ta_id=f01f426a-a4bf-4922-970b-b9a5af91dc53
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
a.clickcertain.com/px/t/ Frame 5ABC
Redirect Chain
  • https://a.usbrowserspeed.com/cs?puid=76c2f0e7-ca1c-5a1f-8008-d57fd1befbc8&pid=lc&r=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2ft%2f%3fdone%3dtrue%26uid%3d%24%7bDEVICE_ID%7d%26hem%3d%24%7bHEM_SHA256...
  • https://a.clickcertain.com/px/t/?done=true&uid=d02c430b-e22e-49ba-8481-da5651c2368f&hem=
0
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.clickcertain.com/px/t/?done=true&uid=d02c430b-e22e-49ba-8481-da5651c2368f&hem=
Requested by
Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=2340db90087cdda&ccid=4d355ef2-b007-4dd6-957c-7693d0415b97&cn=CA
Protocol
H2
Server
2606:4700:20::681a:932 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://a.clickcertain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 15:27:12 GMT
x-frontend
cc-nginx-554675d589-wzcvz:cc-nginx-554675d589-wzcvz
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-requestid
968e2c77-c824-4d74-a2b6-2f5248740c7a
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QY2lyxYqh2ug0pv%2B8%2FgBJPQUS9IUaDfHcWWbgTb9aiVMMoQZuWQFKD0inl1nYTBkS%2BlGuG2UHaABU%2F%2BKd7WEqHzsskN1ghpTCNAZKBVwtZagw0ajM5AwTCiJhyxXyyqi3kadqdliQte%2Bwiu%2BSL4H%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
781bcc577d5aa232-YYZ

Redirect headers

location
https://a.clickcertain.com/px/t/?done=true&uid=d02c430b-e22e-49ba-8481-da5651c2368f&hem=
date
Fri, 30 Dec 2022 15:27:12 GMT
server
awselb/2.0
content-length
119
content-type
text/html; charset=utf-8
sync
x.bidswitch.net/ul_cb/ Frame 5ABC
Redirect Chain
  • https://a.clickcertain.com/px/r/?ccid=4d355ef2-b007-4dd6-957c-7693d0415b97
  • https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=4d355ef2-b007-4dd6-957c-7693d0415b97&ccid=4d355ef2-b007-4dd6-957c-7693d0415b97&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%25...
  • https://a.clickcertain.com/px/li/?ccid=4d355ef2-b007-4dd6-957c-7693d0415b97&redir=https%3a%2f%2fcm%2eg%2edoubleclick%2enet%2fpixel%3fgoogle_nid%3dclickcertain%26google_cm%3d1%26google_sc%3d1%26redi...
  • https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3a%2f%2fsecure%2eadnxs%2ecom%2fgetuidu%3fhttps%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2...
  • https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2...
  • https://a.clickcertain.com/px/img/g/?redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D4d355ef2%2Db007%2D4dd...
  • https://secure.adnxs.com/getuidu?https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=4d355ef2-b007-4dd6-957c-7693d0415b97&anx_uId=$UID
  • https://secure.adnxs.com/bounce?%2Fgetuidu%3Fhttps%3A%2F%2Fa.clickcertain.com%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D4d355ef2-b007-4dd6-957c-7693d0415b97%26anx_uId%3D%24UID
  • https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=4d355ef2-b007-4dd6-957c-7693d0415b97&anx_uId=68055839952446957
  • https://x.bidswitch.net/sync?dsp_id=179&user_id=4d355ef2-b007-4dd6-957c-7693d0415b97&expires=5&user_group=0
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=179&user_id=4d355ef2-b007-4dd6-957c-7693d0415b97&expires=5&user_group=0
43 B
510 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/ul_cb/sync?dsp_id=179&user_id=4d355ef2-b007-4dd6-957c-7693d0415b97&expires=5&user_group=0
Requested by
Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=2340db90087cdda&ccid=4d355ef2-b007-4dd6-957c-7693d0415b97&cn=CA
Protocol
HTTP/1.1
Server
35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://a.clickcertain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 30 Dec 2022 15:27:13 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://x.bidswitch.net/ul_cb/sync?dsp_id=179&user_id=4d355ef2-b007-4dd6-957c-7693d0415b97&expires=5&user_group=0
Date
Fri, 30 Dec 2022 15:27:13 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
consent
shop.pe/query/datareg/ 		0
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shop.pe/query/datareg/consent
Requested by
Host: shopper.shop.pe
URL: https://shopper.shop.pe/input.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.244.1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
1.244.227.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors none;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options deny

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://fighttinnitusnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 15:27:12 GMT
content-security-policy
frame-ancestors none;
via
1.1 google
strict-transport-security
max-age=31536000; includeSubDomains
p3p
policyref="/w3c/p3p.xml", CP="CAO PSA OUR"
backend-version
47
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
data-regulation-gdpr-enforced
false
referrer-policy
no-referrer-when-downgrade
server
nginx
etag
"da39a3ee5e6b4b0d3255bfef95601890afd80709"
x-frame-options
deny
access-control-allow-methods
HEAD, GET, POST
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
Data-Regulation-Gdpr-Enforced
access-control-allow-headers
X-Requested-With, Content-Type, Data-Regulation-Gdpr-Enforced
pl.2.2.min.js
cdn.nytrng.com/ Frame AB56 		7 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.nytrng.com/pl.2.2.min.js
Requested by
Host: nytrng.com
URL: https://nytrng.com/iframe?vcp=4dd5h0np&as_id=898b5f03e2bc4d47ba25d6b87f92ddf9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-55.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d49d2a6dc89c60b16d37b5c050c401a95e54b48865c33518d11aa49f4aef01aa

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nytrng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
8orrD9zEZlFOFms3PR7pDugsAN7irKg0
date
Tue, 27 Dec 2022 16:27:11 GMT
via
1.1 6ea9421ec132e3640100792ef9535494.cloudfront.net (CloudFront)
last-modified
Thu, 01 Jul 2021 10:09:45 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P5
age
2162228
etag
"1ba5d1971ac96b0ca46300a7cb63b363"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
7518
x-amz-cf-id
GcrUtpMi7ZmQYET0iOUg78dPRNfAEZk1wz_axy0I5LwWwiH1oi5mhA==
5b5dea3c75cd4f46a42d36e32e8b2ee1
nytrng.com/mper/ Frame AB56
Redirect Chain
  • https://nytrng.com/mper
  • https://nytrng.com/mper/5b5dea3c75cd4f46a42d36e32e8b2ee1
58 B
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nytrng.com/mper/5b5dea3c75cd4f46a42d36e32e8b2ee1
Protocol
H2
Server
75.2.91.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a954c1fc80b8251dc.awsglobalaccelerator.com
Software
gunicorn /
Resource Hash
ccf82170d51baf543aed21cda24f0819503d4942f85b69dedb69ebbf4cf76a14

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nytrng.com/iframe?vcp=4dd5h0np&as_id=898b5f03e2bc4d47ba25d6b87f92ddf9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 15:27:12 GMT
server
gunicorn
content-length
58
content-type
application/json

Redirect headers

location
https://nytrng.com/mper/5b5dea3c75cd4f46a42d36e32e8b2ee1
date
Fri, 30 Dec 2022 15:27:12 GMT
server
gunicorn
content-length
318
content-type
text/html; charset=utf-8
lst
nytrng.com/ Frame AB56 		207 B
702 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nytrng.com/lst
Requested by
Host: cdn.nytrng.com
URL: https://cdn.nytrng.com/pl.2.2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.91.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a954c1fc80b8251dc.awsglobalaccelerator.com
Software
gunicorn /
Resource Hash
a2a08b1d68e5f41247102879240c2cb477ee149ffffc8d84afbcab7e7fee5aab

Request headers

Referer
https://nytrng.com/iframe?vcp=4dd5h0np&as_id=898b5f03e2bc4d47ba25d6b87f92ddf9
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 30 Dec 2022 15:27:12 GMT
server
gunicorn
vary
Origin
p3p
CP="NOI OUR BUS UNI COM NAV"
access-control-allow-origin
https://nytrng.com
content-type
application/json
cache-control
no-cache
access-control-allow-credentials
true
content-length
207
expires
Fri, 30 Dec 2022 15:27:13 GMT
/
www.facebook.com/tr/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1633176130275463&ev=Microdata&dl=http%3A%2F%2Ffighttinnitusnow.com%2F&rl=&if=false&ts=1672414033075&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Buy%20New%20Tinnitus%20911%20Online%22%2C%22meta%3Adescription%22%3A%22Is%20your%20life%20troubled%20by%20hidden%20constipation%3F%20Protect%20your%20health%20with%20all%20natural%20proven%20ingredients.%20Read%20reviews%20and%20buy%20new%20Tinnitus%20911%20Online%20at%20PhytAge%20Labs.%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.90&r=stable&ec=1&o=30&fbp=fb.1.1672414031569.1593481255&it=1672414031415&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://fighttinnitusnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 30 Dec 2022 15:27:13 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i

Verdicts & Comments Add Verdict or Comment

186 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| oncontentvisibilityautostatechange function| _add_ctag undefined| body object| _pa string| GoogleAnalyticsObject function| ga object| _at object| uetq object| _paq object| JSON_PIWIK object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log object| AddShoppersWidgetOptions function| $ function| jQuery function| fbq function| _fbq object| LI object| __li__evt_bus object| liQ object| liQ_instances function| facebookEventsHelper function| googleAdsEventsHelper object| dataLayer object| _pq undefined| _aimtellPushToken boolean| _aimtellRanScript undefined| _aimtellSubscriberID undefined| _aimtellRefreshResult undefined| trackData undefined| _aimtellTrackData undefined| _aimtellDebug undefined| aimtellDebugBox string| _aimtellAPI boolean| _aimtellSWInitiated boolean| _aimtellNewSubscriberID number| _aimtellVersion object| _aimtellDebugQueue number| _aimtellDebugQueueActive boolean| _aimtellPrompted string| _aimtellUserDefinedWorker object| _aimtellWebsiteConfiguration object| _aimtellFunnelPixel object| _aimtellUpdateViaCache string| _aimtellWorkerScope object| _aimtellPreSubscriberTrackData object| _aimtellServiceWorker string| _aimtellCurrentPage object| _aimtellPromptConfiguration object| _aimtellPageLoadAttributes function| _aimtellDeferred function| _aimtellGetUrlVars function| _aimtellGetDeviceType function| _aimtellGetPageDetails function| _aimtellLoadBeacon function| _aimtellCrossDomainSubscriberID function| _aimtellCrossDomainSuppression function| _aimtellGetReferrer function| _aimtellGetLanguage function| _aimtellAbandonedFunnel function| _aimtellAbandonPage function| _aimtellGetResolution function| _aimtellGetBrowserInfo function| _aimtellGetSystemInfo function| _aimtellDebugger function| _aimtellDebugQueueProcess function| _aimtellLogDebug function| _aimtellInitialize function| _aimtellSPAOptinHelper function| _aimtellPromptConfig function| _aimtellEnablePageDelayPrompt function| _aimtellEnableScrollDelayPrompt function| _aimtellEnableSecondsDelayPrompt function| _aimtellGetSiteConfig function| _aimtellGetPercentageScrolled function| _aimtellLoadPrompt function| _aimtellPromptApprove function| _aimtellPromptDeny function| _aimtellPromptCancel function| _aimtellGetSubscriberID function| _aimtellIsNewData function| _aimtellTrack function| _aimtellAppendManifestHeader function| _aimtellGetManifestLocation function| _aimtellGetWebsiteConfiguration function| _aimtellGetGCMID function| _aimtellLogError function| _aimtellGetSubscriberIDFromToken function| _aimtellGetSubscriberAttributes function| _aimtellGenerateID function| _aimtellGetCookie function| _aimtellSetCookie function| _aimtellDeleteCookie function| _aimtellHashString function| _aimtellTrackAttributes function| _aimtellForcePrompt function| _aimtellPrompt function| _aimtellAlias function| _aimtellTrackEvent function| _aimtellAbandonedCart function| _aimtellTc undefined| logid undefined| subscriber_uid undefined| webURL function| _aimtellGetPushToken function| _aimtellSupportsPush function| _aimtellCheckHTTPS function| _aimtellListener function| _webpushCheckPermissions function| _webpushSupportsPush function| _webpushPrompt function| _webpushRunNative function| _webpushGetSubscriberIDFromToken function| _webpushTrackAttributes function| _webpushGetToken function| _webpushTrackEvent function| _webpushGetSubscriberID function| _aimtellCheckPermissions function| _aimtellRunNative function| _aimtellDelWidgetNotification function| _aimtellDelAllWidgetNotification function| _aimtellCheckNotificationRemaining function| _aimtellClickedNotification function| _aimtellShowNotificationCenter function| _aimtellHideNotificationCenter function| _aimtellAppendNotification function| _aimtellShowNoNotifications function| _aimtellShowNotSubscribed function| _aimtellLaunchNotificationCenter function| _aimtellGetWidgetNotifications function| _aimtellFillNotifications function| _aimtellWidgetPermissionGrantedCallback function| _aimtellPermissionDeniedCallbacks function| _aimtellPermissionIgnoredCallbacks function| _aimtellWebhook function| _aimtellPermissionGrantedCallbacks function| _aimtellSubscribe function| _aimtellUrlBase64ToUint8Array function| _aimtellExtractSubscriptionId function| _aimtellSendSubscriptionToServer function| _aimtellAmplifySubscriberWorkerData function| _aimtellRegisterWorker function| _aimtellValidateWorker function| _aimtellSendWorkerMessage function| _aimtellLoadIntegrations function| _aimtellLoad function| _aimtellProcessQueue function| _aimtellCheckConflictWorker function| _aimtellSignal function| _aimtellInitWorker function| _aimtellForceRefreshSW object| google_tag_manager object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| UET function| UET_init function| UET_push object| ueto_c4d65f884a object| AddShoppersLoader function| AddShoppersTriggerRunner function| as_cleanse_field function| as_detect_cc function| as_gaPageView function| as_gaSocial function| as_gaEvent function| as_gaSet function| as_logMessage function| as_logError object| _mag object| AddShoppersWidget function| AddShoppersWidget_plus_one object| SchemaParser object| _add number| ieVer object| obj number| AddShoppersWidgetLoaded object| AddShoppersWidgetLang object| result boolean| _iml boolean| is_mocked

33 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: MgYIkgEQ-xM
a.clickcertain.com/ Name: _ccpx_u
Value: 4d355ef2%2db007%2d4dd6%2d957c%2d7693d0415b97
a.clickcertain.com/ Name: _ccpx_2340db90087cdda
Value: 1
a.clickcertain.com/ Name: _ccpx
Value: 2340db90087cdda
fighttinnitusnow.com/ Name: _pk_id.11.8793
Value: b67b96d2fcbe35e2.1672414031.1.1672414031.1672414031.
fighttinnitusnow.com/ Name: _pk_ses.11.8793
Value: 1
.fighttinnitusnow.com/ Name: _li_dcdm_c
Value: .fighttinnitusnow.com
.fighttinnitusnow.com/ Name: _lc2_fpi
Value: 1afbc895fcee--01gnht9ve6yz3mrq0xwr152p9p
.bing.com/ Name: MUID
Value: 0D25DBBCDD7A6A681C39C936DCD06B0F
.bat.bing.com/ Name: MR
Value: 0
.fighttinnitusnow.com/ Name: _ga
Value: GA1.2.1943989372.1672414031
.fighttinnitusnow.com/ Name: _gid
Value: GA1.2.459575824.1672414031
.fighttinnitusnow.com/ Name: _gat
Value: 1
.fighttinnitusnow.com/ Name: _uetsid
Value: 6e190aa0885611ed84a195286f9cbb71
.fighttinnitusnow.com/ Name: _uetvid
Value: 6e1925f0885611ed9f04e9bacb52c86b
.liadm.com/ Name: lidid
Value: d162d3d8-3645-4a45-a759-f2409392fd16
.prfct.co/ Name: pa_uid
Value: pa_13C5eLktT0w0aLclY
.fighttinnitusnow.com/ Name: _fbp
Value: fb.1.1672414031569.1593481255
shop.pe/ Name: addshoppers
Value: "2|1:0|10:1672414032|11:addshoppers|44:ODk4YjVmMDNlMmJjNGQ0N2JhMjVkNmI4N2Y5MmRkZjk=|51acae290674f472d7499b2f24ee7585ef6b98d903505af0701a6bfbeea56315"
fighttinnitusnow.com/ Name: addshoppers.com
Value: 2%7C1%3A0%7C10%3A1672414032%7C15%3Aaddshoppers.com%7C44%3AODk4YjVmMDNlMmJjNGQ0N2JhMjVkNmI4N2Y5MmRkZjk%3D%7C7b28a73b154a766f9e1b22e9c78d0bdf72bb4bdbd9bf9eea42a0c5fc10f741da
.tapad.com/ Name: TapAd_TS
Value: 1672414032364
.tapad.com/ Name: TapAd_DID
Value: f01f426a-a4bf-4922-970b-b9a5af91dc53
.adsrvr.org/ Name: TDID
Value: f213f17f-a402-43d7-9ca5-4f11a9989b83
.a.usbrowserspeed.com/ Name: tuid
Value: d02c430b-e22e-49ba-8481-da5651c2368f
.adsrvr.org/ Name: TDCPM
Value: CAESFAoFdGFwYWQSCwio0au0i6G1OxAFGAUgASgCMgsIlP6L4aGhtTsQBTgB
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!8751
.doubleclick.net/ Name: IDE
Value: AHWqTUkAJt7Xqm91z6di8NdZ6BWN_uzd6FdWRABHrHWdckwD3SZONFSIU2e0nf5Qoqo
nytrng.com/ Name: vcnpxid
Value: 5b5dea3c75cd4f46a42d36e32e8b2ee1
nytrng.com/ Name: vcnpxst
Value: w5p4w5XDlcOmw4HDk8Kfw5LCu8OUw5rClsKIf3HClcKNwqHCoMKlwoLCj3PCkcKCwo_CjsOiw4PDjMKiw4TDiMOOw5vDmsKtw5LCpcOEw4TCkcKmwpR_w5w
.adnxs.com/ Name: uuid2
Value: 68055839952446957
.bidswitch.net/ Name: tuuid
Value: cb6b3503-bcf4-4ac8-bb93-c85983fc0b9a
.bidswitch.net/ Name: c
Value: 1672414033
.bidswitch.net/ Name: tuuid_lu
Value: 1672414033

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.clickcertain.com
a.remarketstats.com
a.usbrowserspeed.com
addshoppers.s3.amazonaws.com
ajax.googleapis.com
b-code.liadm.com
bat.bing.com
cdn.nytrng.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
d3rr3d0n31t48m.cloudfront.net
fighttinnitusnow.com
i.liadm.com
match.adsrvr.org
mgmtrack1.com
nytrng.com
pixel-geo.prfct.co
pixel.tapad.com
rp.liadm.com
rp4.liadm.com
s3.amazonaws.com
secure.adnxs.com
shop.pe
shopper.shop.pe
signals.aimtell.com
stats.g.doubleclick.net
tag.marinsm.com
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
x.bidswitch.net
107.178.246.49
142.250.81.226
151.101.192.65
18.164.96.15
18.164.96.55
209.59.155.42
2600:1f18:730:b110:ee02:ef72:6352:30c8
2600:9000:23cb:dc00:8:8845:1500:93a1
2606:4700:20::681a:37a
2606:4700:20::681a:932
2606:4700::6811:190e
2606:4700::6812:1e97
2607:f8b0:4004:c1b::9b
2607:f8b0:4006:80b::2004
2607:f8b0:4006:81d::200a
2607:f8b0:4006:81e::2003
2607:f8b0:4006:821::200e
2607:f8b0:4006:823::2008
2620:1ec:c11::200
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:182:face:b00c:0:25de
3.218.4.10
3.230.121.107
3.82.80.127
35.190.54.17
35.211.178.172
35.227.244.1
35.71.131.137
44.229.119.75
52.1.95.165
52.217.170.176
54.231.130.17
68.67.179.113
75.2.91.175
77.235.58.122
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
3f96f62d55f6f5c2f4033666ba5ab2cf7793b227a87ecbc80c4b47347edfdbcf
46fe878f8bf02e18ddf250d5d98876821d4702b6b8c82caa7b72b0f83c35ae0f
4b460f003c9a402d1a8427e296b14ab97bf3f9191718d3ab9c2e42ebfce5a6ce
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5019e13745d7ee4653cdd0dc070f4c9b73031081f8ee011723be3420783292ec
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9
5ea9947b55246bd7e281b10027a5ed301039077b0589afff470b73c561a93054
77eab3bf3f1836d792ba122c097683870f4e9ea3fad87fe9c88a7a6da2001d86
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
94561f9611f17e2b0cea3f2f1945c2458faf464c6fd7bb61bcfd296482fadc4b
970b61f11e519cc468fc1808e7e94fc50c51c6d6b801f144c5fbcfdacce4aa03
a2a08b1d68e5f41247102879240c2cb477ee149ffffc8d84afbcab7e7fee5aab
a2db98cdc73812f9b8bd7abbeeb40a1aa32bbbc2b48160d662ef8a54f8e93418
ac96cb4ac3f542c607b2e5886afc6187a8c5233df8f9ca9d3032af0590026503
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b8535c4b9821846e698c97047b10f9b6448a89f08f84cc896c99dde6ccb29534
bc1f719ad8a9fb36c5f164463ae53ad79a27e84143b027da42c6ee08021ff399
c1a5691de9a2df57911e1c7a921d17afe3a488f2f56935d55e04b22798820faf
c7683652510c333965f16602cd875d472340e983fdf19f8b7c5878a65ccd3f4a
cb7e17b24793f769cc01fea57988e1858001544d7512d58a40051afb5dba4bed
ccf82170d51baf543aed21cda24f0819503d4942f85b69dedb69ebbf4cf76a14
d49d2a6dc89c60b16d37b5c050c401a95e54b48865c33518d11aa49f4aef01aa
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
e0da7b14d3fd8ff7cc5b2c005ef3992e2b6e1067236a2caf5c237be9ba680e5b
e124bd334341346ad05a5b3a92f27a1b5b7c7fda0d7a78f8f9d1101b24d115ae
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50e9d8cd34b963dd55abd21c4564d14214dd910274a073d478ca7fe5334ebda
eeefd71ad3e1b0dd01673934a841bbc0ebeed9ec3d003d5e6f528adb6d240f82
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f14f4a539de52d9d27f18c7db120a25e2cb56b51b232af3cf5698959a1d17e78
f2c4b7d20ff42a433d0c76631c460cd75128f8f0436d052ce2cf79dc4fa6a244
f95b7c5a8e481da32ccaee4712dfb56ba7b1c535b25aa923dc2b12efcab50e94
fefaac34161c734602d398217c66b09109e0a9682bd53c190f838e3903d451fc